From bc175683b309a25275f7e5ca56951666d75827d0 Mon Sep 17 00:00:00 2001
From: Filip Skokan <panva.ip@gmail.com>
Date: Wed, 18 Jan 2023 19:07:26 +0100
Subject: [PATCH 01/12] crypto: add CryptoKey Symbol.toStringTag
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

closes #45987

PR-URL: https://github.com/nodejs/node/pull/46042
Fixes: https://github.com/nodejs/node/issues/45987
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Juan José Arboleda <soyjuanarbol@gmail.com>
Backport-PR-URL: https://github.com/nodejs/node/pull/47336
---
 lib/internal/crypto/keys.js            | 7 +++++++
 test/parallel/test-webcrypto-keygen.js | 8 ++++++++
 2 files changed, 15 insertions(+)

diff --git a/lib/internal/crypto/keys.js b/lib/internal/crypto/keys.js
index 4303dc44fe60d7..a6612e3b2a74ee 100644
--- a/lib/internal/crypto/keys.js
+++ b/lib/internal/crypto/keys.js
@@ -6,6 +6,7 @@ const {
   ObjectDefineProperty,
   ObjectSetPrototypeOf,
   Symbol,
+  SymbolToStringTag,
   Uint8Array,
 } = primordials;
 
@@ -697,6 +698,12 @@ class CryptoKey extends JSTransferable {
   }
 }
 
+ObjectDefineProperty(CryptoKey.prototype, SymbolToStringTag, {
+  __proto__: null,
+  configurable: true,
+  value: 'CryptoKey',
+});
+
 // All internal code must use new InternalCryptoKey to create
 // CryptoKey instances. The CryptoKey class is exposed to end
 // user code but is not permitted to be constructed directly.
diff --git a/test/parallel/test-webcrypto-keygen.js b/test/parallel/test-webcrypto-keygen.js
index 5acea2debdd292..a18ab84f89ba63 100644
--- a/test/parallel/test-webcrypto-keygen.js
+++ b/test/parallel/test-webcrypto-keygen.js
@@ -277,6 +277,8 @@ const vectors = {
 
     assert.strictEqual(publicKey.type, 'public');
     assert.strictEqual(privateKey.type, 'private');
+    assert.strictEqual(publicKey.toString(), '[object CryptoKey]');
+    assert.strictEqual(privateKey.toString(), '[object CryptoKey]');
     assert.strictEqual(publicKey.extractable, true);
     assert.strictEqual(privateKey.extractable, true);
     assert.deepStrictEqual(publicKey.usages, publicUsages);
@@ -439,6 +441,8 @@ const vectors = {
 
     assert.strictEqual(publicKey.type, 'public');
     assert.strictEqual(privateKey.type, 'private');
+    assert.strictEqual(publicKey.toString(), '[object CryptoKey]');
+    assert.strictEqual(privateKey.toString(), '[object CryptoKey]');
     assert.strictEqual(publicKey.extractable, true);
     assert.strictEqual(privateKey.extractable, true);
     assert.deepStrictEqual(publicKey.usages, publicUsages);
@@ -503,6 +507,7 @@ const vectors = {
     assert(isCryptoKey(key));
 
     assert.strictEqual(key.type, 'secret');
+    assert.strictEqual(key.toString(), '[object CryptoKey]');
     assert.strictEqual(key.extractable, true);
     assert.deepStrictEqual(key.usages, usages);
     assert.strictEqual(key.algorithm.name, name);
@@ -562,6 +567,7 @@ const vectors = {
     assert(isCryptoKey(key));
 
     assert.strictEqual(key.type, 'secret');
+    assert.strictEqual(key.toString(), '[object CryptoKey]');
     assert.strictEqual(key.extractable, true);
     assert.deepStrictEqual(key.usages, usages);
     assert.strictEqual(key.algorithm.name, 'HMAC');
@@ -629,6 +635,8 @@ assert.throws(() => new CryptoKey(), { code: 'ERR_ILLEGAL_CONSTRUCTOR' });
 
     assert.strictEqual(publicKey.type, 'public');
     assert.strictEqual(privateKey.type, 'private');
+    assert.strictEqual(publicKey.toString(), '[object CryptoKey]');
+    assert.strictEqual(privateKey.toString(), '[object CryptoKey]');
     assert.strictEqual(publicKey.extractable, true);
     assert.strictEqual(privateKey.extractable, true);
     assert.deepStrictEqual(publicKey.usages, publicUsages);

From cca5940b35675820caaacf90a0dbc989697c7597 Mon Sep 17 00:00:00 2001
From: Filip Skokan <panva.ip@gmail.com>
Date: Tue, 3 Jan 2023 17:34:41 +0100
Subject: [PATCH 02/12] crypto: add KeyObject Symbol.toStringTag
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR-URL: https://github.com/nodejs/node/pull/46043
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Backport-PR-URL: https://github.com/nodejs/node/pull/47336
---
 lib/internal/crypto/keys.js              | 6 ++++++
 test/parallel/test-crypto-key-objects.js | 6 ++++++
 2 files changed, 12 insertions(+)

diff --git a/lib/internal/crypto/keys.js b/lib/internal/crypto/keys.js
index a6612e3b2a74ee..b26c85c1b59b8d 100644
--- a/lib/internal/crypto/keys.js
+++ b/lib/internal/crypto/keys.js
@@ -137,6 +137,12 @@ const {
     }
   }
 
+  ObjectDefineProperty(KeyObject.prototype, SymbolToStringTag, {
+    __proto__: null,
+    configurable: true,
+    value: 'KeyObject',
+  });
+
   class SecretKeyObject extends KeyObject {
     constructor(handle) {
       super('secret', handle);
diff --git a/test/parallel/test-crypto-key-objects.js b/test/parallel/test-crypto-key-objects.js
index 93e7cca3fbbdbd..84e32de6ba1ae9 100644
--- a/test/parallel/test-crypto-key-objects.js
+++ b/test/parallel/test-crypto-key-objects.js
@@ -69,6 +69,7 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
   const keybuf = randomBytes(32);
   const key = createSecretKey(keybuf);
   assert.strictEqual(key.type, 'secret');
+  assert.strictEqual(key.toString(), '[object KeyObject]');
   assert.strictEqual(key.symmetricKeySize, 32);
   assert.strictEqual(key.asymmetricKeyType, undefined);
   assert.strictEqual(key.asymmetricKeyDetails, undefined);
@@ -150,27 +151,32 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
 
   const publicKey = createPublicKey(publicPem);
   assert.strictEqual(publicKey.type, 'public');
+  assert.strictEqual(publicKey.toString(), '[object KeyObject]');
   assert.strictEqual(publicKey.asymmetricKeyType, 'rsa');
   assert.strictEqual(publicKey.symmetricKeySize, undefined);
 
   const privateKey = createPrivateKey(privatePem);
   assert.strictEqual(privateKey.type, 'private');
+  assert.strictEqual(privateKey.toString(), '[object KeyObject]');
   assert.strictEqual(privateKey.asymmetricKeyType, 'rsa');
   assert.strictEqual(privateKey.symmetricKeySize, undefined);
 
   // It should be possible to derive a public key from a private key.
   const derivedPublicKey = createPublicKey(privateKey);
   assert.strictEqual(derivedPublicKey.type, 'public');
+  assert.strictEqual(derivedPublicKey.toString(), '[object KeyObject]');
   assert.strictEqual(derivedPublicKey.asymmetricKeyType, 'rsa');
   assert.strictEqual(derivedPublicKey.symmetricKeySize, undefined);
 
   const publicKeyFromJwk = createPublicKey({ key: publicJwk, format: 'jwk' });
   assert.strictEqual(publicKey.type, 'public');
+  assert.strictEqual(publicKey.toString(), '[object KeyObject]');
   assert.strictEqual(publicKey.asymmetricKeyType, 'rsa');
   assert.strictEqual(publicKey.symmetricKeySize, undefined);
 
   const privateKeyFromJwk = createPrivateKey({ key: jwk, format: 'jwk' });
   assert.strictEqual(privateKey.type, 'private');
+  assert.strictEqual(privateKey.toString(), '[object KeyObject]');
   assert.strictEqual(privateKey.asymmetricKeyType, 'rsa');
   assert.strictEqual(privateKey.symmetricKeySize, undefined);
 

From c7c5011a75b2c293394155077bde26c846400b1f Mon Sep 17 00:00:00 2001
From: Filip Skokan <panva.ip@gmail.com>
Date: Mon, 7 Nov 2022 07:35:35 +0100
Subject: [PATCH 03/12] crypto: handle more webcrypto errors with
 OperationError
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR-URL: https://github.com/nodejs/node/pull/45320
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Backport-PR-URL: https://github.com/nodejs/node/pull/47336
---
 lib/internal/crypto/aes.js             |  8 ++++----
 lib/internal/crypto/cfrg.js            |  4 ++--
 lib/internal/crypto/diffiehellman.js   |  6 +++++-
 lib/internal/crypto/ec.js              |  4 ++--
 lib/internal/crypto/hash.js            |  2 +-
 lib/internal/crypto/mac.js             |  2 +-
 lib/internal/crypto/rsa.js             |  6 +++---
 lib/internal/crypto/util.js            | 11 ++++++++---
 test/parallel/test-webcrypto-digest.js |  2 +-
 9 files changed, 27 insertions(+), 18 deletions(-)

diff --git a/lib/internal/crypto/aes.js b/lib/internal/crypto/aes.js
index 79ca61c5ff2097..e716caedd050de 100644
--- a/lib/internal/crypto/aes.js
+++ b/lib/internal/crypto/aes.js
@@ -124,7 +124,7 @@ function asyncAesCtrCipher(mode, key, data, { counter, length }) {
       'OperationError');
   }
 
-  return jobPromise(new AESCipherJob(
+  return jobPromise(() => new AESCipherJob(
     kCryptoJobAsync,
     mode,
     key[kKeyObject][kHandle],
@@ -137,7 +137,7 @@ function asyncAesCtrCipher(mode, key, data, { counter, length }) {
 function asyncAesCbcCipher(mode, key, data, { iv }) {
   iv = getArrayBufferOrView(iv, 'algorithm.iv');
   validateByteLength(iv, 'algorithm.iv', 16);
-  return jobPromise(new AESCipherJob(
+  return jobPromise(() => new AESCipherJob(
     kCryptoJobAsync,
     mode,
     key[kKeyObject][kHandle],
@@ -147,7 +147,7 @@ function asyncAesCbcCipher(mode, key, data, { iv }) {
 }
 
 function asyncAesKwCipher(mode, key, data) {
-  return jobPromise(new AESCipherJob(
+  return jobPromise(() => new AESCipherJob(
     kCryptoJobAsync,
     mode,
     key[kKeyObject][kHandle],
@@ -201,7 +201,7 @@ function asyncAesGcmCipher(
       break;
   }
 
-  return jobPromise(new AESCipherJob(
+  return jobPromise(() => new AESCipherJob(
     kCryptoJobAsync,
     mode,
     key[kKeyObject][kHandle],
diff --git a/lib/internal/crypto/cfrg.js b/lib/internal/crypto/cfrg.js
index 17358c7ccca23d..98e236052f555e 100644
--- a/lib/internal/crypto/cfrg.js
+++ b/lib/internal/crypto/cfrg.js
@@ -194,7 +194,7 @@ async function cfrgGenerateKey(algorithm, extractable, keyUsages) {
 
 function cfrgExportKey(key, format) {
   emitExperimentalWarning(`The ${key.algorithm.name} Web Crypto API algorithm`);
-  return jobPromise(new ECKeyExportJob(
+  return jobPromise(() => new ECKeyExportJob(
     kCryptoJobAsync,
     format,
     key[kKeyObject][kHandle]));
@@ -323,7 +323,7 @@ function eddsaSignVerify(key, data, { name, context }, signature) {
     }
   }
 
-  return jobPromise(new SignJob(
+  return jobPromise(() => new SignJob(
     kCryptoJobAsync,
     mode,
     key[kKeyObject][kHandle],
diff --git a/lib/internal/crypto/diffiehellman.js b/lib/internal/crypto/diffiehellman.js
index 62107a31a4f9e8..ac37e45a8b6b99 100644
--- a/lib/internal/crypto/diffiehellman.js
+++ b/lib/internal/crypto/diffiehellman.js
@@ -377,7 +377,11 @@ async function asyncDeriveBitsECDH(algorithm, baseKey, length) {
       key.algorithm.name === 'ECDH' ? baseKey.algorithm.namedCurve : baseKey.algorithm.name,
       key[kKeyObject][kHandle],
       baseKey[kKeyObject][kHandle], (err, bits) => {
-        if (err) return reject(err);
+        if (err) {
+          return reject(lazyDOMException(
+            'The operation failed for an operation-specific reason',
+            'OperationError'));
+        }
         resolve(bits);
       });
   });
diff --git a/lib/internal/crypto/ec.js b/lib/internal/crypto/ec.js
index ed7484dbbb596e..e39d443941dba7 100644
--- a/lib/internal/crypto/ec.js
+++ b/lib/internal/crypto/ec.js
@@ -151,7 +151,7 @@ async function ecGenerateKey(algorithm, extractable, keyUsages) {
 }
 
 function ecExportKey(key, format) {
-  return jobPromise(new ECKeyExportJob(
+  return jobPromise(() => new ECKeyExportJob(
     kCryptoJobAsync,
     format,
     key[kKeyObject][kHandle]));
@@ -286,7 +286,7 @@ function ecdsaSignVerify(key, data, { name, hash }, signature) {
     throw new ERR_MISSING_OPTION('algorithm.hash');
   const hashname = normalizeHashName(hash.name);
 
-  return jobPromise(new SignJob(
+  return jobPromise(() => new SignJob(
     kCryptoJobAsync,
     mode,
     key[kKeyObject][kHandle],
diff --git a/lib/internal/crypto/hash.js b/lib/internal/crypto/hash.js
index 956053af0a8c2c..72d127b37cbeb6 100644
--- a/lib/internal/crypto/hash.js
+++ b/lib/internal/crypto/hash.js
@@ -183,7 +183,7 @@ async function asyncDigest(algorithm, data) {
     case 'SHA-384':
       // Fall through
     case 'SHA-512':
-      return jobPromise(new HashJob(
+      return jobPromise(() => new HashJob(
         kCryptoJobAsync,
         normalizeHashName(algorithm.name),
         data,
diff --git a/lib/internal/crypto/mac.js b/lib/internal/crypto/mac.js
index 15b3378e2eda64..f08ed611142bc0 100644
--- a/lib/internal/crypto/mac.js
+++ b/lib/internal/crypto/mac.js
@@ -184,7 +184,7 @@ async function hmacImportKey(
 
 function hmacSignVerify(key, data, algorithm, signature) {
   const mode = signature === undefined ? kSignJobModeSign : kSignJobModeVerify;
-  return jobPromise(new HmacJob(
+  return jobPromise(() => new HmacJob(
     kCryptoJobAsync,
     mode,
     normalizeHashName(key.algorithm.hash.name),
diff --git a/lib/internal/crypto/rsa.js b/lib/internal/crypto/rsa.js
index fa6928e4d78f06..3fe7f4fef4aef3 100644
--- a/lib/internal/crypto/rsa.js
+++ b/lib/internal/crypto/rsa.js
@@ -116,7 +116,7 @@ function rsaOaepCipher(mode, key, data, { label }) {
     validateMaxBufferLength(label, 'algorithm.label');
   }
 
-  return jobPromise(new RSACipherJob(
+  return jobPromise(() => new RSACipherJob(
     kCryptoJobAsync,
     mode,
     key[kKeyObject][kHandle],
@@ -224,7 +224,7 @@ async function rsaKeyGenerate(
 }
 
 function rsaExportKey(key, format) {
-  return jobPromise(new RSAKeyExportJob(
+  return jobPromise(() => new RSAKeyExportJob(
     kCryptoJobAsync,
     format,
     key[kKeyObject][kHandle],
@@ -347,7 +347,7 @@ function rsaSignVerify(key, data, { saltLength }, signature) {
   if (key.type !== type)
     throw lazyDOMException(`Key must be a ${type} key`, 'InvalidAccessError');
 
-  return jobPromise(new SignJob(
+  return jobPromise(() => new SignJob(
     kCryptoJobAsync,
     signature === undefined ? kSignJobModeSign : kSignJobModeVerify,
     key[kKeyObject][kHandle],
diff --git a/lib/internal/crypto/util.js b/lib/internal/crypto/util.js
index dbd816cff99e9f..b6b84c441ad742 100644
--- a/lib/internal/crypto/util.js
+++ b/lib/internal/crypto/util.js
@@ -287,10 +287,15 @@ function onDone(resolve, reject, err, result) {
   resolve(result);
 }
 
-function jobPromise(job) {
+function jobPromise(getJob) {
   return new Promise((resolve, reject) => {
-    job.ondone = FunctionPrototypeBind(onDone, job, resolve, reject);
-    job.run();
+    try {
+      const job = getJob();
+      job.ondone = FunctionPrototypeBind(onDone, job, resolve, reject);
+      job.run();
+    } catch (err) {
+      onDone(resolve, reject, err);
+    }
   });
 }
 
diff --git a/test/parallel/test-webcrypto-digest.js b/test/parallel/test-webcrypto-digest.js
index b8680564d1a1a3..25b78500b7d346 100644
--- a/test/parallel/test-webcrypto-digest.js
+++ b/test/parallel/test-webcrypto-digest.js
@@ -83,7 +83,7 @@ Promise.all([1, [], {}, null, undefined].map((i) =>
 // addition to the API, and is added as a support for future additional
 // hash algorithms that support variable digest output lengths.
 assert.rejects(subtle.digest({ name: 'SHA-512', length: 510 }, kData), {
-  message: /Digest method not supported/
+  name: 'OperationError',
 }).then(common.mustCall());
 
 const kSourceData = {

From 5b9738aee676e9254a823e8f1c56d28a66b35ad0 Mon Sep 17 00:00:00 2001
From: Filip Skokan <panva.ip@gmail.com>
Date: Fri, 31 Mar 2023 13:52:31 +0200
Subject: [PATCH 04/12] test: mock structuredClone for WebCryptoAPI WPTs

---
 test/wpt/test-webcrypto.js | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/test/wpt/test-webcrypto.js b/test/wpt/test-webcrypto.js
index f90ffa9ad5316b..7c8469fc9e413f 100644
--- a/test/wpt/test-webcrypto.js
+++ b/test/wpt/test-webcrypto.js
@@ -13,6 +13,8 @@ runner.setFlags(['--experimental-global-webcrypto']);
 
 runner.setInitScript(`
   global.location = {};
+  const { serialize, deserialize } = require('v8');
+  global.structuredClone = (value) => deserialize(serialize(value));
 `);
 
 runner.runJsTests();

From ae600b9bcfada99f576bb937e4e6446c6af7af95 Mon Sep 17 00:00:00 2001
From: Filip Skokan <panva.ip@gmail.com>
Date: Wed, 12 Oct 2022 21:18:38 +0200
Subject: [PATCH 05/12] crypto: fix webcrypto HMAC "get key length" in
 deriveKey and generateKey

PR-URL: https://github.com/nodejs/node/pull/44917
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Backport-PR-URL: https://github.com/nodejs/node/pull/47336
---
 lib/internal/crypto/mac.js                |  4 +--
 lib/internal/crypto/util.js               | 12 ++++-----
 lib/internal/crypto/webcrypto.js          | 12 ++-------
 test/parallel/test-webcrypto-derivekey.js | 31 ++++++++++++++++++++---
 test/parallel/test-webcrypto-keygen.js    |  8 +++---
 5 files changed, 41 insertions(+), 26 deletions(-)

diff --git a/lib/internal/crypto/mac.js b/lib/internal/crypto/mac.js
index f08ed611142bc0..074e3ba535db72 100644
--- a/lib/internal/crypto/mac.js
+++ b/lib/internal/crypto/mac.js
@@ -14,7 +14,7 @@ const {
 } = internalBinding('crypto');
 
 const {
-  getHashLength,
+  getBlockSize,
   hasAnyNotIn,
   jobPromise,
   normalizeHashName,
@@ -54,7 +54,7 @@ async function hmacGenerateKey(algorithm, extractable, keyUsages) {
     throw new ERR_MISSING_OPTION('algorithm.hash');
 
   if (length === undefined)
-    length = getHashLength(hash.name);
+    length = getBlockSize(hash.name);
 
   validateBitLength(length, 'algorithm.length', true);
 
diff --git a/lib/internal/crypto/util.js b/lib/internal/crypto/util.js
index b6b84c441ad742..831fdd597eeede 100644
--- a/lib/internal/crypto/util.js
+++ b/lib/internal/crypto/util.js
@@ -346,12 +346,12 @@ function getUsagesUnion(usageSet, ...usages) {
   return newset;
 }
 
-function getHashLength(name) {
+function getBlockSize(name) {
   switch (name) {
-    case 'SHA-1': return 160;
-    case 'SHA-256': return 256;
-    case 'SHA-384': return 384;
-    case 'SHA-512': return 512;
+    case 'SHA-1': return 512;
+    case 'SHA-256': return 512;
+    case 'SHA-384': return 1024;
+    case 'SHA-512': return 1024;
   }
 }
 
@@ -436,8 +436,8 @@ module.exports = {
   validateMaxBufferLength,
   bigIntArrayToUnsignedBigInt,
   bigIntArrayToUnsignedInt,
+  getBlockSize,
   getStringOption,
   getUsagesUnion,
-  getHashLength,
   secureHeapUsed,
 };
diff --git a/lib/internal/crypto/webcrypto.js b/lib/internal/crypto/webcrypto.js
index df4bb072043def..bfc36bbb20a98b 100644
--- a/lib/internal/crypto/webcrypto.js
+++ b/lib/internal/crypto/webcrypto.js
@@ -51,6 +51,7 @@ const {
 
 const {
   getArrayBufferOrView,
+  getBlockSize,
   hasAnyNotIn,
   lazyRequire,
   normalizeAlgorithm,
@@ -195,16 +196,7 @@ function getKeyLength({ name, length, hash }) {
       return length;
     case 'HMAC':
       if (length === undefined) {
-        switch (hash?.name) {
-          case 'SHA-1':
-            return 160;
-          case 'SHA-256':
-            return 256;
-          case 'SHA-384':
-            return 384;
-          case 'SHA-512':
-            return 512;
-        }
+        return getBlockSize(hash?.name);
       }
 
       if (typeof length === 'number' && length !== 0) {
diff --git a/test/parallel/test-webcrypto-derivekey.js b/test/parallel/test-webcrypto-derivekey.js
index f8eb996000ec89..b819b998d217e0 100644
--- a/test/parallel/test-webcrypto-derivekey.js
+++ b/test/parallel/test-webcrypto-derivekey.js
@@ -124,10 +124,11 @@ const { webcrypto: { subtle }, KeyObject } = require('crypto');
   const vectors = [
     ['PBKDF2', 'deriveKey', 528],
     ['HKDF', 'deriveKey', 528],
-    [{ name: 'HMAC', hash: 'SHA-1' }, 'sign', 160],
-    [{ name: 'HMAC', hash: 'SHA-256' }, 'sign', 256],
-    [{ name: 'HMAC', hash: 'SHA-384' }, 'sign', 384],
-    [{ name: 'HMAC', hash: 'SHA-512' }, 'sign', 512],
+    [{ name: 'HMAC', hash: 'SHA-1' }, 'sign', 512],
+    [{ name: 'HMAC', hash: 'SHA-256' }, 'sign', 512],
+    // Not long enough secret generated by ECDH
+    // [{ name: 'HMAC', hash: 'SHA-384' }, 'sign', 1024],
+    // [{ name: 'HMAC', hash: 'SHA-512' }, 'sign', 1024],
   ];
 
   (async () => {
@@ -151,6 +152,28 @@ const { webcrypto: { subtle }, KeyObject } = require('crypto');
   })().then(common.mustCall());
 }
 
+{
+  const vectors = [
+    [{ name: 'HMAC', hash: 'SHA-1' }, 'sign', 512],
+    [{ name: 'HMAC', hash: 'SHA-256' }, 'sign', 512],
+    [{ name: 'HMAC', hash: 'SHA-384' }, 'sign', 1024],
+    [{ name: 'HMAC', hash: 'SHA-512' }, 'sign', 1024],
+  ];
+
+  (async () => {
+    for (const [derivedKeyAlgorithm, usage, expected] of vectors) {
+      const derived = await subtle.deriveKey(
+        { name: 'PBKDF2', salt: new Uint8Array([]), hash: 'SHA-256', iterations: 20 },
+        await subtle.importKey('raw', new Uint8Array([]), { name: 'PBKDF2' }, false, ['deriveKey']),
+        derivedKeyAlgorithm,
+        false,
+        [usage]);
+
+      assert.strictEqual(derived.algorithm.length, expected);
+    }
+  })().then(common.mustCall());
+}
+
 // Test X25519 and X448 key derivation
 {
   async function test(name) {
diff --git a/test/parallel/test-webcrypto-keygen.js b/test/parallel/test-webcrypto-keygen.js
index a18ab84f89ba63..946a1e58889122 100644
--- a/test/parallel/test-webcrypto-keygen.js
+++ b/test/parallel/test-webcrypto-keygen.js
@@ -556,10 +556,10 @@ const vectors = {
 
     if (length === undefined) {
       switch (hash) {
-        case 'SHA-1': length = 160; break;
-        case 'SHA-256': length = 256; break;
-        case 'SHA-384': length = 384; break;
-        case 'SHA-512': length = 512; break;
+        case 'SHA-1': length = 512; break;
+        case 'SHA-256': length = 512; break;
+        case 'SHA-384': length = 1024; break;
+        case 'SHA-512': length = 1024; break;
       }
     }
 

From 252839a8e01bd5e113dd13f0c1153fc955f3903f Mon Sep 17 00:00:00 2001
From: Filip Skokan <panva.ip@gmail.com>
Date: Mon, 21 Nov 2022 23:09:57 +0100
Subject: [PATCH 06/12] crypto: ensure "x" is present when importing private
 CFRG webcrypto keys
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR-URL: https://github.com/nodejs/node/pull/45569
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Backport-PR-URL: https://github.com/nodejs/node/pull/47336
---
 lib/internal/crypto/cfrg.js | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/lib/internal/crypto/cfrg.js b/lib/internal/crypto/cfrg.js
index 98e236052f555e..7b825fc93e0669 100644
--- a/lib/internal/crypto/cfrg.js
+++ b/lib/internal/crypto/cfrg.js
@@ -276,6 +276,10 @@ async function cfrgImportKey(
         }
       }
 
+      if (!isPublic && typeof keyData.x !== 'string') {
+        throw lazyDOMException('Invalid JWK keyData', 'DataError');
+      }
+
       verifyAcceptableCfrgKeyUse(
         name,
         isPublic ? 'public' : 'private',

From a3212380a873d2ccbad25cf2f86dad2da9fd3eed Mon Sep 17 00:00:00 2001
From: Filip Skokan <panva.ip@gmail.com>
Date: Mon, 21 Nov 2022 23:14:06 +0100
Subject: [PATCH 07/12] crypto: fix X25519 and X448 webcrypto public CryptoKey
 usages
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR-URL: https://github.com/nodejs/node/pull/45569
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Backport-PR-URL: https://github.com/nodejs/node/pull/47336
---
 lib/internal/crypto/cfrg.js                        |  9 ++++++++-
 test/parallel/test-webcrypto-derivebits-cfrg.js    |  8 ++++----
 test/parallel/test-webcrypto-derivekey-cfrg.js     | 12 ++++++------
 test/parallel/test-webcrypto-export-import-cfrg.js | 12 ++++++------
 4 files changed, 24 insertions(+), 17 deletions(-)

diff --git a/lib/internal/crypto/cfrg.js b/lib/internal/crypto/cfrg.js
index 7b825fc93e0669..37fc5c5fcf2b8e 100644
--- a/lib/internal/crypto/cfrg.js
+++ b/lib/internal/crypto/cfrg.js
@@ -53,7 +53,14 @@ function verifyAcceptableCfrgKeyUse(name, type, usages) {
     case 'X25519':
       // Fall through
     case 'X448':
-      checkSet = ['deriveKey', 'deriveBits'];
+      switch (type) {
+        case 'private':
+          checkSet = ['deriveKey', 'deriveBits'];
+          break;
+        case 'public':
+          checkSet = [];
+          break;
+      }
       break;
     case 'Ed25519':
       // Fall through
diff --git a/test/parallel/test-webcrypto-derivebits-cfrg.js b/test/parallel/test-webcrypto-derivebits-cfrg.js
index 2233d1a2d274c7..1324a5fecc4c87 100644
--- a/test/parallel/test-webcrypto-derivebits-cfrg.js
+++ b/test/parallel/test-webcrypto-derivebits-cfrg.js
@@ -52,7 +52,7 @@ async function prepareKeys() {
           Buffer.from(spki, 'hex'),
           { name },
           true,
-          ['deriveKey', 'deriveBits']),
+          []),
       ]);
       keys[name] = {
         privateKey,
@@ -180,7 +180,7 @@ async function prepareKeys() {
       name: 'X448',
       public: keys.X448.publicKey
     }, keys.X448.publicKey, null), {
-      message: /baseKey must be a private key/
+      name: 'InvalidAccessError'
     });
   }
 
@@ -190,7 +190,7 @@ async function prepareKeys() {
       name: 'X448',
       public: keys.X448.privateKey
     }, keys.X448.publicKey, null), {
-      message: /algorithm\.public must be a public key/
+      name: 'InvalidAccessError'
     });
   }
 
@@ -207,7 +207,7 @@ async function prepareKeys() {
       name: 'X448',
       public: key
     }, keys.X448.publicKey, null), {
-      message: /algorithm\.public must be a public key/
+      name: 'InvalidAccessError'
     });
   }
 })().then(common.mustCall());
diff --git a/test/parallel/test-webcrypto-derivekey-cfrg.js b/test/parallel/test-webcrypto-derivekey-cfrg.js
index ddf51626a89b4b..90289c98efd5d5 100644
--- a/test/parallel/test-webcrypto-derivekey-cfrg.js
+++ b/test/parallel/test-webcrypto-derivekey-cfrg.js
@@ -51,7 +51,7 @@ async function prepareKeys() {
           Buffer.from(spki, 'hex'),
           { name },
           true,
-          ['deriveKey', 'deriveBits']),
+          []),
       ]);
       keys[name] = {
         privateKey,
@@ -150,20 +150,20 @@ async function prepareKeys() {
         },
         keys.X448.publicKey,
         ...otherArgs),
-      { message: /baseKey must be a private key/ });
+      { name: 'InvalidAccessError' });
   }
 
   {
-    // Base key is not a private key
+    // Public is not a public key
     await assert.rejects(
       subtle.deriveKey(
         {
           name: 'X448',
           public: keys.X448.privateKey
         },
-        keys.X448.publicKey,
+        keys.X448.privateKey,
         ...otherArgs),
-      { message: /algorithm\.public must be a public key/ });
+      { name: 'InvalidAccessError' });
   }
 
   {
@@ -183,6 +183,6 @@ async function prepareKeys() {
         },
         keys.X448.publicKey,
         ...otherArgs),
-      { message: /algorithm\.public must be a public key/ });
+      { name: 'InvalidAccessError' });
   }
 })().then(common.mustCall());
diff --git a/test/parallel/test-webcrypto-export-import-cfrg.js b/test/parallel/test-webcrypto-export-import-cfrg.js
index 6d162ac61c2e30..af6a7956e6716a 100644
--- a/test/parallel/test-webcrypto-export-import-cfrg.js
+++ b/test/parallel/test-webcrypto-export-import-cfrg.js
@@ -315,19 +315,19 @@ async function testImportRaw({ name, publicUsages }) {
   const rsaPrivate = crypto.createPrivateKey(
     fixtures.readKey('rsa_private_2048.pem'));
 
-  for (const [name, [publicUsage, privateUsage]] of Object.entries({
-    'Ed25519': ['verify', 'sign'],
-    'X448': ['deriveBits', 'deriveBits'],
-  })) {
+  for (const [name, publicUsages, privateUsages] of [
+    ['Ed25519', ['verify'], ['sign']],
+    ['X448', [], ['deriveBits']],
+  ]) {
     assert.rejects(subtle.importKey(
       'spki',
       rsaPublic.export({ format: 'der', type: 'spki' }),
       { name },
-      true, [publicUsage]), { message: /Invalid key type/ });
+      true, publicUsages), { message: /Invalid key type/ });
     assert.rejects(subtle.importKey(
       'pkcs8',
       rsaPrivate.export({ format: 'der', type: 'pkcs8' }),
       { name },
-      true, [privateUsage]), { message: /Invalid key type/ });
+      true, privateUsages), { message: /Invalid key type/ });
   }
 }

From b72552c052f0933d808ff3694565cab83b38a639 Mon Sep 17 00:00:00 2001
From: Filip Skokan <panva.ip@gmail.com>
Date: Mon, 21 Nov 2022 23:43:57 +0100
Subject: [PATCH 08/12] crypto: use DataError for webcrypto keyData import
 failures
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR-URL: https://github.com/nodejs/node/pull/45569
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Backport-PR-URL: https://github.com/nodejs/node/pull/47336
---
 lib/internal/crypto/cfrg.js | 38 ++++++++++++++++++++++-------------
 lib/internal/crypto/ec.js   | 40 ++++++++++++++++++++++++-------------
 lib/internal/crypto/rsa.js  | 30 ++++++++++++++++++----------
 3 files changed, 70 insertions(+), 38 deletions(-)

diff --git a/lib/internal/crypto/cfrg.js b/lib/internal/crypto/cfrg.js
index 37fc5c5fcf2b8e..6e9066d2cdb8fe 100644
--- a/lib/internal/crypto/cfrg.js
+++ b/lib/internal/crypto/cfrg.js
@@ -90,26 +90,26 @@ function createCFRGRawKey(name, keyData, isPublic) {
     case 'X25519':
       if (keyData.byteLength !== 32) {
         throw lazyDOMException(
-          `${name} raw keys must be exactly 32-bytes`);
+          `${name} raw keys must be exactly 32-bytes`, 'DataError');
       }
       break;
     case 'Ed448':
       if (keyData.byteLength !== 57) {
         throw lazyDOMException(
-          `${name} raw keys must be exactly 57-bytes`);
+          `${name} raw keys must be exactly 57-bytes`, 'DataError');
       }
       break;
     case 'X448':
       if (keyData.byteLength !== 56) {
         throw lazyDOMException(
-          `${name} raw keys must be exactly 56-bytes`);
+          `${name} raw keys must be exactly 56-bytes`, 'DataError');
       }
       break;
   }
 
   const keyType = isPublic ? kKeyTypePublic : kKeyTypePrivate;
   if (!handle.initEDRaw(name, keyData, keyType)) {
-    throw lazyDOMException('Failure to generate key object');
+    throw lazyDOMException('Invalid keyData', 'DataError');
   }
 
   return isPublic ? new PublicKeyObject(handle) : new PrivateKeyObject(handle);
@@ -221,20 +221,30 @@ async function cfrgImportKey(
   switch (format) {
     case 'spki': {
       verifyAcceptableCfrgKeyUse(name, 'public', usagesSet);
-      keyObject = createPublicKey({
-        key: keyData,
-        format: 'der',
-        type: 'spki'
-      });
+      try {
+        keyObject = createPublicKey({
+          key: keyData,
+          format: 'der',
+          type: 'spki'
+        });
+      } catch {
+        throw lazyDOMException(
+          'Invalid keyData', 'DataError');
+      }
       break;
     }
     case 'pkcs8': {
       verifyAcceptableCfrgKeyUse(name, 'private', usagesSet);
-      keyObject = createPrivateKey({
-        key: keyData,
-        format: 'der',
-        type: 'pkcs8'
-      });
+      try {
+        keyObject = createPrivateKey({
+          key: keyData,
+          format: 'der',
+          type: 'pkcs8'
+        });
+      } catch {
+        throw lazyDOMException(
+          'Invalid keyData', 'DataError');
+      }
       break;
     }
     case 'jwk': {
diff --git a/lib/internal/crypto/ec.js b/lib/internal/crypto/ec.js
index e39d443941dba7..aea9bc9410d4ec 100644
--- a/lib/internal/crypto/ec.js
+++ b/lib/internal/crypto/ec.js
@@ -80,8 +80,12 @@ function verifyAcceptableEcKeyUse(name, type, usages) {
 function createECPublicKeyRaw(namedCurve, keyData) {
   const handle = new KeyObjectHandle();
   keyData = getArrayBufferOrView(keyData, 'keyData');
-  if (handle.initECRaw(kNamedCurveAliases[namedCurve], keyData))
-    return new PublicKeyObject(handle);
+
+  if (!handle.initECRaw(kNamedCurveAliases[namedCurve], keyData)) {
+    throw lazyDOMException('Invalid keyData', 'DataError');
+  }
+
+  return new PublicKeyObject(handle);
 }
 
 async function ecGenerateKey(algorithm, extractable, keyUsages) {
@@ -177,20 +181,30 @@ async function ecImportKey(
   switch (format) {
     case 'spki': {
       verifyAcceptableEcKeyUse(name, 'public', usagesSet);
-      keyObject = createPublicKey({
-        key: keyData,
-        format: 'der',
-        type: 'spki'
-      });
+      try {
+        keyObject = createPublicKey({
+          key: keyData,
+          format: 'der',
+          type: 'spki'
+        });
+      } catch {
+        throw lazyDOMException(
+          'Invalid keyData', 'DataError');
+      }
       break;
     }
     case 'pkcs8': {
       verifyAcceptableEcKeyUse(name, 'private', usagesSet);
-      keyObject = createPrivateKey({
-        key: keyData,
-        format: 'der',
-        type: 'pkcs8'
-      });
+      try {
+        keyObject = createPrivateKey({
+          key: keyData,
+          format: 'der',
+          type: 'pkcs8'
+        });
+      } catch {
+        throw lazyDOMException(
+          'Invalid keyData', 'DataError');
+      }
       break;
     }
     case 'jwk': {
@@ -247,8 +261,6 @@ async function ecImportKey(
     case 'raw': {
       verifyAcceptableEcKeyUse(name, 'public', usagesSet);
       keyObject = createECPublicKeyRaw(namedCurve, keyData);
-      if (keyObject === undefined)
-        throw lazyDOMException('Unable to import EC key', 'OperationError');
       break;
     }
   }
diff --git a/lib/internal/crypto/rsa.js b/lib/internal/crypto/rsa.js
index 3fe7f4fef4aef3..dad158a264e7cd 100644
--- a/lib/internal/crypto/rsa.js
+++ b/lib/internal/crypto/rsa.js
@@ -246,20 +246,30 @@ async function rsaImportKey(
   switch (format) {
     case 'spki': {
       verifyAcceptableRsaKeyUse(algorithm.name, 'public', usagesSet);
-      keyObject = createPublicKey({
-        key: keyData,
-        format: 'der',
-        type: 'spki'
-      });
+      try {
+        keyObject = createPublicKey({
+          key: keyData,
+          format: 'der',
+          type: 'spki'
+        });
+      } catch {
+        throw lazyDOMException(
+          'Invalid keyData', 'DataError');
+      }
       break;
     }
     case 'pkcs8': {
       verifyAcceptableRsaKeyUse(algorithm.name, 'private', usagesSet);
-      keyObject = createPrivateKey({
-        key: keyData,
-        format: 'der',
-        type: 'pkcs8'
-      });
+      try {
+        keyObject = createPrivateKey({
+          key: keyData,
+          format: 'der',
+          type: 'pkcs8'
+        });
+      } catch {
+        throw lazyDOMException(
+          'Invalid keyData', 'DataError');
+      }
       break;
     }
     case 'jwk': {

From adca91a495a1c73c4e053217ee9de08487ca13ba Mon Sep 17 00:00:00 2001
From: Filip Skokan <panva.ip@gmail.com>
Date: Mon, 21 Nov 2022 23:30:21 +0100
Subject: [PATCH 09/12] crypto: validate CFRG webcrypto JWK import "d" and "x"
 are a pair
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR-URL: https://github.com/nodejs/node/pull/45569
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Backport-PR-URL: https://github.com/nodejs/node/pull/47336
---
 lib/internal/crypto/cfrg.js | 22 +++++++++++++++++-----
 1 file changed, 17 insertions(+), 5 deletions(-)

diff --git a/lib/internal/crypto/cfrg.js b/lib/internal/crypto/cfrg.js
index 6e9066d2cdb8fe..6d5572a3f99988 100644
--- a/lib/internal/crypto/cfrg.js
+++ b/lib/internal/crypto/cfrg.js
@@ -301,12 +301,24 @@ async function cfrgImportKey(
         name,
         isPublic ? 'public' : 'private',
         usagesSet);
-      keyObject = createCFRGRawKey(
+
+      const publicKeyObject = createCFRGRawKey(
         name,
-        Buffer.from(
-          isPublic ? keyData.x : keyData.d,
-          'base64'),
-        isPublic);
+        Buffer.from(keyData.x, 'base64'),
+        true);
+
+      if (isPublic) {
+        keyObject = publicKeyObject;
+      } else {
+        keyObject = createCFRGRawKey(
+          name,
+          Buffer.from(keyData.d, 'base64'),
+          false);
+
+        if (!createPublicKey(keyObject).equals(publicKeyObject)) {
+          throw lazyDOMException('Invalid JWK keyData', 'DataError');
+        }
+      }
       break;
     }
     case 'raw': {

From 8570ffab8b331693ebc43b75ecad6618445dc5ca Mon Sep 17 00:00:00 2001
From: Filip Skokan <panva.ip@gmail.com>
Date: Tue, 22 Nov 2022 00:22:08 +0100
Subject: [PATCH 10/12] crypto: fix ECDH webcrypto public CryptoKey usages
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR-URL: https://github.com/nodejs/node/pull/45569
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Backport-PR-URL: https://github.com/nodejs/node/pull/47336
---
 lib/internal/crypto/ec.js                        |  9 ++++++++-
 test/parallel/test-webcrypto-derivebits-ecdh.js  | 12 ++++++------
 test/parallel/test-webcrypto-derivekey-ecdh.js   |  8 ++++----
 test/parallel/test-webcrypto-export-import-ec.js | 12 ++++++------
 4 files changed, 24 insertions(+), 17 deletions(-)

diff --git a/lib/internal/crypto/ec.js b/lib/internal/crypto/ec.js
index aea9bc9410d4ec..83f691bcabc35c 100644
--- a/lib/internal/crypto/ec.js
+++ b/lib/internal/crypto/ec.js
@@ -58,7 +58,14 @@ function verifyAcceptableEcKeyUse(name, type, usages) {
   let checkSet;
   switch (name) {
     case 'ECDH':
-      checkSet = ['deriveKey', 'deriveBits'];
+      switch (type) {
+        case 'private':
+          checkSet = ['deriveKey', 'deriveBits'];
+          break;
+        case 'public':
+          checkSet = [];
+          break;
+      }
       break;
     case 'ECDSA':
       switch (type) {
diff --git a/test/parallel/test-webcrypto-derivebits-ecdh.js b/test/parallel/test-webcrypto-derivebits-ecdh.js
index 739155fba47818..2ab152ba5a7615 100644
--- a/test/parallel/test-webcrypto-derivebits-ecdh.js
+++ b/test/parallel/test-webcrypto-derivebits-ecdh.js
@@ -73,7 +73,7 @@ async function prepareKeys() {
             namedCurve
           },
           true,
-          ['deriveKey', 'deriveBits']),
+          []),
       ]);
       keys[namedCurve] = {
         privateKey,
@@ -235,17 +235,17 @@ async function prepareKeys() {
       name: 'ECDH',
       public: keys['P-521'].publicKey
     }, keys['P-521'].publicKey, null), {
-      message: /baseKey must be a private key/
+      name: 'InvalidAccessError'
     });
   }
 
   {
-    // Base key is not a private key
+    // Public is not a public key
     await assert.rejects(subtle.deriveBits({
       name: 'ECDH',
       public: keys['P-521'].privateKey
-    }, keys['P-521'].publicKey, null), {
-      message: /algorithm\.public must be a public key/
+    }, keys['P-521'].privateKey, null), {
+      name: 'InvalidAccessError'
     });
   }
 
@@ -262,7 +262,7 @@ async function prepareKeys() {
       name: 'ECDH',
       public: key
     }, keys['P-521'].publicKey, null), {
-      message: /algorithm\.public must be a public key/
+      name: 'InvalidAccessError'
     });
   }
 })().then(common.mustCall());
diff --git a/test/parallel/test-webcrypto-derivekey-ecdh.js b/test/parallel/test-webcrypto-derivekey-ecdh.js
index 2ca54957a55304..d3ba660fde6d5b 100644
--- a/test/parallel/test-webcrypto-derivekey-ecdh.js
+++ b/test/parallel/test-webcrypto-derivekey-ecdh.js
@@ -68,7 +68,7 @@ async function prepareKeys() {
             namedCurve
           },
           true,
-          ['deriveKey', 'deriveBits']),
+          []),
       ]);
       keys[namedCurve] = {
         privateKey,
@@ -209,7 +209,7 @@ async function prepareKeys() {
         },
         keys['P-521'].publicKey,
         ...otherArgs),
-      { message: /baseKey must be a private key/ });
+      { name: 'InvalidAccessError' });
   }
 
   {
@@ -222,7 +222,7 @@ async function prepareKeys() {
         },
         keys['P-521'].publicKey,
         ...otherArgs),
-      { message: /algorithm\.public must be a public key/ });
+      { name: 'InvalidAccessError' });
   }
 
   {
@@ -242,6 +242,6 @@ async function prepareKeys() {
         },
         keys['P-521'].publicKey,
         ...otherArgs),
-      { message: /algorithm\.public must be a public key/ });
+      { name: 'InvalidAccessError' });
   }
 })().then(common.mustCall());
diff --git a/test/parallel/test-webcrypto-export-import-ec.js b/test/parallel/test-webcrypto-export-import-ec.js
index 79f82a3d4adc26..ec5615b6582f88 100644
--- a/test/parallel/test-webcrypto-export-import-ec.js
+++ b/test/parallel/test-webcrypto-export-import-ec.js
@@ -333,19 +333,19 @@ async function testImportRaw({ name, publicUsages }, namedCurve) {
   const rsaPrivate = crypto.createPrivateKey(
     fixtures.readKey('rsa_private_2048.pem'));
 
-  for (const [name, [publicUsage, privateUsage]] of Object.entries({
-    'ECDSA': ['verify', 'sign'],
-    'ECDH': ['deriveBits', 'deriveBits'],
-  })) {
+  for (const [name, publicUsages, privateUsages] of [
+    ['ECDSA', ['verify'], ['sign']],
+    ['ECDH', [], ['deriveBits', 'deriveBits']],
+  ]) {
     assert.rejects(subtle.importKey(
       'spki',
       rsaPublic.export({ format: 'der', type: 'spki' }),
       { name, hash: 'SHA-256', namedCurve: 'P-256' },
-      true, [publicUsage]), { message: /Invalid key type/ });
+      true, publicUsages), { message: /Invalid key type/ });
     assert.rejects(subtle.importKey(
       'pkcs8',
       rsaPrivate.export({ format: 'der', type: 'pkcs8' }),
       { name, hash: 'SHA-256', namedCurve: 'P-256' },
-      true, [privateUsage]), { message: /Invalid key type/ });
+      true, privateUsages), { message: /Invalid key type/ });
   }
 }

From 52e3bf8bf3205dfbe22cbc910becb7ee087cd74d Mon Sep 17 00:00:00 2001
From: Filip Skokan <panva.ip@gmail.com>
Date: Tue, 17 Jan 2023 09:57:58 +0100
Subject: [PATCH 11/12] crypto: use WebIDL converters in WebCryptoAPI

WebCryptoAPI functions' arguments are now coersed and validated as per
their WebIDL definitions like in other Web Crypto API implementations.
This further improves interoperability with other implementations of
Web Crypto API.

PR-URL: https://github.com/nodejs/node/pull/46067
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Chengzhong Wu <legendecas@gmail.com>
Backport-PR-URL: https://github.com/nodejs/node/pull/47383
---
 doc/api/webcrypto.md                          |   4 +
 lib/internal/crypto/aes.js                    |  28 +-
 lib/internal/crypto/cfrg.js                   |  37 +-
 lib/internal/crypto/diffiehellman.js          |   9 -
 lib/internal/crypto/ec.js                     |  39 +-
 lib/internal/crypto/hash.js                   |  12 +-
 lib/internal/crypto/hkdf.js                   |   8 +-
 lib/internal/crypto/mac.js                    |  62 +-
 lib/internal/crypto/pbkdf2.js                 |  55 +-
 lib/internal/crypto/rsa.js                    |  52 +-
 lib/internal/crypto/util.js                   | 282 +++++--
 lib/internal/crypto/webcrypto.js              | 347 +++++++--
 lib/internal/crypto/webidl.js                 | 707 ++++++++++++++++++
 test/fixtures/crypto/aes_gcm.js               |   2 +-
 .../test-webcrypto-cryptokey-workers.js       |   2 +-
 .../test-webcrypto-derivebits-cfrg.js         |   2 +-
 .../test-webcrypto-derivebits-ecdh.js         |   2 +-
 .../test-webcrypto-derivebits-hkdf.js         |  20 +-
 .../parallel/test-webcrypto-derivekey-cfrg.js |   2 +-
 .../parallel/test-webcrypto-derivekey-ecdh.js |   2 +-
 test/parallel/test-webcrypto-digest.js        |  20 +-
 .../test-webcrypto-export-import-cfrg.js      |  38 +-
 .../test-webcrypto-export-import-ec.js        |  40 +-
 .../test-webcrypto-export-import-rsa.js       |  51 ++
 test/parallel/test-webcrypto-export-import.js |  14 +-
 test/parallel/test-webcrypto-keygen.js        |  59 +-
 .../test-webcrypto-sign-verify-ecdsa.js       |   3 +-
 .../test-webcrypto-sign-verify-hmac.js        |  17 +-
 .../test-webcrypto-sign-verify-rsa.js         |  19 +-
 test/parallel/test-webcrypto-util.js          |  12 +-
 test/parallel/test-webcrypto-webidl.js        | 519 +++++++++++++
 .../test-webcrypto-derivebits-pbkdf2.js       |  22 +-
 test/wpt/status/WebCryptoAPI.json             |  13 +
 33 files changed, 2061 insertions(+), 440 deletions(-)
 create mode 100644 lib/internal/crypto/webidl.js
 create mode 100644 test/parallel/test-webcrypto-webidl.js

diff --git a/doc/api/webcrypto.md b/doc/api/webcrypto.md
index 2188edd8523154..9f0275a8affa90 100644
--- a/doc/api/webcrypto.md
+++ b/doc/api/webcrypto.md
@@ -2,6 +2,10 @@
 
 <!-- YAML
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/46067
+    description: Arguments are now coerced and validated as per their WebIDL
+      definitions like in other Web Crypto API implementations.
   - version: v16.17.0
     pr-url: https://github.com/nodejs/node/pull/43310
     description: Removed proprietary `'node.keyObject'` import/export format.
diff --git a/lib/internal/crypto/aes.js b/lib/internal/crypto/aes.js
index e716caedd050de..6271516028d157 100644
--- a/lib/internal/crypto/aes.js
+++ b/lib/internal/crypto/aes.js
@@ -32,7 +32,6 @@ const {
 } = internalBinding('crypto');
 
 const {
-  getArrayBufferOrView,
   hasAnyNotIn,
   jobPromise,
   validateByteLength,
@@ -112,13 +111,10 @@ function getVariant(name, length) {
 }
 
 function asyncAesCtrCipher(mode, key, data, { counter, length }) {
-  counter = getArrayBufferOrView(counter, 'algorithm.counter');
   validateByteLength(counter, 'algorithm.counter', 16);
   // The length must specify an integer between 1 and 128. While
   // there is no default, this should typically be 64.
-  if (typeof length !== 'number' ||
-      length <= 0 ||
-      length > kMaxCounterLength) {
+  if (length === 0 || length > kMaxCounterLength) {
     throw lazyDOMException(
       'AES-CTR algorithm.length must be between 1 and 128',
       'OperationError');
@@ -135,7 +131,6 @@ function asyncAesCtrCipher(mode, key, data, { counter, length }) {
 }
 
 function asyncAesCbcCipher(mode, key, data, { iv }) {
-  iv = getArrayBufferOrView(iv, 'algorithm.iv');
   validateByteLength(iv, 'algorithm.iv', 16);
   return jobPromise(() => new AESCipherJob(
     kCryptoJobAsync,
@@ -166,12 +161,9 @@ function asyncAesGcmCipher(
       'OperationError'));
   }
 
-  iv = getArrayBufferOrView(iv, 'algorithm.iv');
   validateMaxBufferLength(iv, 'algorithm.iv');
 
   if (additionalData !== undefined) {
-    additionalData =
-      getArrayBufferOrView(additionalData, 'algorithm.additionalData');
     validateMaxBufferLength(additionalData, 'algorithm.additionalData');
   }
 
@@ -282,16 +274,16 @@ async function aesImportKey(
       break;
     }
     case 'jwk': {
-      if (keyData == null || typeof keyData !== 'object')
-        throw lazyDOMException('Invalid JWK keyData', 'DataError');
+      if (!keyData.kty)
+        throw lazyDOMException('Invalid keyData', 'DataError');
 
       if (keyData.kty !== 'oct')
-        throw lazyDOMException('Invalid key type', 'DataError');
+        throw lazyDOMException('Invalid JWK "kty" Parameter', 'DataError');
 
       if (usagesSet.size > 0 &&
           keyData.use !== undefined &&
           keyData.use !== 'enc') {
-        throw lazyDOMException('Invalid use type', 'DataError');
+        throw lazyDOMException('Invalid JWK "use" Parameter', 'DataError');
       }
 
       validateKeyOps(keyData.key_ops, usagesSet);
@@ -299,7 +291,9 @@ async function aesImportKey(
       if (keyData.ext !== undefined &&
           keyData.ext === false &&
           extractable === true) {
-        throw lazyDOMException('JWK is not extractable', 'DataError');
+        throw lazyDOMException(
+          'JWK "ext" Parameter and extractable mismatch',
+          'DataError');
       }
 
       const handle = new KeyObjectHandle();
@@ -309,10 +303,10 @@ async function aesImportKey(
       validateKeyLength(length);
 
       if (keyData.alg !== undefined) {
-        if (typeof keyData.alg !== 'string')
-          throw lazyDOMException('Invalid alg', 'DataError');
         if (keyData.alg !== getAlgorithmName(algorithm.name, length))
-          throw lazyDOMException('Algorithm mismatch', 'DataError');
+          throw lazyDOMException(
+            'JWK "alg" does not match the requested algorithm',
+            'DataError');
       }
 
       keyObject = new SecretKeyObject(handle);
diff --git a/lib/internal/crypto/cfrg.js b/lib/internal/crypto/cfrg.js
index 6d5572a3f99988..99f72efd8e39e4 100644
--- a/lib/internal/crypto/cfrg.js
+++ b/lib/internal/crypto/cfrg.js
@@ -18,7 +18,6 @@ const {
 } = internalBinding('crypto');
 
 const {
-  getArrayBufferOrView,
   getUsagesUnion,
   hasAnyNotIn,
   jobPromise,
@@ -83,7 +82,6 @@ function verifyAcceptableCfrgKeyUse(name, type, usages) {
 
 function createCFRGRawKey(name, keyData, isPublic) {
   const handle = new KeyObjectHandle();
-  keyData = getArrayBufferOrView(keyData, 'keyData');
 
   switch (name) {
     case 'Ed25519':
@@ -248,12 +246,13 @@ async function cfrgImportKey(
       break;
     }
     case 'jwk': {
-      if (keyData == null || typeof keyData !== 'object')
-        throw lazyDOMException('Invalid JWK keyData', 'DataError');
+      if (!keyData.kty)
+        throw lazyDOMException('Invalid keyData', 'DataError');
       if (keyData.kty !== 'OKP')
-        throw lazyDOMException('Invalid key type', 'DataError');
+        throw lazyDOMException('Invalid JWK "kty" Parameter', 'DataError');
       if (keyData.crv !== name)
-        throw lazyDOMException('Subtype mismatch', 'DataError');
+        throw lazyDOMException(
+          'JWK "crv" Parameter and algorithm name mismatch', 'DataError');
       const isPublic = keyData.d === undefined;
 
       if (usagesSet.size > 0 && keyData.use !== undefined) {
@@ -271,7 +270,7 @@ async function cfrgImportKey(
             break;
         }
         if (keyData.use !== checkUse)
-          throw lazyDOMException('Invalid use type', 'DataError');
+          throw lazyDOMException('Invalid JWK "use" Parameter', 'DataError');
       }
 
       validateKeyOps(keyData.key_ops, usagesSet);
@@ -279,22 +278,24 @@ async function cfrgImportKey(
       if (keyData.ext !== undefined &&
           keyData.ext === false &&
           extractable === true) {
-        throw lazyDOMException('JWK is not extractable', 'DataError');
+        throw lazyDOMException(
+          'JWK "ext" Parameter and extractable mismatch',
+          'DataError');
       }
 
       if (keyData.alg !== undefined) {
-        if (typeof keyData.alg !== 'string')
-          throw lazyDOMException('Invalid alg', 'DataError');
         if (
           (name === 'Ed25519' || name === 'Ed448') &&
           keyData.alg !== 'EdDSA'
         ) {
-          throw lazyDOMException('Invalid alg', 'DataError');
+          throw lazyDOMException(
+            'JWK "alg" does not match the requested algorithm',
+            'DataError');
         }
       }
 
       if (!isPublic && typeof keyData.x !== 'string') {
-        throw lazyDOMException('Invalid JWK keyData', 'DataError');
+        throw lazyDOMException('Invalid JWK', 'DataError');
       }
 
       verifyAcceptableCfrgKeyUse(
@@ -316,7 +317,7 @@ async function cfrgImportKey(
           false);
 
         if (!createPublicKey(keyObject).equals(publicKeyObject)) {
-          throw lazyDOMException('Invalid JWK keyData', 'DataError');
+          throw lazyDOMException('Invalid JWK', 'DataError');
         }
       }
       break;
@@ -347,13 +348,9 @@ function eddsaSignVerify(key, data, { name, context }, signature) {
   if (key.type !== type)
     throw lazyDOMException(`Key must be a ${type} key`, 'InvalidAccessError');
 
-  if (name === 'Ed448' && context !== undefined) {
-    context =
-      getArrayBufferOrView(context, 'algorithm.context');
-    if (context.byteLength !== 0) {
-      throw lazyDOMException(
-        'Non zero-length context is not yet supported.', 'NotSupportedError');
-    }
+  if (name === 'Ed448' && context?.byteLength) {
+    throw lazyDOMException(
+      'Non zero-length context is not yet supported.', 'NotSupportedError');
   }
 
   return jobPromise(() => new SignJob(
diff --git a/lib/internal/crypto/diffiehellman.js b/lib/internal/crypto/diffiehellman.js
index ac37e45a8b6b99..878bb74b1f48dd 100644
--- a/lib/internal/crypto/diffiehellman.js
+++ b/lib/internal/crypto/diffiehellman.js
@@ -37,7 +37,6 @@ const {
   validateInt32,
   validateObject,
   validateString,
-  validateUint32,
 } = require('internal/validators');
 
 const {
@@ -51,7 +50,6 @@ const {
 
 const {
   KeyObject,
-  isCryptoKey,
 } = require('internal/crypto/keys');
 
 const {
@@ -335,13 +333,6 @@ function deriveBitsECDH(name, publicKey, privateKey, callback) {
 async function asyncDeriveBitsECDH(algorithm, baseKey, length) {
   const { 'public': key } = algorithm;
 
-  // Null means that we're not asking for a specific number of bits, just
-  // give us everything that is generated.
-  if (length !== null)
-    validateUint32(length, 'length');
-  if (!isCryptoKey(key))
-    throw new ERR_INVALID_ARG_TYPE('algorithm.public', 'CryptoKey', key);
-
   if (key.type !== 'public') {
     throw lazyDOMException(
       'algorithm.public must be a public key', 'InvalidAccessError');
diff --git a/lib/internal/crypto/ec.js b/lib/internal/crypto/ec.js
index 83f691bcabc35c..8276933d34d224 100644
--- a/lib/internal/crypto/ec.js
+++ b/lib/internal/crypto/ec.js
@@ -18,13 +18,6 @@ const {
 } = internalBinding('crypto');
 
 const {
-  codes: {
-    ERR_MISSING_OPTION,
-  }
-} = require('internal/errors');
-
-const {
-  getArrayBufferOrView,
   getUsagesUnion,
   hasAnyNotIn,
   jobPromise,
@@ -86,7 +79,6 @@ function verifyAcceptableEcKeyUse(name, type, usages) {
 
 function createECPublicKeyRaw(namedCurve, keyData) {
   const handle = new KeyObjectHandle();
-  keyData = getArrayBufferOrView(keyData, 'keyData');
 
   if (!handle.initECRaw(kNamedCurveAliases[namedCurve], keyData)) {
     throw lazyDOMException('Invalid keyData', 'DataError');
@@ -215,12 +207,14 @@ async function ecImportKey(
       break;
     }
     case 'jwk': {
-      if (keyData == null || typeof keyData !== 'object')
-        throw lazyDOMException('Invalid JWK keyData', 'DataError');
+      if (!keyData.kty)
+        throw lazyDOMException('Invalid keyData', 'DataError');
       if (keyData.kty !== 'EC')
-        throw lazyDOMException('Invalid key type', 'DataError');
+        throw lazyDOMException('Invalid JWK "kty" Parameter', 'DataError');
       if (keyData.crv !== namedCurve)
-        throw lazyDOMException('Named curve mismatch', 'DataError');
+        throw lazyDOMException(
+          'JWK "crv" does not match the requested algorithm',
+          'DataError');
 
       if (keyData.d !== undefined) {
         verifyAcceptableEcKeyUse(name, 'private', usagesSet);
@@ -229,10 +223,9 @@ async function ecImportKey(
       }
 
       if (usagesSet.size > 0 && keyData.use !== undefined) {
-        if (algorithm.name === 'ECDSA' && keyData.use !== 'sig')
-          throw lazyDOMException('Invalid use type', 'DataError');
-        if (algorithm.name === 'ECDH' && keyData.use !== 'enc')
-          throw lazyDOMException('Invalid use type', 'DataError');
+        const checkUse = name === 'ECDH' ? 'enc' : 'sig';
+        if (keyData.use !== checkUse)
+          throw lazyDOMException('Invalid JWK "use" Parameter', 'DataError');
       }
 
       validateKeyOps(keyData.key_ops, usagesSet);
@@ -240,12 +233,12 @@ async function ecImportKey(
       if (keyData.ext !== undefined &&
           keyData.ext === false &&
           extractable === true) {
-        throw lazyDOMException('JWK is not extractable', 'DataError');
+        throw lazyDOMException(
+          'JWK "ext" Parameter and extractable mismatch',
+          'DataError');
       }
 
       if (algorithm.name === 'ECDSA' && keyData.alg !== undefined) {
-        if (typeof keyData.alg !== 'string')
-          throw lazyDOMException('Invalid alg', 'DataError');
         let algNamedCurve;
         switch (keyData.alg) {
           case 'ES256': algNamedCurve = 'P-256'; break;
@@ -253,13 +246,15 @@ async function ecImportKey(
           case 'ES512': algNamedCurve = 'P-521'; break;
         }
         if (algNamedCurve !== namedCurve)
-          throw lazyDOMException('Named curve mismatch', 'DataError');
+          throw lazyDOMException(
+            'JWK "alg" does not match the requested algorithm',
+            'DataError');
       }
 
       const handle = new KeyObjectHandle();
       const type = handle.initJwk(keyData, namedCurve);
       if (type === undefined)
-        throw lazyDOMException('Invalid JWK keyData', 'DataError');
+        throw lazyDOMException('Invalid JWK', 'DataError');
       keyObject = type === kKeyTypePrivate ?
         new PrivateKeyObject(handle) :
         new PublicKeyObject(handle);
@@ -301,8 +296,6 @@ function ecdsaSignVerify(key, data, { name, hash }, signature) {
   if (key.type !== type)
     throw lazyDOMException(`Key must be a ${type} key`, 'InvalidAccessError');
 
-  if (hash === undefined)
-    throw new ERR_MISSING_OPTION('algorithm.hash');
   const hashname = normalizeHashName(hash.name);
 
   return jobPromise(() => new SignJob(
diff --git a/lib/internal/crypto/hash.js b/lib/internal/crypto/hash.js
index 72d127b37cbeb6..66300c142e511c 100644
--- a/lib/internal/crypto/hash.js
+++ b/lib/internal/crypto/hash.js
@@ -14,11 +14,9 @@ const {
 } = internalBinding('crypto');
 
 const {
-  getArrayBufferOrView,
   getDefaultEncoding,
   getStringOption,
   jobPromise,
-  normalizeAlgorithm,
   normalizeHashName,
   validateMaxBufferLength,
   kHandle,
@@ -168,13 +166,8 @@ Hmac.prototype._transform = Hash.prototype._transform;
 // Implementation for WebCrypto subtle.digest()
 
 async function asyncDigest(algorithm, data) {
-  algorithm = normalizeAlgorithm(algorithm);
-  data = getArrayBufferOrView(data, 'data');
   validateMaxBufferLength(data, 'data');
 
-  if (algorithm.length !== undefined)
-    validateUint32(algorithm.length, 'algorithm.length');
-
   switch (algorithm.name) {
     case 'SHA-1':
       // Fall through
@@ -186,11 +179,10 @@ async function asyncDigest(algorithm, data) {
       return jobPromise(() => new HashJob(
         kCryptoJobAsync,
         normalizeHashName(algorithm.name),
-        data,
-        algorithm.length));
+        data));
   }
 
-  throw lazyDOMException('Unrecognized name.', 'NotSupportedError');
+  throw lazyDOMException('Unrecognized algorithm name', 'NotSupportedError');
 }
 
 module.exports = {
diff --git a/lib/internal/crypto/hkdf.js b/lib/internal/crypto/hkdf.js
index 635e07dd594192..7f08d605b1121f 100644
--- a/lib/internal/crypto/hkdf.js
+++ b/lib/internal/crypto/hkdf.js
@@ -21,7 +21,6 @@ const {
 const { kMaxLength } = require('buffer');
 
 const {
-  getArrayBufferOrView,
   normalizeHashName,
   toBuf,
   validateByteSource,
@@ -46,7 +45,6 @@ const {
   codes: {
     ERR_INVALID_ARG_TYPE,
     ERR_OUT_OF_RANGE,
-    ERR_MISSING_OPTION,
   },
   hideStackFrames,
 } = require('internal/errors');
@@ -140,11 +138,7 @@ function hkdfSync(hash, key, salt, info, length) {
 }
 
 async function hkdfDeriveBits(algorithm, baseKey, length) {
-  const { hash } = algorithm;
-  const salt = getArrayBufferOrView(algorithm.salt, 'algorithm.salt');
-  const info = getArrayBufferOrView(algorithm.info, 'algorithm.info');
-  if (hash === undefined)
-    throw new ERR_MISSING_OPTION('algorithm.hash');
+  const { hash, salt, info } = algorithm;
 
   let byteLength = 512 / 8;
   if (length !== undefined) {
diff --git a/lib/internal/crypto/mac.js b/lib/internal/crypto/mac.js
index 074e3ba535db72..94f57568e349f3 100644
--- a/lib/internal/crypto/mac.js
+++ b/lib/internal/crypto/mac.js
@@ -29,12 +29,6 @@ const {
   promisify,
 } = require('internal/util');
 
-const {
-  codes: {
-    ERR_MISSING_OPTION,
-  }
-} = require('internal/errors');
-
 const {
   generateKey: _generateKey,
 } = require('internal/crypto/keygen');
@@ -50,8 +44,6 @@ const generateKey = promisify(_generateKey);
 async function hmacGenerateKey(algorithm, extractable, keyUsages) {
   const { hash, name } = algorithm;
   let { length } = algorithm;
-  if (hash === undefined)
-    throw new ERR_MISSING_OPTION('algorithm.hash');
 
   if (length === undefined)
     length = getBlockSize(hash.name);
@@ -79,16 +71,24 @@ async function hmacGenerateKey(algorithm, extractable, keyUsages) {
     extractable);
 }
 
+function getAlgorithmName(hash) {
+  switch (hash) {
+    case 'SHA-1': // Fall through
+    case 'SHA-256': // Fall through
+    case 'SHA-384': // Fall through
+    case 'SHA-512': // Fall through
+      return `HS${hash.slice(4)}`;
+    default:
+      throw lazyDOMException('Unsupported digest algorithm', 'DataError');
+  }
+}
+
 async function hmacImportKey(
   format,
   keyData,
   algorithm,
   extractable,
   keyUsages) {
-  const { hash } = algorithm;
-  if (hash === undefined)
-    throw new ERR_MISSING_OPTION('algorithm.hash');
-
   const usagesSet = new SafeSet(keyUsages);
   if (hasAnyNotIn(usagesSet, ['sign', 'verify'])) {
     throw lazyDOMException(
@@ -116,16 +116,16 @@ async function hmacImportKey(
       break;
     }
     case 'jwk': {
-      if (keyData == null || typeof keyData !== 'object')
-        throw lazyDOMException('Invalid JWK keyData', 'DataError');
+      if (!keyData.kty)
+        throw lazyDOMException('Invalid keyData', 'DataError');
 
       if (keyData.kty !== 'oct')
-        throw lazyDOMException('Invalid key type', 'DataError');
+        throw lazyDOMException('Invalid JWK "kty" Parameter', 'DataError');
 
       if (usagesSet.size > 0 &&
           keyData.use !== undefined &&
           keyData.use !== 'sig') {
-        throw lazyDOMException('Invalid use type', 'DataError');
+        throw lazyDOMException('Invalid JWK "use" Parameter', 'DataError');
       }
 
       validateKeyOps(keyData.key_ops, usagesSet);
@@ -133,32 +133,16 @@ async function hmacImportKey(
       if (keyData.ext !== undefined &&
           keyData.ext === false &&
           extractable === true) {
-        throw lazyDOMException('JWK is not extractable', 'DataError');
+        throw lazyDOMException(
+          'JWK "ext" Parameter and extractable mismatch',
+          'DataError');
       }
 
       if (keyData.alg !== undefined) {
-        if (typeof keyData.alg !== 'string')
-          throw lazyDOMException('Invalid alg', 'DataError');
-        switch (keyData.alg) {
-          case 'HS1':
-            if (algorithm.hash.name !== 'SHA-1')
-              throw lazyDOMException('Digest algorithm mismatch', 'DataError');
-            break;
-          case 'HS256':
-            if (algorithm.hash.name !== 'SHA-256')
-              throw lazyDOMException('Digest algorithm mismatch', 'DataError');
-            break;
-          case 'HS384':
-            if (algorithm.hash.name !== 'SHA-384')
-              throw lazyDOMException('Digest algorithm mismatch', 'DataError');
-            break;
-          case 'HS512':
-            if (algorithm.hash.name !== 'SHA-512')
-              throw lazyDOMException('Digest algorithm mismatch', 'DataError');
-            break;
-          default:
-            throw lazyDOMException('Unsupported digest algorithm', 'DataError');
-        }
+        if (keyData.alg !== getAlgorithmName(algorithm.hash.name))
+          throw lazyDOMException(
+            'JWK "alg" does not match the requested algorithm',
+            'DataError');
       }
 
       const handle = new KeyObjectHandle();
diff --git a/lib/internal/crypto/pbkdf2.js b/lib/internal/crypto/pbkdf2.js
index ce65c9b6ebb7bb..b7a144938332ba 100644
--- a/lib/internal/crypto/pbkdf2.js
+++ b/lib/internal/crypto/pbkdf2.js
@@ -2,7 +2,6 @@
 
 const {
   FunctionPrototypeCall,
-  Promise,
 } = primordials;
 
 const { Buffer } = require('buffer');
@@ -16,13 +15,9 @@ const {
 const {
   validateCallback,
   validateInt32,
-  validateInteger,
   validateString,
-  validateUint32,
 } = require('internal/validators');
 
-const { ERR_MISSING_OPTION } = require('internal/errors').codes;
-
 const {
   getArrayBufferOrView,
   getDefaultEncoding,
@@ -32,6 +27,7 @@ const {
 
 const {
   lazyDOMException,
+  promisify,
 } = require('internal/util');
 
 function pbkdf2(password, salt, iterations, keylen, digest, callback) {
@@ -100,43 +96,38 @@ function check(password, salt, iterations, keylen, digest) {
   return { password, salt, iterations, keylen, digest };
 }
 
+const pbkdf2Promise = promisify(pbkdf2);
 async function pbkdf2DeriveBits(algorithm, baseKey, length) {
-  const { iterations } = algorithm;
-  let { hash } = algorithm;
-  const salt = getArrayBufferOrView(algorithm.salt, 'algorithm.salt');
-  if (hash === undefined)
-    throw new ERR_MISSING_OPTION('algorithm.hash');
-  validateInteger(iterations, 'algorithm.iterations');
+  const { iterations, hash, salt } = algorithm;
   if (iterations === 0)
     throw lazyDOMException(
       'iterations cannot be zero',
       'OperationError');
 
-  hash = normalizeHashName(hash.name);
-
   const raw = baseKey[kKeyObject].export();
 
-  let byteLength = 64;  // the default
-  if (length !== undefined) {
-    if (length === 0)
-      throw lazyDOMException('length cannot be zero', 'OperationError');
-    if (length === null)
-      throw lazyDOMException('length cannot be null', 'OperationError');
-    validateUint32(length, 'length');
-    if (length % 8) {
-      throw lazyDOMException(
-        'length must be a multiple of 8',
-        'OperationError');
-    }
-    byteLength = length / 8;
+  if (length === 0)
+    throw lazyDOMException('length cannot be zero', 'OperationError');
+  if (length === null)
+    throw lazyDOMException('length cannot be null', 'OperationError');
+  if (length % 8) {
+    throw lazyDOMException(
+      'length must be a multiple of 8',
+      'OperationError');
+  }
+
+  let result;
+  try {
+    result = await pbkdf2Promise(
+      raw, salt, iterations, length / 8, normalizeHashName(hash.name),
+    );
+  } catch (err) {
+    throw lazyDOMException(
+      'The operation failed for an operation-specific reason',
+      { name: 'OperationError', cause: err });
   }
 
-  return new Promise((resolve, reject) => {
-    pbkdf2(raw, salt, iterations, byteLength, hash, (err, result) => {
-      if (err) return reject(err);
-      resolve(result.buffer);
-    });
-  });
+  return result.buffer;
 }
 
 module.exports = {
diff --git a/lib/internal/crypto/rsa.js b/lib/internal/crypto/rsa.js
index dad158a264e7cd..b61029b8dbf9b5 100644
--- a/lib/internal/crypto/rsa.js
+++ b/lib/internal/crypto/rsa.js
@@ -21,21 +21,12 @@ const {
   RSA_PKCS1_PSS_PADDING,
 } = internalBinding('crypto');
 
-const {
-  codes: {
-    ERR_INVALID_ARG_TYPE,
-    ERR_MISSING_OPTION,
-  }
-} = require('internal/errors');
-
 const {
   validateInt32,
-  validateUint32,
 } = require('internal/validators');
 
 const {
   bigIntArrayToUnsignedInt,
-  getArrayBufferOrView,
   getUsagesUnion,
   hasAnyNotIn,
   jobPromise,
@@ -51,10 +42,6 @@ const {
   promisify,
 } = require('internal/util');
 
-const {
-  isUint8Array,
-} = require('internal/util/types');
-
 const {
   InternalCryptoKey,
   PrivateKeyObject,
@@ -112,7 +99,6 @@ function rsaOaepCipher(mode, key, data, { label }) {
       'InvalidAccessError');
   }
   if (label !== undefined) {
-    label = getArrayBufferOrView(label, 'algorithm.label');
     validateMaxBufferLength(label, 'algorithm.label');
   }
 
@@ -138,16 +124,6 @@ async function rsaKeyGenerate(
     hash
   } = algorithm;
 
-  if (hash === undefined)
-    throw new ERR_MISSING_OPTION('algorithm.hash');
-  validateUint32(modulusLength, 'algorithm.modulusLength');
-  if (!isUint8Array(publicExponent)) {
-    throw new ERR_INVALID_ARG_TYPE(
-      'algorithm.publicExponent',
-      'Uint8Array',
-      publicExponent);
-  }
-
   const usageSet = new SafeSet(keyUsages);
 
   const publicExponentConverted = bigIntArrayToUnsignedInt(publicExponent);
@@ -237,10 +213,6 @@ async function rsaImportKey(
   algorithm,
   extractable,
   keyUsages) {
-  const { hash } = algorithm;
-  if (hash === undefined)
-    throw new ERR_MISSING_OPTION('algorithm.hash');
-
   const usagesSet = new SafeSet(keyUsages);
   let keyObject;
   switch (format) {
@@ -273,21 +245,21 @@ async function rsaImportKey(
       break;
     }
     case 'jwk': {
-      if (keyData == null || typeof keyData !== 'object')
-        throw lazyDOMException('Invalid JWK keyData', 'DataError');
+      if (!keyData.kty)
+        throw lazyDOMException('Invalid keyData', 'DataError');
+
+      if (keyData.kty !== 'RSA')
+        throw lazyDOMException('Invalid JWK "kty" Parameter', 'DataError');
 
       verifyAcceptableRsaKeyUse(
         algorithm.name,
         keyData.d !== undefined ? 'private' : 'public',
         usagesSet);
 
-      if (keyData.kty !== 'RSA')
-        throw lazyDOMException('Invalid key type', 'DataError');
-
       if (usagesSet.size > 0 && keyData.use !== undefined) {
         const checkUse = algorithm.name === 'RSA-OAEP' ? 'enc' : 'sig';
         if (keyData.use !== checkUse)
-          throw lazyDOMException('Invalid use type', 'DataError');
+          throw lazyDOMException('Invalid JWK "use" Parameter', 'DataError');
       }
 
       validateKeyOps(keyData.key_ops, usagesSet);
@@ -295,22 +267,24 @@ async function rsaImportKey(
       if (keyData.ext !== undefined &&
           keyData.ext === false &&
           extractable === true) {
-        throw lazyDOMException('JWK is not extractable', 'DataError');
+        throw lazyDOMException(
+          'JWK "ext" Parameter and extractable mismatch',
+          'DataError');
       }
 
       if (keyData.alg !== undefined) {
-        if (typeof keyData.alg !== 'string')
-          throw lazyDOMException('Invalid alg', 'DataError');
         const hash =
           normalizeHashName(keyData.alg, normalizeHashName.kContextWebCrypto);
         if (hash !== algorithm.hash.name)
-          throw lazyDOMException('Hash mismatch', 'DataError');
+          throw lazyDOMException(
+            'JWK "alg" does not match the requested algorithm',
+            'DataError');
       }
 
       const handle = new KeyObjectHandle();
       const type = handle.initJwk(keyData);
       if (type === undefined)
-        throw lazyDOMException('Invalid JWK keyData', 'DataError');
+        throw lazyDOMException('Invalid JWK', 'DataError');
 
       keyObject = type === kKeyTypePrivate ?
         new PrivateKeyObject(handle) :
diff --git a/lib/internal/crypto/util.js b/lib/internal/crypto/util.js
index 831fdd597eeede..907431c8f3a539 100644
--- a/lib/internal/crypto/util.js
+++ b/lib/internal/crypto/util.js
@@ -1,15 +1,26 @@
 'use strict';
 
 const {
+  ArrayBufferIsView,
+  ArrayBufferPrototypeGetByteLength,
   ArrayPrototypeIncludes,
   ArrayPrototypePush,
   BigInt,
+  DataViewPrototypeGetBuffer,
+  DataViewPrototypeGetByteLength,
+  DataViewPrototypeGetByteOffset,
   FunctionPrototypeBind,
   Number,
   ObjectKeys,
+  ObjectPrototypeHasOwnProperty,
   Promise,
-  StringPrototypeToLowerCase,
+  StringPrototypeToUpperCase,
   Symbol,
+  TypedArrayPrototypeGetBuffer,
+  TypedArrayPrototypeGetByteLength,
+  TypedArrayPrototypeGetByteOffset,
+  TypedArrayPrototypeSlice,
+  Uint8Array,
 } = primordials;
 
 const {
@@ -55,6 +66,7 @@ const {
 } = require('internal/util');
 
 const {
+  isDataView,
   isArrayBufferView,
   isAnyArrayBuffer,
 } = require('internal/util/types');
@@ -147,40 +159,6 @@ const kNamedCurveAliases = {
 
 const kAesKeyLengths = [128, 192, 256];
 
-// These are the only algorithms we currently support
-// via the Web Crypto API
-const kAlgorithms = {
-  'rsassa-pkcs1-v1_5': 'RSASSA-PKCS1-v1_5',
-  'rsa-pss': 'RSA-PSS',
-  'rsa-oaep': 'RSA-OAEP',
-  'ecdsa': 'ECDSA',
-  'ecdh': 'ECDH',
-  'aes-ctr': 'AES-CTR',
-  'aes-cbc': 'AES-CBC',
-  'aes-gcm': 'AES-GCM',
-  'aes-kw': 'AES-KW',
-  'hmac': 'HMAC',
-  'sha-1': 'SHA-1',
-  'sha-256': 'SHA-256',
-  'sha-384': 'SHA-384',
-  'sha-512': 'SHA-512',
-  'hkdf': 'HKDF',
-  'pbkdf2': 'PBKDF2',
-  'ed25519': 'Ed25519',
-  'ed448': 'Ed448',
-  'x25519': 'X25519',
-  'x448': 'X448',
-};
-const kAlgorithmsKeys = ObjectKeys(kAlgorithms);
-
-// These are the only export and import formats we currently
-// support via the Web Crypto API
-const kExportFormats = [
-  'raw',
-  'pkcs8',
-  'spki',
-  'jwk'];
-
 // These are the only hash algorithms we currently support via
 // the Web Crypto API.
 const kHashTypes = [
@@ -190,6 +168,119 @@ const kHashTypes = [
   'SHA-512',
 ];
 
+const kSupportedAlgorithms = {
+  'digest': {
+    'SHA-1': null,
+    'SHA-256': null,
+    'SHA-384': null,
+    'SHA-512': null,
+  },
+  'generateKey': {
+    'RSASSA-PKCS1-v1_5': 'RsaHashedKeyGenParams',
+    'RSA-PSS': 'RsaHashedKeyGenParams',
+    'RSA-OAEP': 'RsaHashedKeyGenParams',
+    'ECDSA': 'EcKeyGenParams',
+    'ECDH': 'EcKeyGenParams',
+    'AES-CTR': 'AesKeyGenParams',
+    'AES-CBC': 'AesKeyGenParams',
+    'AES-GCM': 'AesKeyGenParams',
+    'AES-KW': 'AesKeyGenParams',
+    'HMAC': 'HmacKeyGenParams',
+    'X25519': null,
+    'Ed25519': null,
+    'X448': null,
+    'Ed448': null,
+  },
+  'sign': {
+    'RSASSA-PKCS1-v1_5': null,
+    'RSA-PSS': 'RsaPssParams',
+    'ECDSA': 'EcdsaParams',
+    'HMAC': null,
+    'Ed25519': null,
+    'Ed448': 'Ed448Params',
+  },
+  'verify': {
+    'RSASSA-PKCS1-v1_5': null,
+    'RSA-PSS': 'RsaPssParams',
+    'ECDSA': 'EcdsaParams',
+    'HMAC': null,
+    'Ed25519': null,
+    'Ed448': 'Ed448Params',
+  },
+  'importKey': {
+    'RSASSA-PKCS1-v1_5': 'RsaHashedImportParams',
+    'RSA-PSS': 'RsaHashedImportParams',
+    'RSA-OAEP': 'RsaHashedImportParams',
+    'ECDSA': 'EcKeyImportParams',
+    'ECDH': 'EcKeyImportParams',
+    'HMAC': 'HmacImportParams',
+    'HKDF': null,
+    'PBKDF2': null,
+    'AES-CTR': null,
+    'AES-CBC': null,
+    'AES-GCM': null,
+    'AES-KW': null,
+    'Ed25519': null,
+    'X25519': null,
+    'Ed448': null,
+    'X448': null,
+  },
+  'deriveBits': {
+    'HKDF': 'HkdfParams',
+    'PBKDF2': 'Pbkdf2Params',
+    'ECDH': 'EcdhKeyDeriveParams',
+    'X25519': 'EcdhKeyDeriveParams',
+    'X448': 'EcdhKeyDeriveParams',
+  },
+  'encrypt': {
+    'RSA-OAEP': 'RsaOaepParams',
+    'AES-CBC': 'AesCbcParams',
+    'AES-GCM': 'AesGcmParams',
+    'AES-CTR': 'AesCtrParams',
+  },
+  'decrypt': {
+    'RSA-OAEP': 'RsaOaepParams',
+    'AES-CBC': 'AesCbcParams',
+    'AES-GCM': 'AesGcmParams',
+    'AES-CTR': 'AesCtrParams',
+  },
+  'get key length': {
+    'AES-CBC': 'AesDerivedKeyParams',
+    'AES-CTR': 'AesDerivedKeyParams',
+    'AES-GCM': 'AesDerivedKeyParams',
+    'AES-KW': 'AesDerivedKeyParams',
+    'HMAC': 'HmacImportParams',
+    'HKDF': null,
+    'PBKDF2': null,
+  },
+  'wrapKey': {
+    'AES-KW': null,
+  },
+  'unwrapKey': {
+    'AES-KW': null,
+  },
+};
+
+const simpleAlgorithmDictionaries = {
+  AesGcmParams: { iv: 'BufferSource', additionalData: 'BufferSource' },
+  RsaHashedKeyGenParams: { hash: 'HashAlgorithmIdentifier' },
+  EcKeyGenParams: {},
+  HmacKeyGenParams: { hash: 'HashAlgorithmIdentifier' },
+  RsaPssParams: {},
+  EcdsaParams: { hash: 'HashAlgorithmIdentifier' },
+  HmacImportParams: { hash: 'HashAlgorithmIdentifier' },
+  HkdfParams: {
+    hash: 'HashAlgorithmIdentifier',
+    salt: 'BufferSource',
+    info: 'BufferSource',
+  },
+  Ed448Params: { context: 'BufferSource' },
+  Pbkdf2Params: { hash: 'HashAlgorithmIdentifier', salt: 'BufferSource' },
+  RsaOaepParams: { label: 'BufferSource' },
+  RsaHashedImportParams: { hash: 'HashAlgorithmIdentifier' },
+  EcKeyImportParams: {},
+};
+
 function validateMaxBufferLength(data, name) {
   if (data.byteLength > kMaxBufferLength) {
     throw lazyDOMException(
@@ -198,36 +289,99 @@ function validateMaxBufferLength(data, name) {
   }
 }
 
-function normalizeAlgorithm(algorithm) {
-  if (algorithm != null) {
-    if (typeof algorithm === 'string')
-      algorithm = { name: algorithm };
-
-    if (typeof algorithm === 'object') {
-      const { name } = algorithm;
-      if (typeof name !== 'string' ||
-          !ArrayPrototypeIncludes(
-            kAlgorithmsKeys,
-            StringPrototypeToLowerCase(name))) {
-        throw lazyDOMException('Unrecognized name.', 'NotSupportedError');
-      }
-      let { hash } = algorithm;
-      if (hash !== undefined) {
-        hash = normalizeAlgorithm(hash);
-        if (!ArrayPrototypeIncludes(kHashTypes, hash.name))
-          throw lazyDOMException('Unrecognized name.', 'NotSupportedError');
-      }
-      const normalized = {
-        ...algorithm,
-        name: kAlgorithms[StringPrototypeToLowerCase(name)],
-      };
-      if (hash) {
-        normalized.hash = hash;
-      }
-      return normalized;
+let webidl;
+
+// https://w3c.github.io/webcrypto/#algorithm-normalization-normalize-an-algorithm
+// adapted for Node.js from Deno's implementation
+// https://github.com/denoland/deno/blob/v1.29.1/ext/crypto/00_crypto.js#L195
+function normalizeAlgorithm(algorithm, op) {
+  if (typeof algorithm === 'string')
+    return normalizeAlgorithm({ name: algorithm }, op);
+
+  webidl ??= require('internal/crypto/webidl');
+
+  // 1.
+  const registeredAlgorithms = kSupportedAlgorithms[op];
+  // 2. 3.
+  const initialAlg = webidl.converters.Algorithm(algorithm, {
+    prefix: 'Failed to normalize algorithm',
+    context: 'passed algorithm',
+  });
+  // 4.
+  let algName = initialAlg.name;
+
+  // 5.
+  let desiredType;
+  for (const key in registeredAlgorithms) {
+    if (!ObjectPrototypeHasOwnProperty(registeredAlgorithms, key)) {
+      continue;
+    }
+    if (
+      StringPrototypeToUpperCase(key) === StringPrototypeToUpperCase(algName)
+    ) {
+      algName = key;
+      desiredType = registeredAlgorithms[key];
+    }
+  }
+  if (desiredType === undefined)
+    throw lazyDOMException('Unrecognized algorithm name', 'NotSupportedError');
+
+  // Fast path everything below if the registered dictionary is null
+  if (desiredType === null)
+    return { name: algName };
+
+  // 6.
+  const normalizedAlgorithm = webidl.converters[desiredType](algorithm, {
+    prefix: 'Failed to normalize algorithm',
+    context: 'passed algorithm',
+  });
+  // 7.
+  normalizedAlgorithm.name = algName;
+
+  // 9.
+  const dict = simpleAlgorithmDictionaries[desiredType];
+  // 10.
+  const dictKeys = dict ? ObjectKeys(dict) : [];
+  for (let i = 0; i < dictKeys.length; i++) {
+    const member = dictKeys[i];
+    if (!ObjectPrototypeHasOwnProperty(dict, member))
+      continue;
+    const idlType = dict[member];
+    const idlValue = normalizedAlgorithm[member];
+    // 3.
+    if (idlType === 'BufferSource' && idlValue) {
+      const isView = ArrayBufferIsView(idlValue);
+      normalizedAlgorithm[member] = TypedArrayPrototypeSlice(
+        new Uint8Array(
+          isView ? getDataViewOrTypedArrayBuffer(idlValue) : idlValue,
+          isView ? getDataViewOrTypedArrayByteOffset(idlValue) : 0,
+          isView ? getDataViewOrTypedArrayByteLength(idlValue) : ArrayBufferPrototypeGetByteLength(idlValue),
+        ),
+      );
+    } else if (idlType === 'HashAlgorithmIdentifier') {
+      normalizedAlgorithm[member] = normalizeAlgorithm(idlValue, 'digest');
+    } else if (idlType === 'AlgorithmIdentifier') {
+      // This extension point is not used by any supported algorithm (yet?)
+      throw lazyDOMException('Not implemented.', 'NotSupportedError');
     }
   }
-  throw lazyDOMException('Unrecognized name.', 'NotSupportedError');
+
+  return normalizedAlgorithm;
+}
+
+function getDataViewOrTypedArrayBuffer(V) {
+  return isDataView(V) ?
+    DataViewPrototypeGetBuffer(V) : TypedArrayPrototypeGetBuffer(V);
+}
+
+function getDataViewOrTypedArrayByteOffset(V) {
+  return isDataView(V) ?
+    DataViewPrototypeGetByteOffset(V) : TypedArrayPrototypeGetByteOffset(V);
+}
+
+function getDataViewOrTypedArrayByteLength(V) {
+  return isDataView(V) ?
+    DataViewPrototypeGetByteLength(V) : TypedArrayPrototypeGetByteLength(V);
 }
 
 function hasAnyNotIn(set, checks) {
@@ -412,6 +566,7 @@ module.exports = {
   getArrayBufferOrView,
   getCiphers,
   getCurves,
+  getDataViewOrTypedArrayBuffer,
   getDefaultEncoding,
   getHashes,
   kHandle,
@@ -423,7 +578,6 @@ module.exports = {
   kHashTypes,
   kNamedCurveAliases,
   kAesKeyLengths,
-  kExportFormats,
   normalizeAlgorithm,
   normalizeHashName,
   hasAnyNotIn,
diff --git a/lib/internal/crypto/webcrypto.js b/lib/internal/crypto/webcrypto.js
index bfc36bbb20a98b..26fbd856486261 100644
--- a/lib/internal/crypto/webcrypto.js
+++ b/lib/internal/crypto/webcrypto.js
@@ -9,7 +9,6 @@ const {
   ReflectConstruct,
   SafeSet,
   SymbolToStringTag,
-  StringPrototypeRepeat,
 } = primordials;
 
 const {
@@ -20,20 +19,11 @@ const {
   kWebCryptoCipherDecrypt,
 } = internalBinding('crypto');
 
-const {
-  validateArray,
-  validateBoolean,
-  validateObject,
-  validateOneOf,
-  validateString,
-} = require('internal/validators');
-
 const { TextDecoder, TextEncoder } = require('internal/encoding');
 
 const {
   codes: {
     ERR_ILLEGAL_CONSTRUCTOR,
-    ERR_INVALID_ARG_TYPE,
     ERR_INVALID_THIS,
   }
 } = require('internal/errors');
@@ -42,7 +32,6 @@ const {
   CryptoKey,
   InternalCryptoKey,
   createSecretKey,
-  isCryptoKey,
 } = require('internal/crypto/keys');
 
 const {
@@ -50,14 +39,12 @@ const {
 } = require('internal/crypto/hash');
 
 const {
-  getArrayBufferOrView,
   getBlockSize,
   hasAnyNotIn,
   lazyRequire,
   normalizeAlgorithm,
   normalizeHashName,
   validateMaxBufferLength,
-  kExportFormats,
   kHandle,
   kKeyObject,
 } = require('internal/crypto/util');
@@ -72,9 +59,26 @@ const {
   randomUUID: _randomUUID,
 } = require('internal/crypto/random');
 
+let webidl;
+
 async function digest(algorithm, data) {
   if (this !== subtle) throw new ERR_INVALID_THIS('SubtleCrypto');
-  return ReflectApply(asyncDigest, this, arguments);
+
+  webidl ??= require('internal/crypto/webidl');
+  const prefix = "Failed to execute 'digest' on 'SubtleCrypto'";
+  webidl.requiredArguments(arguments.length, 2, { prefix });
+  algorithm = webidl.converters.AlgorithmIdentifier(algorithm, {
+    prefix,
+    context: '1st argument',
+  });
+  data = webidl.converters.BufferSource(data, {
+    prefix,
+    context: '2nd argument',
+  });
+
+  algorithm = normalizeAlgorithm(algorithm, 'digest');
+
+  return ReflectApply(asyncDigest, this, [algorithm, data]);
 }
 
 function randomUUID() {
@@ -87,9 +91,24 @@ async function generateKey(
   extractable,
   keyUsages) {
   if (this !== subtle) throw new ERR_INVALID_THIS('SubtleCrypto');
-  algorithm = normalizeAlgorithm(algorithm);
-  validateBoolean(extractable, 'extractable');
-  validateArray(keyUsages, 'keyUsages');
+
+  webidl ??= require('internal/crypto/webidl');
+  const prefix = "Failed to execute 'generateKey' on 'SubtleCrypto'";
+  webidl.requiredArguments(arguments.length, 3, { prefix });
+  algorithm = webidl.converters.AlgorithmIdentifier(algorithm, {
+    prefix,
+    context: '1st argument',
+  });
+  extractable = webidl.converters.boolean(extractable, {
+    prefix,
+    context: '2nd argument',
+  });
+  keyUsages = webidl.converters['sequence<KeyUsage>'](keyUsages, {
+    prefix,
+    context: '3rd argument',
+  });
+
+  algorithm = normalizeAlgorithm(algorithm, 'generateKey');
   let result;
   let resultType;
   switch (algorithm.name) {
@@ -137,7 +156,7 @@ async function generateKey(
         .aesGenerateKey(algorithm, extractable, keyUsages);
       break;
     default:
-      throw lazyDOMException('Unrecognized name.');
+      throw lazyDOMException('Unrecognized algorithm name', 'NotSupportedError');
   }
 
   if (
@@ -156,9 +175,26 @@ async function generateKey(
 
 async function deriveBits(algorithm, baseKey, length) {
   if (this !== subtle) throw new ERR_INVALID_THIS('SubtleCrypto');
-  algorithm = normalizeAlgorithm(algorithm);
-  if (!isCryptoKey(baseKey))
-    throw new ERR_INVALID_ARG_TYPE('baseKey', 'CryptoKey', baseKey);
+
+  webidl ??= require('internal/crypto/webidl');
+  const prefix = "Failed to execute 'deriveBits' on 'SubtleCrypto'";
+  webidl.requiredArguments(arguments.length, 3, { prefix });
+  algorithm = webidl.converters.AlgorithmIdentifier(algorithm, {
+    prefix,
+    context: '1st argument',
+  });
+  baseKey = webidl.converters.CryptoKey(baseKey, {
+    prefix,
+    context: '2nd argument',
+  });
+  if (length !== null) {
+    length = webidl.converters['unsigned long'](length, {
+      prefix,
+      context: '3rd argument',
+    });
+  }
+
+  algorithm = normalizeAlgorithm(algorithm, 'deriveBits');
   if (!ArrayPrototypeIncludes(baseKey.usages, 'deriveBits')) {
     throw lazyDOMException(
       'baseKey does not have deriveBits usage',
@@ -181,7 +217,7 @@ async function deriveBits(algorithm, baseKey, length) {
       return lazyRequire('internal/crypto/pbkdf2')
         .pbkdf2DeriveBits(algorithm, baseKey, length);
   }
-  throw lazyDOMException('Unrecognized name.');
+  throw lazyDOMException('Unrecognized algorithm name', 'NotSupportedError');
 }
 
 function getKeyLength({ name, length, hash }) {
@@ -217,10 +253,33 @@ async function deriveKey(
   extractable,
   keyUsages) {
   if (this !== subtle) throw new ERR_INVALID_THIS('SubtleCrypto');
-  algorithm = normalizeAlgorithm(algorithm);
-  derivedKeyAlgorithm = normalizeAlgorithm(derivedKeyAlgorithm);
-  if (!isCryptoKey(baseKey))
-    throw new ERR_INVALID_ARG_TYPE('baseKey', 'CryptoKey', baseKey);
+
+  webidl ??= require('internal/crypto/webidl');
+  const prefix = "Failed to execute 'deriveKey' on 'SubtleCrypto'";
+  webidl.requiredArguments(arguments.length, 5, { prefix });
+  algorithm = webidl.converters.AlgorithmIdentifier(algorithm, {
+    prefix,
+    context: '1st argument',
+  });
+  baseKey = webidl.converters.CryptoKey(baseKey, {
+    prefix,
+    context: '2nd argument',
+  });
+  derivedKeyAlgorithm = webidl.converters.AlgorithmIdentifier(derivedKeyAlgorithm, {
+    prefix,
+    context: '3rd argument',
+  });
+  extractable = webidl.converters.boolean(extractable, {
+    prefix,
+    context: '4th argument',
+  });
+  keyUsages = webidl.converters['sequence<KeyUsage>'](keyUsages, {
+    prefix,
+    context: '5th argument',
+  });
+
+  algorithm = normalizeAlgorithm(algorithm, 'deriveBits');
+  derivedKeyAlgorithm = normalizeAlgorithm(derivedKeyAlgorithm, 'importKey');
   if (!ArrayPrototypeIncludes(baseKey.usages, 'deriveKey')) {
     throw lazyDOMException(
       'baseKey does not have deriveKey usage',
@@ -228,13 +287,8 @@ async function deriveKey(
   }
   if (baseKey.algorithm.name !== algorithm.name)
     throw lazyDOMException('Key algorithm mismatch', 'InvalidAccessError');
-  validateObject(derivedKeyAlgorithm, 'derivedKeyAlgorithm', {
-    allowArray: true, allowFunction: true,
-  });
-  validateBoolean(extractable, 'extractable');
-  validateArray(keyUsages, 'keyUsages');
 
-  const length = getKeyLength(derivedKeyAlgorithm);
+  const length = getKeyLength(normalizeAlgorithm(arguments[2], 'get key length'));
   let bits;
   switch (algorithm.name) {
     case 'X25519':
@@ -254,7 +308,7 @@ async function deriveKey(
         .pbkdf2DeriveBits(algorithm, baseKey, length);
       break;
     default:
-      throw lazyDOMException('Unrecognized name.');
+      throw lazyDOMException('Unrecognized algorithm name', 'NotSupportedError');
   }
 
   return ReflectApply(
@@ -442,10 +496,18 @@ async function exportKeyJWK(key) {
 
 async function exportKey(format, key) {
   if (this !== subtle) throw new ERR_INVALID_THIS('SubtleCrypto');
-  validateString(format, 'format');
-  validateOneOf(format, 'format', kExportFormats);
-  if (!isCryptoKey(key))
-    throw new ERR_INVALID_ARG_TYPE('key', 'CryptoKey', key);
+
+  webidl ??= require('internal/crypto/webidl');
+  const prefix = "Failed to execute 'exportKey' on 'SubtleCrypto'";
+  webidl.requiredArguments(arguments.length, 2, { prefix });
+  format = webidl.converters.KeyFormat(format, {
+    prefix,
+    context: '1st argument',
+  });
+  key = webidl.converters.CryptoKey(key, {
+    prefix,
+    context: '2nd argument',
+  });
 
   if (!key.extractable)
     throw lazyDOMException('key is not extractable', 'InvalidAccessException');
@@ -511,13 +573,33 @@ async function importKey(
   extractable,
   keyUsages) {
   if (this !== subtle) throw new ERR_INVALID_THIS('SubtleCrypto');
-  validateString(format, 'format');
-  validateOneOf(format, 'format', kExportFormats);
-  if (format !== 'jwk')
-    keyData = getArrayBufferOrView(keyData, 'keyData');
-  algorithm = normalizeAlgorithm(algorithm);
-  validateBoolean(extractable, 'extractable');
-  validateArray(keyUsages, 'keyUsages');
+
+  webidl ??= require('internal/crypto/webidl');
+  const prefix = "Failed to execute 'importKey' on 'SubtleCrypto'";
+  webidl.requiredArguments(arguments.length, 4, { prefix });
+  format = webidl.converters.KeyFormat(format, {
+    prefix,
+    context: '1st argument',
+  });
+  const type = format === 'jwk' ? 'JsonWebKey' : 'BufferSource';
+  keyData = webidl.converters[type](keyData, {
+    prefix,
+    context: '2nd argument',
+  });
+  algorithm = webidl.converters.AlgorithmIdentifier(algorithm, {
+    prefix,
+    context: '3rd argument',
+  });
+  extractable = webidl.converters.boolean(extractable, {
+    prefix,
+    context: '4th argument',
+  });
+  keyUsages = webidl.converters['sequence<KeyUsage>'](keyUsages, {
+    prefix,
+    context: '5th argument',
+  });
+
+  algorithm = normalizeAlgorithm(algorithm, 'importKey');
   switch (algorithm.name) {
     case 'RSASSA-PKCS1-v1_5':
       // Fall through
@@ -563,22 +645,43 @@ async function importKey(
         keyUsages);
   }
 
-  throw lazyDOMException('Unrecognized name.', 'NotSupportedError');
+  throw lazyDOMException('Unrecognized algorithm name', 'NotSupportedError');
 }
 
 // subtle.wrapKey() is essentially a subtle.exportKey() followed
 // by a subtle.encrypt().
 async function wrapKey(format, key, wrappingKey, algorithm) {
   if (this !== subtle) throw new ERR_INVALID_THIS('SubtleCrypto');
-  algorithm = normalizeAlgorithm(algorithm);
+
+  webidl ??= require('internal/crypto/webidl');
+  const prefix = "Failed to execute 'wrapKey' on 'SubtleCrypto'";
+  webidl.requiredArguments(arguments.length, 4, { prefix });
+  format = webidl.converters.KeyFormat(format, {
+    prefix,
+    context: '1st argument',
+  });
+  key = webidl.converters.CryptoKey(key, {
+    prefix,
+    context: '2nd argument',
+  });
+  wrappingKey = webidl.converters.CryptoKey(wrappingKey, {
+    prefix,
+    context: '3rd argument',
+  });
+  algorithm = webidl.converters.AlgorithmIdentifier(algorithm, {
+    prefix,
+    context: '4th argument',
+  });
+
+  try {
+    algorithm = normalizeAlgorithm(algorithm, 'wrapKey');
+  } catch {
+    algorithm = normalizeAlgorithm(algorithm, 'encrypt');
+  }
   let keyData = await ReflectApply(exportKey, this, [format, key]);
 
   if (format === 'jwk') {
-    if (keyData == null || typeof keyData !== 'object')
-      throw lazyDOMException('Invalid exported JWK key', 'DataError');
-    const ec = new TextEncoder();
-    const raw = JSONStringify(keyData);
-    keyData = ec.encode(raw + StringPrototypeRepeat(' ', 8 - (raw.length % 8)));
+    keyData = new TextEncoder().encode(JSONStringify(keyData));
   }
 
   return cipherOrWrap(
@@ -600,8 +703,48 @@ async function unwrapKey(
   extractable,
   keyUsages) {
   if (this !== subtle) throw new ERR_INVALID_THIS('SubtleCrypto');
-  wrappedKey = getArrayBufferOrView(wrappedKey, 'wrappedKey');
-  unwrapAlgo = normalizeAlgorithm(unwrapAlgo);
+
+  webidl ??= require('internal/crypto/webidl');
+  const prefix = "Failed to execute 'unwrapKey' on 'SubtleCrypto'";
+  webidl.requiredArguments(arguments.length, 7, { prefix });
+  format = webidl.converters.KeyFormat(format, {
+    prefix,
+    context: '1st argument',
+  });
+  wrappedKey = webidl.converters.BufferSource(wrappedKey, {
+    prefix,
+    context: '2nd argument',
+  });
+  unwrappingKey = webidl.converters.CryptoKey(unwrappingKey, {
+    prefix,
+    context: '3rd argument',
+  });
+  unwrapAlgo = webidl.converters.AlgorithmIdentifier(unwrapAlgo, {
+    prefix,
+    context: '4th argument',
+  });
+  unwrappedKeyAlgo = webidl.converters.AlgorithmIdentifier(
+    unwrappedKeyAlgo,
+    {
+      prefix,
+      context: '5th argument',
+    },
+  );
+  extractable = webidl.converters.boolean(extractable, {
+    prefix,
+    context: '6th argument',
+  });
+  keyUsages = webidl.converters['sequence<KeyUsage>'](keyUsages, {
+    prefix,
+    context: '7th argument',
+  });
+
+  try {
+    unwrapAlgo = normalizeAlgorithm(unwrapAlgo, 'unwrapKey');
+  } catch {
+    unwrapAlgo = normalizeAlgorithm(unwrapAlgo, 'decrypt');
+  }
+
   let keyData = await cipherOrWrap(
     kWebCryptoCipherDecrypt,
     unwrapAlgo,
@@ -617,7 +760,7 @@ async function unwrapKey(
     try {
       keyData = JSONParse(dec.decode(keyData));
     } catch {
-      throw lazyDOMException('Invalid imported JWK key', 'DataError');
+      throw lazyDOMException('Invalid wrapped JWK key', 'DataError');
     }
   }
 
@@ -629,15 +772,11 @@ async function unwrapKey(
 }
 
 function signVerify(algorithm, key, data, signature) {
-  algorithm = normalizeAlgorithm(algorithm);
-  if (!isCryptoKey(key))
-    throw new ERR_INVALID_ARG_TYPE('key', 'CryptoKey', key);
-  data = getArrayBufferOrView(data, 'data');
   let usage = 'sign';
   if (signature !== undefined) {
-    signature = getArrayBufferOrView(signature, 'signature');
     usage = 'verify';
   }
+  algorithm = normalizeAlgorithm(algorithm, usage);
 
   if (!ArrayPrototypeIncludes(key.usages, usage) ||
       algorithm.name !== key.algorithm.name) {
@@ -665,26 +804,61 @@ function signVerify(algorithm, key, data, signature) {
       return lazyRequire('internal/crypto/mac')
         .hmacSignVerify(key, data, algorithm, signature);
   }
-  throw lazyDOMException('Unrecognized named.', 'NotSupportedError');
+  throw lazyDOMException('Unrecognized algorithm name', 'NotSupportedError');
 }
 
 async function sign(algorithm, key, data) {
   if (this !== subtle) throw new ERR_INVALID_THIS('SubtleCrypto');
+
+  webidl ??= require('internal/crypto/webidl');
+  const prefix = "Failed to execute 'sign' on 'SubtleCrypto'";
+  webidl.requiredArguments(arguments.length, 3, { prefix });
+  algorithm = webidl.converters.AlgorithmIdentifier(algorithm, {
+    prefix,
+    context: '1st argument',
+  });
+  key = webidl.converters.CryptoKey(key, {
+    prefix,
+    context: '2nd argument',
+  });
+  data = webidl.converters.BufferSource(data, {
+    prefix,
+    context: '3rd argument',
+  });
+
   return signVerify(algorithm, key, data);
 }
 
 async function verify(algorithm, key, signature, data) {
   if (this !== subtle) throw new ERR_INVALID_THIS('SubtleCrypto');
+
+  webidl ??= require('internal/crypto/webidl');
+  const prefix = "Failed to execute 'verify' on 'SubtleCrypto'";
+  webidl.requiredArguments(arguments.length, 4, { prefix });
+  algorithm = webidl.converters.AlgorithmIdentifier(algorithm, {
+    prefix,
+    context: '1st argument',
+  });
+  key = webidl.converters.CryptoKey(key, {
+    prefix,
+    context: '2nd argument',
+  });
+  signature = webidl.converters.BufferSource(signature, {
+    prefix,
+    context: '3rd argument',
+  });
+  data = webidl.converters.BufferSource(data, {
+    prefix,
+    context: '4th argument',
+  });
+
   return signVerify(algorithm, key, data, signature);
 }
 
 async function cipherOrWrap(mode, algorithm, key, data, op) {
-  algorithm = normalizeAlgorithm(algorithm);
   // We use a Node.js style error here instead of a DOMException because
   // the WebCrypto spec is not specific what kind of error is to be thrown
   // in this case. Both Firefox and Chrome throw simple TypeErrors here.
-  if (!isCryptoKey(key))
-    throw new ERR_INVALID_ARG_TYPE('key', 'CryptoKey', key);
   // The key algorithm and cipher algorithm must match, and the
   // key must have the proper usage.
   if (key.algorithm.name !== algorithm.name ||
@@ -694,10 +868,6 @@ async function cipherOrWrap(mode, algorithm, key, data, op) {
       'InvalidAccessError');
   }
 
-  // For the Web Crypto API, the input data can be any ArrayBuffer,
-  // TypedArray, or DataView.
-  data = getArrayBufferOrView(data, 'data');
-
   // While WebCrypto allows for larger input buffer sizes, we limit
   // those to sizes that can fit within uint32_t because of limitations
   // in the OpenSSL API.
@@ -720,16 +890,52 @@ async function cipherOrWrap(mode, algorithm, key, data, op) {
           .aesCipher(mode, key, data, algorithm);
       }
   }
-  throw lazyDOMException('Unrecognized name.', 'NotSupportedError');
+  throw lazyDOMException('Unrecognized algorithm name', 'NotSupportedError');
 }
 
 async function encrypt(algorithm, key, data) {
   if (this !== subtle) throw new ERR_INVALID_THIS('SubtleCrypto');
+
+  webidl ??= require('internal/crypto/webidl');
+  const prefix = "Failed to execute 'encrypt' on 'SubtleCrypto'";
+  webidl.requiredArguments(arguments.length, 3, { prefix });
+  algorithm = webidl.converters.AlgorithmIdentifier(algorithm, {
+    prefix,
+    context: '1st argument',
+  });
+  key = webidl.converters.CryptoKey(key, {
+    prefix,
+    context: '2nd argument',
+  });
+  data = webidl.converters.BufferSource(data, {
+    prefix,
+    context: '3rd argument',
+  });
+
+  algorithm = normalizeAlgorithm(algorithm, 'encrypt');
   return cipherOrWrap(kWebCryptoCipherEncrypt, algorithm, key, data, 'encrypt');
 }
 
 async function decrypt(algorithm, key, data) {
   if (this !== subtle) throw new ERR_INVALID_THIS('SubtleCrypto');
+
+  webidl ??= require('internal/crypto/webidl');
+  const prefix = "Failed to execute 'decrypt' on 'SubtleCrypto'";
+  webidl.requiredArguments(arguments.length, 3, { prefix });
+  algorithm = webidl.converters.AlgorithmIdentifier(algorithm, {
+    prefix,
+    context: '1st argument',
+  });
+  key = webidl.converters.CryptoKey(key, {
+    prefix,
+    context: '2nd argument',
+  });
+  data = webidl.converters.BufferSource(data, {
+    prefix,
+    context: '3rd argument',
+  });
+
+  algorithm = normalizeAlgorithm(algorithm, 'decrypt');
   return cipherOrWrap(kWebCryptoCipherDecrypt, algorithm, key, data, 'decrypt');
 }
 
@@ -757,6 +963,11 @@ const crypto = ReflectConstruct(function() {}, [], Crypto);
 
 function getRandomValues(array) {
   if (this !== crypto) throw new ERR_INVALID_THIS('Crypto');
+
+  webidl ??= require('internal/crypto/webidl');
+  const prefix = "Failed to execute 'getRandomValues' on 'Crypto'";
+  webidl.requiredArguments(arguments.length, 1, { prefix });
+
   return ReflectApply(_getRandomValues, this, arguments);
 }
 
diff --git a/lib/internal/crypto/webidl.js b/lib/internal/crypto/webidl.js
new file mode 100644
index 00000000000000..9f5340c223902c
--- /dev/null
+++ b/lib/internal/crypto/webidl.js
@@ -0,0 +1,707 @@
+'use strict';
+
+// Adapted from the following sources
+// - https://github.com/jsdom/webidl-conversions
+//   Copyright Domenic Denicola. Licensed under BSD-2-Clause License.
+//   Original license at https://github.com/jsdom/webidl-conversions/blob/master/LICENSE.md.
+// - https://github.com/denoland/deno
+//   Copyright Deno authors. Licensed under MIT License.
+//   Original license at https://github.com/denoland/deno/blob/main/LICENSE.md.
+// Changes include using primordials and stripping the code down to only what
+// WebCryptoAPI needs.
+
+const {
+  ArrayBufferIsView,
+  ArrayBufferPrototype,
+  ArrayPrototypePush,
+  ArrayPrototypeSort,
+  MathPow,
+  MathTrunc,
+  Number,
+  NumberIsFinite,
+  ObjectAssign,
+  ObjectPrototypeIsPrototypeOf,
+  SafeArrayIterator,
+  SafeSet,
+  String,
+  SymbolIterator,
+  TypedArrayPrototypeGetBuffer,
+  TypedArrayPrototypeGetSymbolToStringTag,
+  TypeError,
+  globalThis: {
+    SharedArrayBuffer,
+  },
+} = primordials;
+
+const {
+  kEmptyObject,
+  setOwnProperty,
+} = require('internal/util');
+const { CryptoKey } = require('internal/crypto/webcrypto');
+const { getDataViewOrTypedArrayBuffer } = require('internal/crypto/util');
+
+function codedTypeError(message, errorProperties = kEmptyObject) {
+  // eslint-disable-next-line no-restricted-syntax
+  const err = new TypeError(message);
+  ObjectAssign(err, errorProperties);
+  return err;
+}
+
+function makeException(message, opts = kEmptyObject) {
+  const prefix = opts.prefix ? opts.prefix + ': ' : '';
+  const context = opts.context?.length === 0 ?
+    '' : (opts.context ?? 'Value') + ' ';
+  return codedTypeError(
+    `${prefix}${context}${message}`,
+    { code: opts.code || 'ERR_INVALID_ARG_TYPE' },
+  );
+}
+
+// https://tc39.es/ecma262/#sec-tonumber
+function toNumber(value, opts = kEmptyObject) {
+  switch (typeof value) {
+    case 'number':
+      return value;
+    case 'bigint':
+      throw makeException(
+        'is a BigInt and cannot be converted to a number.',
+        opts);
+    case 'symbol':
+      throw makeException(
+        'is a Symbol and cannot be converted to a number.',
+        opts);
+    default:
+      return Number(value);
+  }
+}
+
+function type(V) {
+  if (V === null)
+    return 'Null';
+
+  switch (typeof V) {
+    case 'undefined':
+      return 'Undefined';
+    case 'boolean':
+      return 'Boolean';
+    case 'number':
+      return 'Number';
+    case 'string':
+      return 'String';
+    case 'symbol':
+      return 'Symbol';
+    case 'bigint':
+      return 'BigInt';
+    case 'object': // Fall through
+    case 'function': // Fall through
+    default:
+      // Per ES spec, typeof returns an implemention-defined value that is not
+      // any of the existing ones for uncallable non-standard exotic objects.
+      // Yet Type() which the Web IDL spec depends on returns Object for such
+      // cases. So treat the default case as an object.
+      return 'Object';
+  }
+}
+
+const integerPart = MathTrunc;
+
+// This was updated to only consider bitlength up to 32 used by WebCryptoAPI
+function createIntegerConversion(bitLength) {
+  const lowerBound = 0;
+  const upperBound = MathPow(2, bitLength) - 1;
+
+  const twoToTheBitLength = MathPow(2, bitLength);
+
+  return (V, opts = kEmptyObject) => {
+    let x = toNumber(V, opts);
+
+    if (opts.enforceRange) {
+      if (!NumberIsFinite(x)) {
+        throw makeException(
+          'is not a finite number.',
+          opts);
+      }
+
+      x = integerPart(x);
+
+      if (x < lowerBound || x > upperBound) {
+        throw makeException(
+          `is outside the expected range of ${lowerBound} to ${upperBound}.`,
+          { __proto__: null, ...opts, code: 'ERR_OUT_OF_RANGE' },
+        );
+      }
+
+      return x;
+    }
+
+    if (!NumberIsFinite(x) || x === 0) {
+      return 0;
+    }
+
+    x = integerPart(x);
+
+    if (x >= lowerBound && x <= upperBound) {
+      return x;
+    }
+
+    x = x % twoToTheBitLength;
+
+    return x;
+  };
+}
+
+const converters = {};
+
+converters.boolean = (val) => !!val;
+converters.octet = createIntegerConversion(8);
+converters['unsigned short'] = createIntegerConversion(16);
+converters['unsigned long'] = createIntegerConversion(32);
+
+converters.DOMString = function(V, opts = kEmptyObject) {
+  if (typeof V === 'string') {
+    return V;
+  } else if (typeof V === 'symbol') {
+    throw makeException(
+      'is a Symbol and cannot be converted to a string.',
+      opts);
+  }
+
+  return String(V);
+};
+
+converters.object = (V, opts) => {
+  if (type(V) !== 'Object') {
+    throw makeException(
+      'is not an object.',
+      opts);
+  }
+
+  return V;
+};
+
+function isNonSharedArrayBuffer(V) {
+  return ObjectPrototypeIsPrototypeOf(ArrayBufferPrototype, V);
+}
+
+function isSharedArrayBuffer(V) {
+  return ObjectPrototypeIsPrototypeOf(SharedArrayBuffer.prototype, V);
+}
+
+converters.Uint8Array = (V, opts = kEmptyObject) => {
+  if (!ArrayBufferIsView(V) ||
+    TypedArrayPrototypeGetSymbolToStringTag(V) !== 'Uint8Array') {
+    throw makeException(
+      'is not an Uint8Array object.',
+      opts);
+  }
+  if (isSharedArrayBuffer(TypedArrayPrototypeGetBuffer(V))) {
+    throw makeException(
+      'is a view on a SharedArrayBuffer, which is not allowed.',
+      opts);
+  }
+
+  return V;
+};
+
+converters.BufferSource = (V, opts = kEmptyObject) => {
+  if (ArrayBufferIsView(V)) {
+    if (isSharedArrayBuffer(getDataViewOrTypedArrayBuffer(V))) {
+      throw makeException(
+        'is a view on a SharedArrayBuffer, which is not allowed.',
+        opts);
+    }
+
+    return V;
+  }
+
+  if (!isNonSharedArrayBuffer(V)) {
+    throw makeException(
+      'is not instance of ArrayBuffer, Buffer, TypedArray, or DataView.',
+      opts);
+  }
+
+  return V;
+};
+
+converters['sequence<DOMString>'] = createSequenceConverter(
+  converters.DOMString);
+
+function requiredArguments(length, required, opts = kEmptyObject) {
+  if (length < required) {
+    throw makeException(
+      `${required} argument${
+        required === 1 ? '' : 's'
+      } required, but only ${length} present.`,
+      { __proto__: null, ...opts, context: '', code: 'ERR_MISSING_ARGS' });
+  }
+}
+
+function createDictionaryConverter(name, dictionaries) {
+  let hasRequiredKey = false;
+  const allMembers = [];
+  for (let i = 0; i < dictionaries.length; i++) {
+    const member = dictionaries[i];
+    if (member.required) {
+      hasRequiredKey = true;
+    }
+    ArrayPrototypePush(allMembers, member);
+  }
+  ArrayPrototypeSort(allMembers, (a, b) => {
+    if (a.key === b.key) {
+      return 0;
+    }
+    return a.key < b.key ? -1 : 1;
+  });
+
+  return function(V, opts = kEmptyObject) {
+    const typeV = type(V);
+    switch (typeV) {
+      case 'Undefined':
+      case 'Null':
+      case 'Object':
+        break;
+      default:
+        throw makeException(
+          'can not be converted to a dictionary',
+          opts);
+    }
+    const esDict = V;
+    const idlDict = {};
+
+    // Fast path null and undefined.
+    if (V == null && !hasRequiredKey) {
+      return idlDict;
+    }
+
+    for (const member of new SafeArrayIterator(allMembers)) {
+      const key = member.key;
+
+      let esMemberValue;
+      if (typeV === 'Undefined' || typeV === 'Null') {
+        esMemberValue = undefined;
+      } else {
+        esMemberValue = esDict[key];
+      }
+
+      if (esMemberValue !== undefined) {
+        const context = `'${key}' of '${name}'${
+          opts.context ? ` (${opts.context})` : ''
+        }`;
+        const converter = member.converter;
+        const idlMemberValue = converter(esMemberValue, {
+          __proto__: null,
+          ...opts,
+          context,
+        });
+        setOwnProperty(idlDict, key, idlMemberValue);
+      } else if (member.required) {
+        throw makeException(
+          `can not be converted to '${name}' because '${key}' is required in '${name}'.`,
+          { __proto__: null, ...opts, code: 'ERR_MISSING_OPTION' });
+      }
+    }
+
+    return idlDict;
+  };
+}
+
+function createEnumConverter(name, values) {
+  const E = new SafeSet(values);
+
+  return function(V, opts = kEmptyObject) {
+    const S = String(V);
+
+    if (!E.has(S)) {
+      throw makeException(
+        `value '${S}' is not a valid enum value of type ${name}.`,
+        { __proto__: null, ...opts, code: 'ERR_INVALID_ARG_VALUE' });
+    }
+
+    return S;
+  };
+}
+
+function createSequenceConverter(converter) {
+  return function(V, opts = kEmptyObject) {
+    if (type(V) !== 'Object') {
+      throw makeException(
+        'can not be converted to sequence.',
+        opts);
+    }
+    const iter = V?.[SymbolIterator]?.();
+    if (iter === undefined) {
+      throw makeException(
+        'can not be converted to sequence.',
+        opts);
+    }
+    const array = [];
+    while (true) {
+      const res = iter?.next?.();
+      if (res === undefined) {
+        throw makeException(
+          'can not be converted to sequence.',
+          opts);
+      }
+      if (res.done === true) break;
+      const val = converter(res.value, {
+        __proto__: null,
+        ...opts,
+        context: `${opts.context}, index ${array.length}`,
+      });
+      ArrayPrototypePush(array, val);
+    }
+    return array;
+  };
+}
+
+function createInterfaceConverter(name, prototype) {
+  return (V, opts) => {
+    if (!ObjectPrototypeIsPrototypeOf(prototype, V)) {
+      throw makeException(
+        `is not of type ${name}.`,
+        opts);
+    }
+    return V;
+  };
+}
+
+converters.AlgorithmIdentifier = (V, opts) => {
+  // Union for (object or DOMString)
+  if (type(V) === 'Object') {
+    return converters.object(V, opts);
+  }
+  return converters.DOMString(V, opts);
+};
+
+converters.KeyFormat = createEnumConverter('KeyFormat', [
+  'raw',
+  'pkcs8',
+  'spki',
+  'jwk',
+]);
+
+converters.KeyUsage = createEnumConverter('KeyUsage', [
+  'encrypt',
+  'decrypt',
+  'sign',
+  'verify',
+  'deriveKey',
+  'deriveBits',
+  'wrapKey',
+  'unwrapKey',
+]);
+
+converters['sequence<KeyUsage>'] = createSequenceConverter(converters.KeyUsage);
+
+converters.HashAlgorithmIdentifier = converters.AlgorithmIdentifier;
+
+const dictAlgorithm = [
+  {
+    key: 'name',
+    converter: converters.DOMString,
+    required: true,
+  },
+];
+
+converters.Algorithm = createDictionaryConverter(
+  'Algorithm', dictAlgorithm);
+
+converters.BigInteger = converters.Uint8Array;
+
+const dictRsaKeyGenParams = [
+  ...new SafeArrayIterator(dictAlgorithm),
+  {
+    key: 'modulusLength',
+    converter: (V, opts) =>
+      converters['unsigned long'](V, { ...opts, enforceRange: true }),
+    required: true,
+  },
+  {
+    key: 'publicExponent',
+    converter: converters.BigInteger,
+    required: true,
+  },
+];
+
+converters.RsaKeyGenParams = createDictionaryConverter(
+  'RsaKeyGenParams', dictRsaKeyGenParams);
+
+converters.RsaHashedKeyGenParams = createDictionaryConverter(
+  'RsaHashedKeyGenParams', [
+    ...new SafeArrayIterator(dictRsaKeyGenParams),
+    {
+      key: 'hash',
+      converter: converters.HashAlgorithmIdentifier,
+      required: true,
+    },
+  ]);
+
+converters.RsaHashedImportParams = createDictionaryConverter(
+  'RsaHashedImportParams', [
+    ...new SafeArrayIterator(dictAlgorithm),
+    {
+      key: 'hash',
+      converter: converters.HashAlgorithmIdentifier,
+      required: true,
+    },
+  ]);
+
+converters.NamedCurve = converters.DOMString;
+
+converters.EcKeyImportParams = createDictionaryConverter(
+  'EcKeyImportParams', [
+    ...new SafeArrayIterator(dictAlgorithm),
+    {
+      key: 'namedCurve',
+      converter: converters.NamedCurve,
+      required: true,
+    },
+  ]);
+
+converters.EcKeyGenParams = createDictionaryConverter(
+  'EcKeyGenParams', [
+    ...new SafeArrayIterator(dictAlgorithm),
+    {
+      key: 'namedCurve',
+      converter: converters.NamedCurve,
+      required: true,
+    },
+  ]);
+
+converters.AesKeyGenParams = createDictionaryConverter(
+  'AesKeyGenParams', [
+    ...new SafeArrayIterator(dictAlgorithm),
+    {
+      key: 'length',
+      converter: (V, opts) =>
+        converters['unsigned short'](V, { ...opts, enforceRange: true }),
+      required: true,
+    },
+  ]);
+
+converters.HmacKeyGenParams = createDictionaryConverter(
+  'HmacKeyGenParams', [
+    ...new SafeArrayIterator(dictAlgorithm),
+    {
+      key: 'hash',
+      converter: converters.HashAlgorithmIdentifier,
+      required: true,
+    },
+    {
+      key: 'length',
+      converter: (V, opts) =>
+        converters['unsigned long'](V, { ...opts, enforceRange: true }),
+    },
+  ]);
+
+converters.RsaPssParams = createDictionaryConverter(
+  'RsaPssParams', [
+    ...new SafeArrayIterator(dictAlgorithm),
+    {
+      key: 'saltLength',
+      converter: (V, opts) =>
+        converters['unsigned long'](V, { ...opts, enforceRange: true }),
+      required: true,
+    },
+  ]);
+
+converters.RsaOaepParams = createDictionaryConverter(
+  'RsaOaepParams', [
+    ...new SafeArrayIterator(dictAlgorithm),
+    {
+      key: 'label',
+      converter: converters.BufferSource,
+    },
+  ]);
+
+converters.EcdsaParams = createDictionaryConverter(
+  'EcdsaParams', [
+    ...new SafeArrayIterator(dictAlgorithm),
+    {
+      key: 'hash',
+      converter: converters.HashAlgorithmIdentifier,
+      required: true,
+    },
+  ]);
+
+converters.HmacImportParams = createDictionaryConverter(
+  'HmacImportParams', [
+    ...new SafeArrayIterator(dictAlgorithm),
+    {
+      key: 'hash',
+      converter: converters.HashAlgorithmIdentifier,
+      required: true,
+    },
+    {
+      key: 'length',
+      converter: (V, opts) =>
+        converters['unsigned long'](V, { ...opts, enforceRange: true }),
+    },
+  ]);
+
+const simpleDomStringKey = (key) => ({ key, converter: converters.DOMString });
+
+converters.RsaOtherPrimesInfo = createDictionaryConverter(
+  'RsaOtherPrimesInfo', [
+    simpleDomStringKey('r'),
+    simpleDomStringKey('d'),
+    simpleDomStringKey('t'),
+  ]);
+converters['sequence<RsaOtherPrimesInfo>'] = createSequenceConverter(
+  converters.RsaOtherPrimesInfo);
+
+converters.JsonWebKey = createDictionaryConverter(
+  'JsonWebKey', [
+    simpleDomStringKey('kty'),
+    simpleDomStringKey('use'),
+    {
+      key: 'key_ops',
+      converter: converters['sequence<DOMString>'],
+    },
+    simpleDomStringKey('alg'),
+    {
+      key: 'ext',
+      converter: converters.boolean,
+    },
+    simpleDomStringKey('crv'),
+    simpleDomStringKey('x'),
+    simpleDomStringKey('y'),
+    simpleDomStringKey('d'),
+    simpleDomStringKey('n'),
+    simpleDomStringKey('e'),
+    simpleDomStringKey('p'),
+    simpleDomStringKey('q'),
+    simpleDomStringKey('dp'),
+    simpleDomStringKey('dq'),
+    simpleDomStringKey('qi'),
+    {
+      key: 'oth',
+      converter: converters['sequence<RsaOtherPrimesInfo>'],
+    },
+    simpleDomStringKey('k'),
+  ]);
+
+converters.HkdfParams = createDictionaryConverter(
+  'HkdfParams', [
+    ...new SafeArrayIterator(dictAlgorithm),
+    {
+      key: 'hash',
+      converter: converters.HashAlgorithmIdentifier,
+      required: true,
+    },
+    {
+      key: 'salt',
+      converter: converters.BufferSource,
+      required: true,
+    },
+    {
+      key: 'info',
+      converter: converters.BufferSource,
+      required: true,
+    },
+  ]);
+
+converters.Pbkdf2Params = createDictionaryConverter(
+  'Pbkdf2Params', [
+    ...new SafeArrayIterator(dictAlgorithm),
+    {
+      key: 'hash',
+      converter: converters.HashAlgorithmIdentifier,
+      required: true,
+    },
+    {
+      key: 'iterations',
+      converter: (V, opts) =>
+        converters['unsigned long'](V, { ...opts, enforceRange: true }),
+      required: true,
+    },
+    {
+      key: 'salt',
+      converter: converters.BufferSource,
+      required: true,
+    },
+  ]);
+
+converters.AesDerivedKeyParams = createDictionaryConverter(
+  'AesDerivedKeyParams', [
+    ...new SafeArrayIterator(dictAlgorithm),
+    {
+      key: 'length',
+      converter: (V, opts) =>
+        converters['unsigned short'](V, { ...opts, enforceRange: true }),
+      required: true,
+    },
+  ]);
+
+converters.AesCbcParams = createDictionaryConverter(
+  'AesCbcParams', [
+    ...new SafeArrayIterator(dictAlgorithm),
+    {
+      key: 'iv',
+      converter: converters.BufferSource,
+      required: true,
+    },
+  ]);
+
+converters.AesGcmParams = createDictionaryConverter(
+  'AesGcmParams', [
+    ...new SafeArrayIterator(dictAlgorithm),
+    {
+      key: 'iv',
+      converter: converters.BufferSource,
+      required: true,
+    },
+    {
+      key: 'tagLength',
+      converter: (V, opts) =>
+        converters.octet(V, { ...opts, enforceRange: true }),
+    },
+    {
+      key: 'additionalData',
+      converter: converters.BufferSource,
+    },
+  ]);
+
+converters.AesCtrParams = createDictionaryConverter(
+  'AesCtrParams', [
+    ...new SafeArrayIterator(dictAlgorithm),
+    {
+      key: 'counter',
+      converter: converters.BufferSource,
+      required: true,
+    },
+    {
+      key: 'length',
+      converter: (V, opts) =>
+        converters.octet(V, { ...opts, enforceRange: true }),
+      required: true,
+    },
+  ]);
+
+converters.CryptoKey = createInterfaceConverter(
+  'CryptoKey', CryptoKey.prototype);
+
+converters.EcdhKeyDeriveParams = createDictionaryConverter(
+  'EcdhKeyDeriveParams', [
+    ...new SafeArrayIterator(dictAlgorithm),
+    {
+      key: 'public',
+      converter: converters.CryptoKey,
+      required: true,
+    },
+  ]);
+
+converters.Ed448Params = createDictionaryConverter(
+  'Ed448Params', [
+    ...new SafeArrayIterator(dictAlgorithm),
+    {
+      key: 'context',
+      converter: converters.BufferSource,
+      required: false,
+    },
+  ]);
+
+module.exports = {
+  converters,
+  requiredArguments,
+};
diff --git a/test/fixtures/crypto/aes_gcm.js b/test/fixtures/crypto/aes_gcm.js
index 07332d44d9e16d..5d6ca46325b6f3 100644
--- a/test/fixtures/crypto/aes_gcm.js
+++ b/test/fixtures/crypto/aes_gcm.js
@@ -115,7 +115,7 @@ module.exports = function() {
 
   const failing = [];
   kKeyLengths.forEach((keyLength) => {
-    [24, 48, 72, 95, 129, 256].forEach((badTagLength) => {
+    [24, 48, 72, 95, 129].forEach((badTagLength) => {
       failing.push({
         keyBuffer: kKeyBytes[keyLength],
         algorithm: {
diff --git a/test/parallel/test-webcrypto-cryptokey-workers.js b/test/parallel/test-webcrypto-cryptokey-workers.js
index 7f54481149dd59..0397f376e97bb8 100644
--- a/test/parallel/test-webcrypto-cryptokey-workers.js
+++ b/test/parallel/test-webcrypto-cryptokey-workers.js
@@ -25,7 +25,7 @@ const sig = '13691a79fb55a0417e4d6699a32f91ad29283fa2c1439865cc0632931f4f48dc';
 async function doSig(key) {
   const signature = await subtle.sign({
     name: 'HMAC'
-  }, key, 'some data');
+  }, key, Buffer.from('some data'));
   assert.strictEqual(Buffer.from(signature).toString('hex'), sig);
 }
 
diff --git a/test/parallel/test-webcrypto-derivebits-cfrg.js b/test/parallel/test-webcrypto-derivebits-cfrg.js
index 1324a5fecc4c87..a9b0d1c248f275 100644
--- a/test/parallel/test-webcrypto-derivebits-cfrg.js
+++ b/test/parallel/test-webcrypto-derivebits-cfrg.js
@@ -145,7 +145,7 @@ async function prepareKeys() {
         { name: 'X448' },
         keys.X448.privateKey,
         8 * keys.X448.size),
-      { code: 'ERR_INVALID_ARG_TYPE' });
+      { code: 'ERR_MISSING_OPTION' });
   }
 
   {
diff --git a/test/parallel/test-webcrypto-derivebits-ecdh.js b/test/parallel/test-webcrypto-derivebits-ecdh.js
index 2ab152ba5a7615..d14d2e96e2d444 100644
--- a/test/parallel/test-webcrypto-derivebits-ecdh.js
+++ b/test/parallel/test-webcrypto-derivebits-ecdh.js
@@ -166,7 +166,7 @@ async function prepareKeys() {
         { name: 'ECDH' },
         keys['P-384'].privateKey,
         8 * keys['P-384'].size),
-      { code: 'ERR_INVALID_ARG_TYPE' });
+      { code: 'ERR_MISSING_OPTION' });
   }
 
   {
diff --git a/test/parallel/test-webcrypto-derivebits-hkdf.js b/test/parallel/test-webcrypto-derivebits-hkdf.js
index 922c1b347e3b0c..f09a0c5b66d65e 100644
--- a/test/parallel/test-webcrypto-derivebits-hkdf.js
+++ b/test/parallel/test-webcrypto-derivebits-hkdf.js
@@ -292,7 +292,8 @@ async function testDeriveBitsBadHash(
           ...algorithm,
           hash: hash.substring(0, 3) + hash.substring(4)
         }, baseKeys[size], 256), {
-        message: /Unrecognized name/
+        message: /Unrecognized algorithm name/,
+        name: 'NotSupportedError',
       }),
     assert.rejects(
       subtle.deriveBits(
@@ -301,7 +302,8 @@ async function testDeriveBitsBadHash(
           hash: 'PBKDF2'
         },
         baseKeys[size], 256), {
-        message: /Unrecognized name/
+        message: /Unrecognized algorithm name/,
+        name: 'NotSupportedError',
       }),
   ]);
 }
@@ -339,7 +341,7 @@ async function testDeriveBitsMissingSalt(
 
   return assert.rejects(
     subtle.deriveBits(algorithm, baseKeys[size], 0), {
-      code: 'ERR_INVALID_ARG_TYPE'
+      code: 'ERR_MISSING_OPTION'
     });
 }
 
@@ -357,7 +359,7 @@ async function testDeriveBitsMissingInfo(
 
   return assert.rejects(
     subtle.deriveBits(algorithm, baseKeys[size], 0), {
-      code: 'ERR_INVALID_ARG_TYPE'
+      code: 'ERR_MISSING_OPTION'
     });
 }
 
@@ -431,7 +433,10 @@ async function testDeriveKeyBadHash(
         keyType,
         true,
         usages),
-      { message: /Unrecognized name/ }),
+      {
+        message: /Unrecognized algorithm name/,
+        name: 'NotSupportedError',
+      }),
     assert.rejects(
       subtle.deriveKey(
         {
@@ -442,7 +447,10 @@ async function testDeriveKeyBadHash(
         keyType,
         true,
         usages),
-      { message: /Unrecognized name/ }),
+      {
+        message: /Unrecognized algorithm name/,
+        name: 'NotSupportedError',
+      }),
   ]);
 }
 
diff --git a/test/parallel/test-webcrypto-derivekey-cfrg.js b/test/parallel/test-webcrypto-derivekey-cfrg.js
index 90289c98efd5d5..6952f8b91ca6c3 100644
--- a/test/parallel/test-webcrypto-derivekey-cfrg.js
+++ b/test/parallel/test-webcrypto-derivekey-cfrg.js
@@ -111,7 +111,7 @@ async function prepareKeys() {
         { name: 'X448' },
         keys.X448.privateKey,
         ...otherArgs),
-      { code: 'ERR_INVALID_ARG_TYPE' });
+      { code: 'ERR_MISSING_OPTION' });
   }
 
   {
diff --git a/test/parallel/test-webcrypto-derivekey-ecdh.js b/test/parallel/test-webcrypto-derivekey-ecdh.js
index d3ba660fde6d5b..48e499d775312b 100644
--- a/test/parallel/test-webcrypto-derivekey-ecdh.js
+++ b/test/parallel/test-webcrypto-derivekey-ecdh.js
@@ -128,7 +128,7 @@ async function prepareKeys() {
         { name: 'ECDH' },
         keys['P-384'].privateKey,
         ...otherArgs),
-      { code: 'ERR_INVALID_ARG_TYPE' });
+      { code: 'ERR_MISSING_OPTION' });
   }
 
   {
diff --git a/test/parallel/test-webcrypto-digest.js b/test/parallel/test-webcrypto-digest.js
index 25b78500b7d346..430ec14f6b7c6a 100644
--- a/test/parallel/test-webcrypto-digest.js
+++ b/test/parallel/test-webcrypto-digest.js
@@ -66,11 +66,17 @@ const kData = (new TextEncoder()).encode('hello');
   }));
 })().then(common.mustCall());
 
-Promise.all([1, [], {}, null, undefined].map((i) =>
-  assert.rejects(subtle.digest(i), { message: /Unrecognized name/ })
+Promise.all([1, null, undefined].map((i) =>
+  assert.rejects(subtle.digest(i, Buffer.alloc(0)), {
+    message: /Unrecognized algorithm name/,
+    name: 'NotSupportedError',
+  })
 )).then(common.mustCall());
 
-assert.rejects(subtle.digest(''), { message: /Unrecognized name/ }).then(common.mustCall());
+assert.rejects(subtle.digest('', Buffer.alloc(0)), {
+  message: /Unrecognized algorithm name/,
+  name: 'NotSupportedError',
+}).then(common.mustCall());
 
 Promise.all([1, [], {}, null, undefined].map((i) =>
   assert.rejects(subtle.digest('SHA-256', i), {
@@ -78,14 +84,6 @@ Promise.all([1, [], {}, null, undefined].map((i) =>
   })
 )).then(common.mustCall());
 
-// If there is a mismatch between length and the expected digest size for
-// the selected algorithm, we fail. The length is a Node.js specific
-// addition to the API, and is added as a support for future additional
-// hash algorithms that support variable digest output lengths.
-assert.rejects(subtle.digest({ name: 'SHA-512', length: 510 }, kData), {
-  name: 'OperationError',
-}).then(common.mustCall());
-
 const kSourceData = {
   empty: '',
   short: '156eea7cc14c56cb94db030a4a9d95ff',
diff --git a/test/parallel/test-webcrypto-export-import-cfrg.js b/test/parallel/test-webcrypto-export-import-cfrg.js
index af6a7956e6716a..7ba06442a0e245 100644
--- a/test/parallel/test-webcrypto-export-import-cfrg.js
+++ b/test/parallel/test-webcrypto-export-import-cfrg.js
@@ -260,6 +260,38 @@ async function testImportJwk({ name, publicUsages, privateUsages }, extractable)
       });
   }
 
+  {
+    const invalidUse = name.startsWith('X') ? 'sig' : 'enc';
+    await assert.rejects(
+      subtle.importKey(
+        'jwk',
+        { ...jwk, use: invalidUse },
+        { name },
+        extractable,
+        privateUsages),
+      { message: 'Invalid JWK "use" Parameter' });
+  }
+
+  if (name.startsWith('Ed')) {
+    await assert.rejects(
+      subtle.importKey(
+        'jwk',
+        { kty: jwk.kty, x: jwk.x, crv: jwk.crv, alg: 'foo' },
+        { name },
+        extractable,
+        publicUsages),
+      { message: 'JWK "alg" does not match the requested algorithm' });
+
+    await assert.rejects(
+      subtle.importKey(
+        'jwk',
+        { ...jwk, alg: 'foo' },
+        { name },
+        extractable,
+        privateUsages),
+      { message: 'JWK "alg" does not match the requested algorithm' });
+  }
+
   for (const crv of [undefined, name === 'Ed25519' ? 'Ed448' : 'Ed25519']) {
     await assert.rejects(
       subtle.importKey(
@@ -268,16 +300,16 @@ async function testImportJwk({ name, publicUsages, privateUsages }, extractable)
         { name },
         extractable,
         publicUsages),
-      { message: /Subtype mismatch/ });
+      { message: 'JWK "crv" Parameter and algorithm name mismatch' });
 
     await assert.rejects(
       subtle.importKey(
         'jwk',
-        { kty: jwk.kty, d: jwk.d, x: jwk.x, y: jwk.y, crv },
+        { ...jwk, crv },
         { name },
         extractable,
         publicUsages),
-      { message: /Subtype mismatch/ });
+      { message: 'JWK "crv" Parameter and algorithm name mismatch' });
   }
 }
 
diff --git a/test/parallel/test-webcrypto-export-import-ec.js b/test/parallel/test-webcrypto-export-import-ec.js
index ec5615b6582f88..8bab72cc973779 100644
--- a/test/parallel/test-webcrypto-export-import-ec.js
+++ b/test/parallel/test-webcrypto-export-import-ec.js
@@ -261,6 +261,38 @@ async function testImportJwk(
       });
   }
 
+  {
+    const invalidUse = name === 'ECDH' ? 'sig' : 'enc';
+    await assert.rejects(
+      subtle.importKey(
+        'jwk',
+        { ...jwk, use: invalidUse },
+        { name, namedCurve },
+        extractable,
+        privateUsages),
+      { message: 'Invalid JWK "use" Parameter' });
+  }
+
+  if (name === 'ECDSA') {
+    await assert.rejects(
+      subtle.importKey(
+        'jwk',
+        { kty: jwk.kty, x: jwk.x, y: jwk.y, crv: jwk.crv, alg: jwk.crv === 'P-256' ? 'ES384' : 'ES256' },
+        { name, namedCurve },
+        extractable,
+        publicUsages),
+      { message: 'JWK "alg" does not match the requested algorithm' });
+
+    await assert.rejects(
+      subtle.importKey(
+        'jwk',
+        { ...jwk, alg: jwk.crv === 'P-256' ? 'ES384' : 'ES256' },
+        { name, namedCurve },
+        extractable,
+        privateUsages),
+      { message: 'JWK "alg" does not match the requested algorithm' });
+  }
+
   for (const crv of [undefined, namedCurve === 'P-256' ? 'P-384' : 'P-256']) {
     await assert.rejects(
       subtle.importKey(
@@ -269,16 +301,16 @@ async function testImportJwk(
         { name, namedCurve },
         extractable,
         publicUsages),
-      { message: /Named curve mismatch/ });
+      { message: 'JWK "crv" does not match the requested algorithm' });
 
     await assert.rejects(
       subtle.importKey(
         'jwk',
-        { kty: jwk.kty, d: jwk.d, x: jwk.x, y: jwk.y, crv },
+        { ...jwk, crv },
         { name, namedCurve },
         extractable,
-        publicUsages),
-      { message: /Named curve mismatch/ });
+        privateUsages),
+      { message: 'JWK "crv" does not match the requested algorithm' });
   }
 }
 
diff --git a/test/parallel/test-webcrypto-export-import-rsa.js b/test/parallel/test-webcrypto-export-import-rsa.js
index 1efc69b70aa971..60a8218bfb7efd 100644
--- a/test/parallel/test-webcrypto-export-import-rsa.js
+++ b/test/parallel/test-webcrypto-export-import-rsa.js
@@ -444,6 +444,57 @@ async function testImportJwk(
         message: /key is not extractable/
       });
   }
+
+  {
+    const invalidUse = name === 'RSA-OAEP' ? 'sig' : 'enc';
+    await assert.rejects(
+      subtle.importKey(
+        'jwk',
+        { kty: jwk.kty, n: jwk.n, e: jwk.e, use: invalidUse },
+        { name, hash },
+        extractable,
+        publicUsages),
+      { message: 'Invalid JWK "use" Parameter' });
+    await assert.rejects(
+      subtle.importKey(
+        'jwk',
+        { ...jwk, use: invalidUse },
+        { name, hash },
+        extractable,
+        privateUsages),
+      { message: 'Invalid JWK "use" Parameter' });
+  }
+
+  {
+    let invalidAlg = name === 'RSA-OAEP' ? name : name === 'RSA-PSS' ? 'PS' : 'RS';
+    switch (name) {
+      case 'RSA-OAEP':
+        if (hash === 'SHA-1')
+          invalidAlg += '-256';
+        break;
+      default:
+        if (hash === 'SHA-256')
+          invalidAlg += '384';
+        else
+          invalidAlg += '256';
+    }
+    await assert.rejects(
+      subtle.importKey(
+        'jwk',
+        { kty: jwk.kty, n: jwk.n, e: jwk.e, alg: invalidAlg },
+        { name, hash },
+        extractable,
+        publicUsages),
+      { message: 'JWK "alg" does not match the requested algorithm' });
+    await assert.rejects(
+      subtle.importKey(
+        'jwk',
+        { ...jwk, alg: invalidAlg },
+        { name, hash },
+        extractable,
+        privateUsages),
+      { message: 'JWK "alg" does not match the requested algorithm' });
+  }
 }
 
 // combinations to test
diff --git a/test/parallel/test-webcrypto-export-import.js b/test/parallel/test-webcrypto-export-import.js
index 02e178f72628d5..b560e5b1928099 100644
--- a/test/parallel/test-webcrypto-export-import.js
+++ b/test/parallel/test-webcrypto-export-import.js
@@ -15,19 +15,17 @@ const { subtle } = webcrypto;
     await Promise.all([1, null, undefined, {}, []].map((format) =>
       assert.rejects(
         subtle.importKey(format, keyData, {}, false, ['wrapKey']), {
-          code: 'ERR_INVALID_ARG_TYPE'
+          code: 'ERR_INVALID_ARG_VALUE'
         })
     ));
     await assert.rejects(
       subtle.importKey('not valid', keyData, {}, false, ['wrapKey']), {
         code: 'ERR_INVALID_ARG_VALUE'
       });
-    await Promise.all([1, null, undefined, {}, []].map((keyData) =>
-      assert.rejects(
-        subtle.importKey('raw', keyData, {}, false, ['deriveBits']), {
-          code: 'ERR_INVALID_ARG_TYPE'
-        })
-    ));
+    await assert.rejects(
+      subtle.importKey('raw', 1, {}, false, ['deriveBits']), {
+        code: 'ERR_INVALID_ARG_TYPE'
+      });
     await assert.rejects(
       subtle.importKey('raw', keyData, {
         name: 'HMAC'
@@ -66,7 +64,7 @@ const { subtle } = webcrypto;
         hash: 'SHA-256',
       }, false, ['sign', 'verify']), {
         name: 'DataError',
-        message: 'Invalid JWK keyData'
+        message: 'Invalid keyData'
       });
   }
 
diff --git a/test/parallel/test-webcrypto-keygen.js b/test/parallel/test-webcrypto-keygen.js
index 946a1e58889122..62d871dd4578ae 100644
--- a/test/parallel/test-webcrypto-keygen.js
+++ b/test/parallel/test-webcrypto-keygen.js
@@ -163,8 +163,9 @@ const vectors = {
     return assert.rejects(
       // The extractable and usages values are invalid here also,
       // but the unrecognized algorithm name should be caught first.
-      subtle.generateKey(algorithm, 7, ['zebra']), {
-        message: /Unrecognized name/
+      subtle.generateKey(algorithm, 7, []), {
+        message: /Unrecognized algorithm name/,
+        name: 'NotSupportedError',
       });
   }
 
@@ -301,12 +302,12 @@ const vectors = {
     // Missing parameters
     await assert.rejects(
       subtle.generateKey({ name, publicExponent, hash }, true, usages), {
-        code: 'ERR_INVALID_ARG_TYPE'
+        code: 'ERR_MISSING_OPTION'
       });
 
     await assert.rejects(
       subtle.generateKey({ name, modulusLength, hash }, true, usages), {
-        code: 'ERR_INVALID_ARG_TYPE'
+        code: 'ERR_MISSING_OPTION'
       });
 
     await assert.rejects(
@@ -314,7 +315,7 @@ const vectors = {
         code: 'ERR_MISSING_OPTION'
       });
 
-    await Promise.all(['', true, {}].map((modulusLength) => {
+    await Promise.all([{}].map((modulusLength) => {
       return assert.rejects(subtle.generateKey({
         name,
         modulusLength,
@@ -340,25 +341,15 @@ const vectors = {
           { code: 'ERR_INVALID_ARG_TYPE' });
       }));
 
-    await Promise.all([true, {}, 1, []].map((hash) => {
+    await Promise.all([true, 1].map((hash) => {
       return assert.rejects(subtle.generateKey({
         name,
         modulusLength,
         publicExponent,
         hash
       }, true, usages), {
-        message: /Unrecognized name/
-      });
-    }));
-
-    await Promise.all(['', {}, 1, []].map((extractable) => {
-      return assert.rejects(subtle.generateKey({
-        name,
-        modulusLength,
-        publicExponent,
-        hash
-      }, extractable, usages), {
-        code: 'ERR_INVALID_ARG_TYPE'
+        message: /Unrecognized algorithm name/,
+        name: 'NotSupportedError',
       });
     }));
 
@@ -453,12 +444,17 @@ const vectors = {
     assert.strictEqual(privateKey.algorithm.namedCurve, namedCurve);
 
     // Invalid parameters
-    [1, true, {}, [], undefined, null].forEach(async (namedCurve) => {
+    [1, true, {}, [], null].forEach(async (namedCurve) => {
       await assert.rejects(
         subtle.generateKey({ name, namedCurve }, true, privateUsages), {
           name: 'NotSupportedError'
         });
     });
+    await assert.rejects(
+      subtle.generateKey({ name, namedCurve: undefined }, true, privateUsages), {
+        name: 'TypeError',
+        code: 'ERR_MISSING_OPTION'
+      });
   }
 
   const kTests = [
@@ -514,19 +510,18 @@ const vectors = {
     assert.strictEqual(key.algorithm.length, length);
 
     // Invalid parameters
-    [1, 100, 257].forEach(async (length) => {
+    [1, 100, 257, '', false, null].forEach(async (length) => {
       await assert.rejects(
         subtle.generateKey({ name, length }, true, usages), {
           name: 'OperationError'
         });
     });
 
-    ['', {}, [], false, null, undefined].forEach(async (length) => {
-      await assert.rejects(
-        subtle.generateKey({ name, length }, true, usages), {
-          name: 'OperationError',
-        });
-    });
+    await assert.rejects(
+      subtle.generateKey({ name, length: undefined }, true, usages), {
+        name: 'TypeError',
+        code: 'ERR_MISSING_OPTION'
+      });
   }
 
   const kTests = [
@@ -574,17 +569,11 @@ const vectors = {
     assert.strictEqual(key.algorithm.length, length);
     assert.strictEqual(key.algorithm.hash.name, hash);
 
-    ['', {}, [], false, null].forEach(async (length) => {
-      await assert.rejects(
-        subtle.generateKey({ name: 'HMAC', length, hash }, true, usages), {
-          code: 'ERR_INVALID_ARG_TYPE'
-        });
-    });
-
-    [1, {}, [], false, null].forEach(async (hash) => {
+    [1, false, null].forEach(async (hash) => {
       await assert.rejects(
         subtle.generateKey({ name: 'HMAC', length, hash }, true, usages), {
-          message: /Unrecognized name/
+          message: /Unrecognized algorithm name/,
+          name: 'NotSupportedError',
         });
     });
   }
diff --git a/test/parallel/test-webcrypto-sign-verify-ecdsa.js b/test/parallel/test-webcrypto-sign-verify-ecdsa.js
index 4e79e4d4f846d6..388957bc0daff8 100644
--- a/test/parallel/test-webcrypto-sign-verify-ecdsa.js
+++ b/test/parallel/test-webcrypto-sign-verify-ecdsa.js
@@ -135,7 +135,8 @@ async function testVerify({ name,
 
   await assert.rejects(
     subtle.verify({ name, hash: 'sha256' }, publicKey, signature, copy), {
-      message: /Unrecognized name/
+      message: /Unrecognized algorithm name/,
+      name: 'NotSupportedError',
     });
 }
 
diff --git a/test/parallel/test-webcrypto-sign-verify-hmac.js b/test/parallel/test-webcrypto-sign-verify-hmac.js
index 0962773b132768..8f2e730a234e51 100644
--- a/test/parallel/test-webcrypto-sign-verify-hmac.js
+++ b/test/parallel/test-webcrypto-sign-verify-hmac.js
@@ -91,16 +91,14 @@ async function testVerify({ hash,
   // Test failure when wrong hash is used
   {
     const otherhash = hash === 'SHA-1' ? 'SHA-256' : 'SHA-1';
-    assert(!(await subtle.verify({
-      name,
-      hash: otherhash
-    }, key, signature, copy)));
+    const keyWithOtherHash = await subtle.importKey(
+      'raw',
+      keyBuffer,
+      { name, hash: otherhash },
+      false,
+      ['verify']);
+    assert(!(await subtle.verify({ name }, keyWithOtherHash, signature, plaintext)));
   }
-
-  await assert.rejects(
-    subtle.verify({ name, hash: 'sha256' }, key, signature, copy), {
-      message: /Unrecognized name/
-    });
 }
 
 async function testSign({ hash,
@@ -156,7 +154,6 @@ async function testSign({ hash,
     subtle.generateKey({ name }, false, ['sign', 'verify']), {
       name: 'TypeError',
       code: 'ERR_MISSING_OPTION',
-      message: 'algorithm.hash is required'
     });
 
   // Test failure when no sign usage
diff --git a/test/parallel/test-webcrypto-sign-verify-rsa.js b/test/parallel/test-webcrypto-sign-verify-rsa.js
index 60815c5ea0451d..69eb3f8f18a4ef 100644
--- a/test/parallel/test-webcrypto-sign-verify-rsa.js
+++ b/test/parallel/test-webcrypto-sign-verify-rsa.js
@@ -112,19 +112,14 @@ async function testVerify({
   // Test failure when wrong hash is used
   {
     const otherhash = hash === 'SHA-1' ? 'SHA-256' : 'SHA-1';
-    assert(!(await subtle.verify({
-      ...algorithm,
-      hash: otherhash
-    }, publicKey, signature, copy)));
+    const keyWithOtherHash = await subtle.importKey(
+      'spki',
+      publicKeyBuffer,
+      { name: algorithm.name, hash: otherhash },
+      false,
+      ['verify']);
+    assert(!(await subtle.verify(algorithm, keyWithOtherHash, signature, plaintext)));
   }
-
-  await assert.rejects(
-    subtle.verify(
-      { ...algorithm, hash: 'sha256' },
-      publicKey,
-      signature,
-      copy),
-    { message: /Unrecognized name/ });
 }
 
 async function testSign({
diff --git a/test/parallel/test-webcrypto-util.js b/test/parallel/test-webcrypto-util.js
index 4bb14a7f91494f..b8d5361433fd0e 100644
--- a/test/parallel/test-webcrypto-util.js
+++ b/test/parallel/test-webcrypto-util.js
@@ -11,15 +11,9 @@ const {
   normalizeAlgorithm,
 } = require('internal/crypto/util');
 
-{
-  // Check that normalizeAlgorithm does not add an undefined hash property.
-  assert.strictEqual('hash' in normalizeAlgorithm({ name: 'ECDH' }), false);
-  assert.strictEqual('hash' in normalizeAlgorithm('ECDH'), false);
-}
-
 {
   // Check that normalizeAlgorithm does not mutate object inputs.
-  const algorithm = { name: 'ECDH', hash: 'SHA-256' };
-  assert.strictEqual(normalizeAlgorithm(algorithm) !== algorithm, true);
-  assert.deepStrictEqual(algorithm, { name: 'ECDH', hash: 'SHA-256' });
+  const algorithm = { name: 'ECDSA', hash: 'SHA-256' };
+  assert.strictEqual(normalizeAlgorithm(algorithm, 'sign') !== algorithm, true);
+  assert.deepStrictEqual(algorithm, { name: 'ECDSA', hash: 'SHA-256' });
 }
diff --git a/test/parallel/test-webcrypto-webidl.js b/test/parallel/test-webcrypto-webidl.js
new file mode 100644
index 00000000000000..a6183960073d0b
--- /dev/null
+++ b/test/parallel/test-webcrypto-webidl.js
@@ -0,0 +1,519 @@
+// Flags: --expose-internals
+'use strict';
+
+const common = require('../common');
+if (!common.hasCrypto)
+  common.skip('missing crypto');
+
+const assert = require('assert');
+
+const webidl = require('internal/crypto/webidl');
+const { webcrypto } = require('crypto');
+const { generateKeySync } = require('crypto');
+
+const { subtle } = webcrypto;
+const { converters } = webidl;
+const prefix = "Failed to execute 'fn' on 'interface'";
+const context = '1st argument';
+const opts = { prefix, context };
+
+// Required arguments.length
+{
+  assert.throws(() => webidl.requiredArguments(0, 3, { prefix }), {
+    code: 'ERR_MISSING_ARGS',
+    name: 'TypeError',
+    message: `${prefix}: 3 arguments required, but only 0 present.`
+  });
+
+  assert.throws(() => webidl.requiredArguments(0, 1, { prefix }), {
+    code: 'ERR_MISSING_ARGS',
+    name: 'TypeError',
+    message: `${prefix}: 1 argument required, but only 0 present.`
+  });
+
+  // Does not throw when extra are added
+  webidl.requiredArguments(4, 3, { prefix });
+}
+
+// boolean
+{
+  assert.strictEqual(converters.boolean(0), false);
+  assert.strictEqual(converters.boolean(NaN), false);
+  assert.strictEqual(converters.boolean(undefined), false);
+  assert.strictEqual(converters.boolean(null), false);
+  assert.strictEqual(converters.boolean(false), false);
+  assert.strictEqual(converters.boolean(''), false);
+
+  assert.strictEqual(converters.boolean(1), true);
+  assert.strictEqual(converters.boolean(Number.POSITIVE_INFINITY), true);
+  assert.strictEqual(converters.boolean(Number.NEGATIVE_INFINITY), true);
+  assert.strictEqual(converters.boolean('1'), true);
+  assert.strictEqual(converters.boolean('0'), true);
+  assert.strictEqual(converters.boolean('false'), true);
+  assert.strictEqual(converters.boolean(function() {}), true);
+  assert.strictEqual(converters.boolean(Symbol()), true);
+  assert.strictEqual(converters.boolean([]), true);
+  assert.strictEqual(converters.boolean({}), true);
+}
+
+// int conversion
+// https://webidl.spec.whatwg.org/#abstract-opdef-converttoint
+{
+  for (const [converter, max] of [
+    [converters.octet, Math.pow(2, 8) - 1],
+    [converters['unsigned short'], Math.pow(2, 16) - 1],
+    [converters['unsigned long'], Math.pow(2, 32) - 1],
+  ]) {
+    assert.strictEqual(converter(0), 0);
+    assert.strictEqual(converter(max), max);
+    assert.strictEqual(converter('' + 0), 0);
+    assert.strictEqual(converter('' + max), max);
+    assert.strictEqual(converter(3), 3);
+    assert.strictEqual(converter('' + 3), 3);
+    assert.strictEqual(converter(3.1), 3);
+    assert.strictEqual(converter(3.7), 3);
+
+    assert.strictEqual(converter(max + 1), 0);
+    assert.strictEqual(converter(max + 2), 1);
+    assert.throws(() => converter(max + 1, { ...opts, enforceRange: true }), {
+      name: 'TypeError',
+      code: 'ERR_OUT_OF_RANGE',
+      message: `${prefix}: ${context} is outside the expected range of 0 to ${max}.`,
+    });
+
+    assert.strictEqual(converter({}), 0);
+    assert.strictEqual(converter(NaN), 0);
+    assert.strictEqual(converter(false), 0);
+    assert.strictEqual(converter(true), 1);
+    assert.strictEqual(converter('1'), 1);
+    assert.strictEqual(converter('0'), 0);
+    assert.strictEqual(converter('{}'), 0);
+    assert.strictEqual(converter({}), 0);
+    assert.strictEqual(converter([]), 0);
+    assert.strictEqual(converter(function() {}), 0);
+
+    assert.throws(() => converter(Symbol(), opts), {
+      name: 'TypeError',
+      code: 'ERR_INVALID_ARG_TYPE',
+      message: `${prefix}: ${context} is a Symbol and cannot be converted to a number.`
+    });
+    assert.throws(() => converter(0n, opts), {
+      name: 'TypeError',
+      code: 'ERR_INVALID_ARG_TYPE',
+      message: `${prefix}: ${context} is a BigInt and cannot be converted to a number.`
+    });
+  }
+}
+
+// DOMString
+{
+  assert.strictEqual(converters.DOMString(1), '1');
+  assert.strictEqual(converters.DOMString(1n), '1');
+  assert.strictEqual(converters.DOMString(false), 'false');
+  assert.strictEqual(converters.DOMString(true), 'true');
+  assert.strictEqual(converters.DOMString(undefined), 'undefined');
+  assert.strictEqual(converters.DOMString(NaN), 'NaN');
+  assert.strictEqual(converters.DOMString({}), '[object Object]');
+  assert.strictEqual(converters.DOMString({ foo: 'bar' }), '[object Object]');
+  assert.strictEqual(converters.DOMString([]), '');
+  assert.strictEqual(converters.DOMString([1, 2]), '1,2');
+
+  assert.throws(() => converters.DOMString(Symbol(), opts), {
+    name: 'TypeError',
+    code: 'ERR_INVALID_ARG_TYPE',
+    message: `${prefix}: ${context} is a Symbol and cannot be converted to a string.`
+  });
+}
+
+// object
+{
+  for (const good of [{}, [], new Array(), function() {}]) {
+    assert.deepStrictEqual(converters.object(good), good);
+  }
+
+  for (const bad of [undefined, null, NaN, false, true, 0, 1, '', 'foo', Symbol(), 9n]) {
+    assert.throws(() => converters.object(bad, opts), {
+      name: 'TypeError',
+      code: 'ERR_INVALID_ARG_TYPE',
+      message: `${prefix}: ${context} is not an object.`
+    });
+  }
+}
+
+// Uint8Array
+{
+  for (const good of [Buffer.alloc(0), new Uint8Array()]) {
+    assert.deepStrictEqual(converters.Uint8Array(good), good);
+  }
+
+  for (const bad of [new ArrayBuffer(), new SharedArrayBuffer(), [], null, 'foo', undefined, true]) {
+    assert.throws(() => converters.Uint8Array(bad, opts), {
+      name: 'TypeError',
+      code: 'ERR_INVALID_ARG_TYPE',
+      message: `${prefix}: ${context} is not an Uint8Array object.`
+    });
+  }
+
+  assert.throws(() => converters.Uint8Array(new Uint8Array(new SharedArrayBuffer()), opts), {
+    name: 'TypeError',
+    code: 'ERR_INVALID_ARG_TYPE',
+    message: `${prefix}: ${context} is a view on a SharedArrayBuffer, which is not allowed.`
+  });
+}
+
+// BufferSource
+{
+  for (const good of [
+    Buffer.alloc(0),
+    new Uint8Array(),
+    new ArrayBuffer(),
+    new DataView(new ArrayBuffer()),
+    new BigInt64Array(),
+    new BigUint64Array(),
+    new Float32Array(),
+    new Float64Array(),
+    new Int8Array(),
+    new Int16Array(),
+    new Int32Array(),
+    new Uint8ClampedArray(),
+    new Uint16Array(),
+    new Uint32Array(),
+  ]) {
+    assert.deepStrictEqual(converters.BufferSource(good), good);
+  }
+
+  for (const bad of [new SharedArrayBuffer(), [], null, 'foo', undefined, true]) {
+    assert.throws(() => converters.BufferSource(bad, opts), {
+      name: 'TypeError',
+      code: 'ERR_INVALID_ARG_TYPE',
+      message: `${prefix}: ${context} is not instance of ArrayBuffer, Buffer, TypedArray, or DataView.`
+    });
+  }
+
+  assert.throws(() => converters.BufferSource(new Uint8Array(new SharedArrayBuffer()), opts), {
+    name: 'TypeError',
+    code: 'ERR_INVALID_ARG_TYPE',
+    message: `${prefix}: ${context} is a view on a SharedArrayBuffer, which is not allowed.`
+  });
+}
+
+// CryptoKey
+{
+
+  subtle.generateKey({ name: 'AES-CBC', length: 128 }, false, ['encrypt']).then((key) => {
+    assert.deepStrictEqual(converters.CryptoKey(key), key);
+  }).then(common.mustCall());
+
+  for (const bad of [
+    generateKeySync('aes', { length: 128 }),
+    undefined, null, 1, {}, Symbol(), true, false, [],
+  ]) {
+    assert.throws(() => converters.CryptoKey(bad, opts), {
+      name: 'TypeError',
+      code: 'ERR_INVALID_ARG_TYPE',
+      message: `${prefix}: ${context} is not of type CryptoKey.`
+    });
+  }
+}
+
+// AlgorithmIdentifier (Union for (object or DOMString))
+{
+  assert.strictEqual(converters.AlgorithmIdentifier('foo'), 'foo');
+  assert.deepStrictEqual(converters.AlgorithmIdentifier({ name: 'foo' }), { name: 'foo' });
+}
+
+// JsonWebKey
+{
+  for (const good of [
+    {},
+    { use: 'sig' },
+    { key_ops: ['sign'] },
+    { ext: true },
+    { oth: [] },
+    { oth: [{ r: '', d: '', t: '' }] },
+  ]) {
+    assert.deepStrictEqual(converters.JsonWebKey(good), good);
+    assert.deepStrictEqual(converters.JsonWebKey({ ...good, filtered: 'out' }), good);
+  }
+}
+
+// KeyFormat
+{
+  for (const good of ['jwk', 'spki', 'pkcs8', 'raw']) {
+    assert.strictEqual(converters.KeyFormat(good), good);
+  }
+
+  for (const bad of ['foo', 1, false]) {
+    assert.throws(() => converters.KeyFormat(bad, opts), {
+      name: 'TypeError',
+      code: 'ERR_INVALID_ARG_VALUE',
+      message: `${prefix}: ${context} value '${bad}' is not a valid enum value of type KeyFormat.`,
+    });
+  }
+}
+
+// KeyUsage
+{
+  for (const good of [
+    'encrypt',
+    'decrypt',
+    'sign',
+    'verify',
+    'deriveKey',
+    'deriveBits',
+    'wrapKey',
+    'unwrapKey',
+  ]) {
+    assert.strictEqual(converters.KeyUsage(good), good);
+  }
+
+  for (const bad of ['foo', 1, false]) {
+    assert.throws(() => converters.KeyUsage(bad, opts), {
+      name: 'TypeError',
+      code: 'ERR_INVALID_ARG_VALUE',
+      message: `${prefix}: ${context} value '${bad}' is not a valid enum value of type KeyUsage.`,
+    });
+  }
+}
+
+// Algorithm
+{
+  const good = { name: 'RSA-PSS' };
+  assert.deepStrictEqual(converters.Algorithm({ ...good, filtered: 'out' }, opts), good);
+
+  assert.throws(() => converters.Algorithm({}, opts), {
+    name: 'TypeError',
+    code: 'ERR_MISSING_OPTION',
+    message: `${prefix}: ${context} can not be converted to 'Algorithm' because 'name' is required in 'Algorithm'.`,
+  });
+}
+
+// RsaHashedKeyGenParams
+{
+  for (const good of [
+    {
+      name: 'RSA-OAEP',
+      hash: { name: 'SHA-1' },
+      modulusLength: 2048,
+      publicExponent: new Uint8Array([1, 0, 1]),
+    },
+    {
+      name: 'RSA-OAEP',
+      hash: 'SHA-1',
+      modulusLength: 2048,
+      publicExponent: new Uint8Array([1, 0, 1]),
+    },
+  ]) {
+    assert.deepStrictEqual(converters.RsaHashedKeyGenParams({ ...good, filtered: 'out' }, opts), good);
+    for (const required of ['hash', 'publicExponent', 'modulusLength']) {
+      assert.throws(() => converters.RsaHashedKeyGenParams({ ...good, [required]: undefined }, opts), {
+        name: 'TypeError',
+        code: 'ERR_MISSING_OPTION',
+        message: `${prefix}: ${context} can not be converted to 'RsaHashedKeyGenParams' because '${required}' is required in 'RsaHashedKeyGenParams'.`,
+      });
+    }
+  }
+}
+
+// RsaHashedImportParams
+{
+  for (const good of [
+    { name: 'RSA-OAEP', hash: { name: 'SHA-1' } },
+    { name: 'RSA-OAEP', hash: 'SHA-1' },
+  ]) {
+    assert.deepStrictEqual(converters.RsaHashedImportParams({ ...good, filtered: 'out' }, opts), good);
+    assert.throws(() => converters.RsaHashedImportParams({ ...good, hash: undefined }, opts), {
+      name: 'TypeError',
+      code: 'ERR_MISSING_OPTION',
+      message: `${prefix}: ${context} can not be converted to 'RsaHashedImportParams' because 'hash' is required in 'RsaHashedImportParams'.`,
+    });
+  }
+}
+
+// RsaPssParams
+{
+  const good = { name: 'RSA-PSS', saltLength: 20 };
+  assert.deepStrictEqual(converters.RsaPssParams({ ...good, filtered: 'out' }, opts), good);
+
+  assert.throws(() => converters.RsaPssParams({ ...good, saltLength: undefined }, opts), {
+    name: 'TypeError',
+    code: 'ERR_MISSING_OPTION',
+    message: `${prefix}: ${context} can not be converted to 'RsaPssParams' because 'saltLength' is required in 'RsaPssParams'.`,
+  });
+}
+
+// RsaOaepParams
+{
+  for (const good of [{ name: 'RSA-OAEP' }, { name: 'RSA-OAEP', label: Buffer.alloc(0) }]) {
+    assert.deepStrictEqual(converters.RsaOaepParams({ ...good, filtered: 'out' }, opts), good);
+  }
+}
+
+// EcKeyImportParams, EcKeyGenParams
+{
+  for (const name of ['EcKeyImportParams', 'EcKeyGenParams']) {
+    const { [name]: converter } = converters;
+
+    const good = { name: 'ECDSA', namedCurve: 'P-256' };
+    assert.deepStrictEqual(converter({ ...good, filtered: 'out' }, opts), good);
+
+    assert.throws(() => converter({ ...good, namedCurve: undefined }, opts), {
+      name: 'TypeError',
+      code: 'ERR_MISSING_OPTION',
+      message: `${prefix}: ${context} can not be converted to '${name}' because 'namedCurve' is required in '${name}'.`,
+    });
+  }
+}
+
+// EcdsaParams
+{
+  for (const good of [
+    { name: 'ECDSA', hash: { name: 'SHA-1' } },
+    { name: 'ECDSA', hash: 'SHA-1' },
+  ]) {
+    assert.deepStrictEqual(converters.EcdsaParams({ ...good, filtered: 'out' }, opts), good);
+    assert.throws(() => converters.EcdsaParams({ ...good, hash: undefined }, opts), {
+      name: 'TypeError',
+      code: 'ERR_MISSING_OPTION',
+      message: `${prefix}: ${context} can not be converted to 'EcdsaParams' because 'hash' is required in 'EcdsaParams'.`,
+    });
+  }
+}
+
+// HmacKeyGenParams, HmacImportParams
+{
+  for (const name of ['HmacKeyGenParams', 'HmacImportParams']) {
+    const { [name]: converter } = converters;
+
+    for (const good of [
+      { name: 'HMAC', hash: { name: 'SHA-1' } },
+      { name: 'HMAC', hash: { name: 'SHA-1' }, length: 20 },
+      { name: 'HMAC', hash: 'SHA-1' },
+      { name: 'HMAC', hash: 'SHA-1', length: 20 },
+    ]) {
+      assert.deepStrictEqual(converter({ ...good, filtered: 'out' }, opts), good);
+      assert.throws(() => converter({ ...good, hash: undefined }, opts), {
+        name: 'TypeError',
+        code: 'ERR_MISSING_OPTION',
+        message: `${prefix}: ${context} can not be converted to '${name}' because 'hash' is required in '${name}'.`,
+      });
+    }
+  }
+}
+
+// AesKeyGenParams, AesDerivedKeyParams
+{
+  for (const name of ['AesKeyGenParams', 'AesDerivedKeyParams']) {
+    const { [name]: converter } = converters;
+
+    const good = { name: 'AES-CBC', length: 128 };
+    assert.deepStrictEqual(converter({ ...good, filtered: 'out' }, opts), good);
+
+    assert.throws(() => converter({ ...good, length: undefined }, opts), {
+      name: 'TypeError',
+      code: 'ERR_MISSING_OPTION',
+      message: `${prefix}: ${context} can not be converted to '${name}' because 'length' is required in '${name}'.`,
+    });
+  }
+}
+
+// HkdfParams
+{
+  for (const good of [
+    { name: 'HKDF', hash: { name: 'SHA-1' }, salt: Buffer.alloc(0), info: Buffer.alloc(0) },
+    { name: 'HKDF', hash: 'SHA-1', salt: Buffer.alloc(0), info: Buffer.alloc(0) },
+  ]) {
+    assert.deepStrictEqual(converters.HkdfParams({ ...good, filtered: 'out' }, opts), good);
+    for (const required of ['hash', 'salt', 'info']) {
+      assert.throws(() => converters.HkdfParams({ ...good, [required]: undefined }, opts), {
+        name: 'TypeError',
+        code: 'ERR_MISSING_OPTION',
+        message: `${prefix}: ${context} can not be converted to 'HkdfParams' because '${required}' is required in 'HkdfParams'.`,
+      });
+    }
+  }
+}
+
+// Pbkdf2Params
+{
+  for (const good of [
+    { name: 'PBKDF2', hash: { name: 'SHA-1' }, iterations: 5, salt: Buffer.alloc(0) },
+    { name: 'PBKDF2', hash: 'SHA-1', iterations: 5, salt: Buffer.alloc(0) },
+  ]) {
+    assert.deepStrictEqual(converters.Pbkdf2Params({ ...good, filtered: 'out' }, opts), good);
+    for (const required of ['hash', 'iterations', 'salt']) {
+      assert.throws(() => converters.Pbkdf2Params({ ...good, [required]: undefined }, opts), {
+        name: 'TypeError',
+        code: 'ERR_MISSING_OPTION',
+        message: `${prefix}: ${context} can not be converted to 'Pbkdf2Params' because '${required}' is required in 'Pbkdf2Params'.`,
+      });
+    }
+  }
+}
+
+// AesCbcParams
+{
+  const good = { name: 'AES-CBC', iv: Buffer.alloc(0) };
+  assert.deepStrictEqual(converters.AesCbcParams({ ...good, filtered: 'out' }, opts), good);
+
+  assert.throws(() => converters.AesCbcParams({ ...good, iv: undefined }, opts), {
+    name: 'TypeError',
+    code: 'ERR_MISSING_OPTION',
+    message: `${prefix}: ${context} can not be converted to 'AesCbcParams' because 'iv' is required in 'AesCbcParams'.`,
+  });
+}
+
+// AesGcmParams
+{
+  for (const good of [
+    { name: 'AES-GCM', iv: Buffer.alloc(0) },
+    { name: 'AES-GCM', iv: Buffer.alloc(0), tagLength: 16 },
+    { name: 'AES-GCM', iv: Buffer.alloc(0), tagLength: 16, additionalData: Buffer.alloc(0) },
+  ]) {
+    assert.deepStrictEqual(converters.AesGcmParams({ ...good, filtered: 'out' }, opts), good);
+
+    assert.throws(() => converters.AesGcmParams({ ...good, iv: undefined }, opts), {
+      name: 'TypeError',
+      code: 'ERR_MISSING_OPTION',
+      message: `${prefix}: ${context} can not be converted to 'AesGcmParams' because 'iv' is required in 'AesGcmParams'.`,
+    });
+  }
+}
+
+// AesCtrParams
+{
+  const good = { name: 'AES-CTR', counter: Buffer.alloc(0), length: 20 };
+  assert.deepStrictEqual(converters.AesCtrParams({ ...good, filtered: 'out' }, opts), good);
+
+  for (const required of ['counter', 'length']) {
+    assert.throws(() => converters.AesCtrParams({ ...good, [required]: undefined }, opts), {
+      name: 'TypeError',
+      code: 'ERR_MISSING_OPTION',
+      message: `${prefix}: ${context} can not be converted to 'AesCtrParams' because '${required}' is required in 'AesCtrParams'.`,
+    });
+  }
+}
+
+// EcdhKeyDeriveParams
+{
+  subtle.generateKey({ name: 'ECDH', namedCurve: 'P-256' }, false, ['deriveBits']).then((kp) => {
+    const good = { name: 'ECDH', public: kp.publicKey };
+    assert.deepStrictEqual(converters.EcdhKeyDeriveParams({ ...good, filtered: 'out' }, opts), good);
+
+    assert.throws(() => converters.EcdhKeyDeriveParams({ ...good, public: undefined }, opts), {
+      name: 'TypeError',
+      code: 'ERR_MISSING_OPTION',
+      message: `${prefix}: ${context} can not be converted to 'EcdhKeyDeriveParams' because 'public' is required in 'EcdhKeyDeriveParams'.`,
+    });
+  }).then(common.mustCall());
+}
+
+// Ed448Params
+{
+  for (const good of [
+    { name: 'Ed448', context: new Uint8Array() },
+    { name: 'Ed448' },
+  ]) {
+    assert.deepStrictEqual(converters.Ed448Params({ ...good, filtered: 'out' }, opts), good);
+  }
+}
diff --git a/test/pummel/test-webcrypto-derivebits-pbkdf2.js b/test/pummel/test-webcrypto-derivebits-pbkdf2.js
index 6e3e7f532bac28..03d1c7ec4fa37d 100644
--- a/test/pummel/test-webcrypto-derivebits-pbkdf2.js
+++ b/test/pummel/test-webcrypto-derivebits-pbkdf2.js
@@ -382,7 +382,7 @@ async function setupBaseKeys() {
     promises.push(
       subtle.importKey(
         'raw',
-        kPasswords[size],
+        Buffer.from(kPasswords[size], 'hex'),
         { name: 'PBKDF2' },
         false,
         ['deriveBits'])
@@ -391,7 +391,7 @@ async function setupBaseKeys() {
     promises.push(
       subtle.importKey(
         'raw',
-        kPasswords[size],
+        Buffer.from(kPasswords[size], 'hex'),
         { name: 'PBKDF2' },
         false,
         ['deriveKey'])
@@ -470,7 +470,7 @@ async function testDeriveBitsBadHash(
   hash,
   iterations) {
   const salt = Buffer.from(kSalts[saltSize], 'hex');
-  const algorithm = { name: 'HKDF', salt, iterations };
+  const algorithm = { name: 'PBKDF2', salt, iterations };
 
   return Promise.all([
     assert.rejects(
@@ -479,7 +479,8 @@ async function testDeriveBitsBadHash(
           ...algorithm,
           hash: hash.substring(0, 3) + hash.substring(4)
         }, baseKeys[size], 256), {
-        message: /Unrecognized name/
+        message: /Unrecognized algorithm name/,
+        name: 'NotSupportedError',
       }),
     assert.rejects(
       subtle.deriveBits(
@@ -488,7 +489,8 @@ async function testDeriveBitsBadHash(
           hash: 'HKDF'
         },
         baseKeys[size], 256), {
-        message: /Unrecognized name/
+        message: /Unrecognized algorithm name/,
+        name: 'NotSupportedError',
       }),
   ]);
 }
@@ -565,7 +567,10 @@ async function testDeriveKeyBadHash(
         keyType,
         true,
         usages),
-      { message: /Unrecognized name/ }),
+      {
+        message: /Unrecognized algorithm name/,
+        name: 'NotSupportedError',
+      }),
     assert.rejects(
       subtle.deriveKey(
         {
@@ -576,7 +581,10 @@ async function testDeriveKeyBadHash(
         keyType,
         true,
         usages),
-      { message: /Unrecognized name/ }),
+      {
+        message: /Unrecognized algorithm name/,
+        name: 'NotSupportedError',
+      }),
   ]);
 }
 
diff --git a/test/wpt/status/WebCryptoAPI.json b/test/wpt/status/WebCryptoAPI.json
index 68360c9af2b314..3ab70ca95b2f90 100644
--- a/test/wpt/status/WebCryptoAPI.json
+++ b/test/wpt/status/WebCryptoAPI.json
@@ -1,4 +1,17 @@
 {
+  "encrypt_decrypt/aes_gcm.https.any.js": {
+    "fail": {
+      "note": "We're throwing correct error for the WebIDL definition, WPT needs update: https://github.com/web-platform-tests/wpt/pull/37734",
+      "expected": [
+        "AES-GCM 128-bit key, illegal tag length 256-bits",
+        "AES-GCM 192-bit key, illegal tag length 256-bits",
+        "AES-GCM 256-bit key, illegal tag length 256-bits",
+        "AES-GCM 128-bit key, illegal tag length 256-bits decryption",
+        "AES-GCM 192-bit key, illegal tag length 256-bits decryption",
+        "AES-GCM 256-bit key, illegal tag length 256-bits decryption"
+      ]
+    }
+  },
   "algorithm-discards-context.https.window.js": {
     "skip": "Not relevant in Node.js context"
   },

From 203e2696c300b5ed1115f5e0090295c6e2288e07 Mon Sep 17 00:00:00 2001
From: Filip Skokan <panva.ip@gmail.com>
Date: Fri, 17 Feb 2023 14:11:43 +0100
Subject: [PATCH 12/12] crypto: re-add padding for AES-KW wrapped JWKs

PR-URL: https://github.com/nodejs/node/pull/46563
Reviewed-By: James M Snell <jasnell@gmail.com>
Backport-PR-URL: https://github.com/nodejs/node/pull/47383
---
 lib/internal/crypto/webcrypto.js            | 12 +++++++++++-
 test/parallel/test-webcrypto-wrap-unwrap.js | 13 ++++++-------
 2 files changed, 17 insertions(+), 8 deletions(-)

diff --git a/lib/internal/crypto/webcrypto.js b/lib/internal/crypto/webcrypto.js
index 26fbd856486261..7f6716d3fd2ef0 100644
--- a/lib/internal/crypto/webcrypto.js
+++ b/lib/internal/crypto/webcrypto.js
@@ -8,6 +8,7 @@ const {
   ReflectApply,
   ReflectConstruct,
   SafeSet,
+  StringPrototypeRepeat,
   SymbolToStringTag,
 } = primordials;
 
@@ -681,7 +682,16 @@ async function wrapKey(format, key, wrappingKey, algorithm) {
   let keyData = await ReflectApply(exportKey, this, [format, key]);
 
   if (format === 'jwk') {
-    keyData = new TextEncoder().encode(JSONStringify(keyData));
+    const ec = new TextEncoder();
+    const raw = JSONStringify(keyData);
+    // As per the NOTE in step 13 https://w3c.github.io/webcrypto/#SubtleCrypto-method-wrapKey
+    // we're padding AES-KW wrapped JWK to make sure it is always a multiple of 8 bytes
+    // in length
+    if (algorithm.name === 'AES-KW' && raw.length % 8 !== 0) {
+      keyData = ec.encode(raw + StringPrototypeRepeat(' ', 8 - (raw.length % 8)));
+    } else {
+      keyData = ec.encode(raw);
+    }
   }
 
   return cipherOrWrap(
diff --git a/test/parallel/test-webcrypto-wrap-unwrap.js b/test/parallel/test-webcrypto-wrap-unwrap.js
index 1094845c73e143..a64d4cccdbc4c0 100644
--- a/test/parallel/test-webcrypto-wrap-unwrap.js
+++ b/test/parallel/test-webcrypto-wrap-unwrap.js
@@ -199,6 +199,10 @@ function getFormats(key) {
 // material length must be a multiple of 8.
 // If the wrapping algorithm is RSA-OAEP, the exported key
 // material maximum length is a factor of the modulusLength
+//
+// As per the NOTE in step 13 https://w3c.github.io/webcrypto/#SubtleCrypto-method-wrapKey
+// we're padding AES-KW wrapped JWK to make sure it is always a multiple of 8 bytes
+// in length
 async function wrappingIsPossible(name, exported) {
   if ('byteLength' in exported) {
     switch (name) {
@@ -207,13 +211,8 @@ async function wrappingIsPossible(name, exported) {
       case 'RSA-OAEP':
         return exported.byteLength <= 446;
     }
-  } else if ('kty' in exported) {
-    switch (name) {
-      case 'AES-KW':
-        return JSON.stringify(exported).length % 8 === 0;
-      case 'RSA-OAEP':
-        return JSON.stringify(exported).length <= 478;
-    }
+  } else if ('kty' in exported && name === 'RSA-OAEP') {
+    return JSON.stringify(exported).length <= 478;
   }
   return true;
 }