From aa710aac98885356cfb5bdfd237d2be8265ed2e6 Mon Sep 17 00:00:00 2001
From: Filip Skokan <panva.ip@gmail.com>
Date: Tue, 4 Oct 2022 13:39:41 +0200
Subject: [PATCH] fix(ext/crypto): ecdh spki key import/export roundtrip
 (#16152)

---
 cli/tests/unit/webcrypto_test.ts | 10 ++++++++++
 ext/crypto/export_key.rs         |  2 +-
 tools/wpt/expectation.json       |  4 ----
 3 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/cli/tests/unit/webcrypto_test.ts b/cli/tests/unit/webcrypto_test.ts
index c5f5dc6c2f..38f183c118 100644
--- a/cli/tests/unit/webcrypto_test.ts
+++ b/cli/tests/unit/webcrypto_test.ts
@@ -1919,3 +1919,13 @@ Deno.test(async function testImportLeadingZeroesKey() {
   assert(key instanceof CryptoKey);
   assertEquals(key.type, "private");
 });
+
+// https://github.com/denoland/deno/issues/15523
+Deno.test(async function testECspkiRoundTrip() {
+  const alg = { name: "ECDH", namedCurve: "P-256" };
+  const { publicKey } = await crypto.subtle.generateKey(alg, true, [
+    "deriveBits",
+  ]);
+  const spki = await crypto.subtle.exportKey("spki", publicKey);
+  await crypto.subtle.importKey("spki", spki, alg, true, []);
+});
diff --git a/ext/crypto/export_key.rs b/ext/crypto/export_key.rs
index e7814fea0f..0cbb2f6764 100644
--- a/ext/crypto/export_key.rs
+++ b/ext/crypto/export_key.rs
@@ -281,7 +281,7 @@ fn export_key_ec(
 
       let alg_id = match algorithm {
         ExportKeyAlgorithm::Ecdh { .. } => AlgorithmIdentifier {
-          oid: ObjectIdentifier::new_unwrap("1.3.132.1.12"),
+          oid: ObjectIdentifier::new_unwrap("1.2.840.10045.2.1"),
           parameters: alg_id.parameters,
         },
         _ => alg_id,
diff --git a/tools/wpt/expectation.json b/tools/wpt/expectation.json
index 98ce80dbff..79e22ea144 100644
--- a/tools/wpt/expectation.json
+++ b/tools/wpt/expectation.json
@@ -728,8 +728,6 @@
         "Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, false, [])",
         "Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [sign])",
         "Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, false, [sign])",
-        "Good parameters: P-256 bits (spki, buffer(91), {name: ECDH, namedCurve: P-256}, true, [])",
-        "Good parameters: P-384 bits (spki, buffer(120), {name: ECDH, namedCurve: P-384}, true, [])",
         "Good parameters: P-521 bits (spki, buffer(158), {name: ECDH, namedCurve: P-521}, true, [])",
         "Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-521}, true, [])",
         "Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveKey])",
@@ -756,8 +754,6 @@
         "Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, false, [])",
         "Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [sign])",
         "Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, false, [sign])",
-        "Good parameters: P-256 bits (spki, buffer(91), {name: ECDH, namedCurve: P-256}, true, [])",
-        "Good parameters: P-384 bits (spki, buffer(120), {name: ECDH, namedCurve: P-384}, true, [])",
         "Good parameters: P-521 bits (spki, buffer(158), {name: ECDH, namedCurve: P-521}, true, [])",
         "Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-521}, true, [])",
         "Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveKey])",