From d4ffcadeba2d6d9e71550b4dd3ee0877ba760e39 Mon Sep 17 00:00:00 2001
From: Daniel Huigens <d.huigens@protonmail.com>
Date: Wed, 6 Nov 2024 12:32:28 +0100
Subject: [PATCH] Allow `length=0` in HKDF and PBKDF2 derive bits operations
 (#380)

* Revert "Throw an OperationError in the PBKDF2 and HKDF derive bits operations if length is zero (#275)"

This reverts commit 6438d873659d934f52cd3b5a4a5641b16577c5ac.

* Properly handle length=0 in the PBKDF2 derive bits operation

RFC 8018 does not allow passing dkLen=0. Therefore, we explicitly
return an empty ArrayBuffer in that case.

* Explicitly return `ArrayBuffer`s in HKDF and PBKDF2

The algorithm registrations state that they return `ArrayBuffer`s,
but the operations did not.
---
 spec/Overview.html | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

diff --git a/spec/Overview.html b/spec/Overview.html
index 1b85fdb..2dc8de9 100644
--- a/spec/Overview.html
+++ b/spec/Overview.html
@@ -13105,7 +13105,7 @@ <h4>Operations</h4>
               <ol>
                 <li>
                   <p>
-                    If |length| is null or zero, or is not a multiple of 8, then [= exception/throw =] an {{OperationError}}.
+                    If |length| is null or is not a multiple of 8, then [= exception/throw =] an {{OperationError}}.
                   </p>
                 </li>
                 <li>
@@ -13160,7 +13160,8 @@ <h4>Operations</h4>
                 </li>
                 <li>
                   <p>
-                    Return |result|.
+                    Return the result of [= ArrayBuffer/create | creating =]
+                    an {{ArrayBuffer}} containing |result|.
                   </p>
                 </li>
               </ol>
@@ -13324,7 +13325,7 @@ <h4>Operations</h4>
               <ol>
                 <li>
                   <p>
-                    If |length| is null or zero, or is not a multiple of 8, then [= exception/throw =] an {{OperationError}}.
+                    If |length| is null or is not a multiple of 8, then [= exception/throw =] an {{OperationError}}.
                   </p>
                 </li>
                 <li>
@@ -13333,6 +13334,13 @@ <h4>Operations</h4>
                     then [= exception/throw =] an {{OperationError}}.
                   </p>
                 </li>
+                <li>
+                  <p>
+                    If |length| is zero, return the result of
+                    [= ArrayBuffer/create | creating =] an {{ArrayBuffer}}
+                    containing an empty [= byte sequence =].
+                  </p>
+                </li>
                 <li>
                   <p>
                     Let |prf| be the MAC Generation function described in Section 4 of
@@ -13362,7 +13370,8 @@ <h4>Operations</h4>
                 </li>
                 <li>
                   <p>
-                    Return |result|
+                    Return the result of [= ArrayBuffer/create | creating =]
+                    an {{ArrayBuffer}} containing |result|.
                   </p>
                 </li>
               </ol>