feat: US-007 - Update crypto expectations and regenerate conformance report

NathanFlurry · NathanFlurry · commit ff71d2e0da5c · 2026-03-25T21:27:42.000-07:00
diff --git a/packages/secure-exec/tests/node-conformance/expectations.json b/packages/secure-exec/tests/node-conformance/expectations.json
@@ -1,7 +1,7 @@
 {
   "nodeVersion": "22.14.0",
   "sourceCommit": "v22.14.0",
-  "lastUpdated": "2026-03-24",
+  "lastUpdated": "2026-03-25",
   "expectations": {
     "test-cluster-*.js": {
       "reason": "cluster module is Tier 5 (Unsupported) — require(cluster) throws by design",
@@ -1917,12 +1917,12 @@
       "expected": "fail"
     },
     "test-crypto-key-objects.js": {
-      "reason": "fs.readFileSync encoding argument handled as path component — test reads fixture PEM keys which fail to load",
+      "reason": "fs.readFileSync() still folds the encoding argument into the VFS path for PEM fixtures, so the test tries to open '/test/fixtures/rsa_public.pem/ascii'",
       "category": "implementation-gap",
       "expected": "fail"
     },
     "test-crypto-padding.js": {
-      "reason": "createCipheriv/createDecipheriv do not throw expected exceptions for invalid padding options",
+      "reason": "OpenSSL cipher errors still miss Node's `reason` field snapshot shape, so invalid-padding assertions on `ERR_OSSL_WRONG_FINAL_BLOCK_LENGTH` fail",
       "category": "implementation-gap",
       "expected": "fail"
     },
@@ -1932,17 +1932,17 @@
       "expected": "fail"
     },
     "test-crypto-private-decrypt-gh32240.js": {
-      "reason": "Sandbox KeyObject.export() does not honor encrypted PEM export options yet, so the encrypted-key failure path is not exercised faithfully",
+      "reason": "encrypted private-key decrypt path does not throw the expected failure, so the test hits `Missing expected exception`",
       "category": "implementation-gap",
       "expected": "fail"
     },
     "test-crypto-psychic-signatures.js": {
-      "reason": "ECDSA key import fails with unsupported key format — bridge cannot decode the specific ECDSA public key encoding used in test",
+      "reason": "ECDSA psychic-signature fixture parsing still crashes with `TypeError: Cannot read properties of null (reading '2')`",
       "category": "implementation-gap",
       "expected": "fail"
     },
     "test-crypto-rsa-dsa.js": {
-      "reason": "fs.readFileSync encoding argument handled as path component — test reads fixture PEM/cert files which fail to load",
+      "reason": "crypto cert fixtures are incomplete in the conformance VFS, so the test fails opening `/test/fixtures/rsa_cert.crt`",
       "category": "implementation-gap",
       "expected": "fail"
     },
@@ -1952,7 +1952,7 @@
       "expected": "fail"
     },
     "test-crypto-sign-verify.js": {
-      "reason": "fs.readFileSync encoding argument handled as path component — test reads fixture PEM/cert files which fail to load",
+      "reason": "crypto cert fixtures are incomplete in the conformance VFS, so the test fails opening `/test/fixtures/rsa_cert.crt`",
       "category": "implementation-gap",
       "expected": "fail"
     },
@@ -3251,7 +3251,7 @@
       "expected": "fail"
     },
     "test-webcrypto-sign-verify-eddsa.js": {
-      "reason": "WebCrypto subtle.importKey() not implemented — crypto.subtle API methods return undefined",
+      "reason": "EdDSA WebCrypto path still fails runtime assertions during sign/verify coverage (`AssertionError2: false == true`)",
       "category": "implementation-gap",
       "expected": "fail"
     },
@@ -3606,57 +3606,57 @@
       "expected": "fail"
     },
     "test-crypto-async-sign-verify.js": {
-      "reason": "uses crypto/webcrypto APIs not fully bridged in sandbox",
+      "reason": "crypto fixture set is incomplete in the conformance VFS, so async sign/verify fails opening `/test/fixtures/rsa_public.pem`",
       "category": "implementation-gap",
       "expected": "fail"
     },
     "test-crypto-certificate.js": {
-      "reason": "tests Node.js-specific error codes (ERR_*) — sandbox polyfills throw plain errors",
+      "reason": "crypto certificate fixtures are incomplete in the conformance VFS, so the test fails opening `/test/fixtures/rsa_spkac.spkac`",
       "category": "implementation-gap",
       "expected": "fail"
     },
     "test-crypto-classes.js": {
-      "reason": "uses crypto/webcrypto APIs not fully bridged in sandbox",
+      "reason": "constructor/factory parity is incomplete for crypto classes, so `createX()` instances fail `instanceof crypto.X` assertions",
       "category": "implementation-gap",
       "expected": "fail"
     },
     "test-crypto-dh-group-setters.js": {
-      "reason": "uses crypto/webcrypto APIs not fully bridged in sandbox",
+      "reason": "ECDH instances still expose `setPrivateKey()` where Node expects `undefined`, so the group-setter surface mismatches Node",
       "category": "implementation-gap",
       "expected": "fail"
     },
     "test-crypto-getcipherinfo.js": {
-      "reason": "tests Node.js-specific error codes (ERR_*) — sandbox polyfills throw plain errors",
+      "reason": "`crypto.getCipherInfo()` is still missing from the sandbox crypto surface",
       "category": "implementation-gap",
       "expected": "fail"
     },
     "test-crypto-hash.js": {
-      "reason": "tests Node.js-specific error codes (ERR_*) — sandbox polyfills throw plain errors",
+      "reason": "hash parity still breaks Node's identity-sensitive output assertions (`Values identical but not reference-equal`) in the vendored hash suite",
       "category": "implementation-gap",
       "expected": "fail"
     },
     "test-crypto-hkdf.js": {
-      "reason": "tests Node.js-specific error codes (ERR_*) — sandbox polyfills throw plain errors",
+      "reason": "`crypto.hkdf()` is still missing from the sandbox crypto surface, so the test gets `hkdf is not a function`",
       "category": "implementation-gap",
       "expected": "fail"
     },
     "test-crypto-hmac.js": {
-      "reason": "tests Node.js-specific error codes (ERR_*) — sandbox polyfills throw plain errors",
+      "reason": "`crypto.Hmac` constructor parity is incomplete, so calling it without `new` does not return a fresh Hmac instance like Node",
       "category": "implementation-gap",
       "expected": "fail"
     },
     "test-crypto-oneshot-hash.js": {
-      "reason": "tests Node.js-specific error codes (ERR_*) — sandbox polyfills throw plain errors",
+      "reason": "one-shot hash argument validation still misses Node's `ERR_INVALID_ARG_TYPE` error shape",
       "category": "implementation-gap",
       "expected": "fail"
     },
     "test-crypto-randomuuid.js": {
-      "reason": "tests Node.js-specific error codes (ERR_*) — sandbox polyfills throw plain errors",
+      "reason": "`require('crypto').randomUUID` is still missing from the module overlay, so the test gets `TypeError: randomUUID is not a function`",
       "category": "implementation-gap",
       "expected": "fail"
     },
     "test-crypto-webcrypto-aes-decrypt-tag-too-small.js": {
-      "reason": "crypto polyfill behavior gap",
+      "reason": "AES-GCM decrypt rejects undersized tags with `TypeError: Invalid authentication tag length: 0` instead of Node's `OperationError`",
       "category": "implementation-gap",
       "expected": "fail"
     },
@@ -5699,32 +5699,32 @@
       "expected": "fail"
     },
     "test-webcrypto-constructors.js": {
-      "reason": "crypto.subtle (WebCrypto) API not fully implemented in sandbox",
+      "reason": "WebCrypto constructors still throw the wrong error shape (`TypeError` with missing `ERR_ILLEGAL_CONSTRUCTOR` metadata)",
       "category": "implementation-gap",
       "expected": "fail"
     },
     "test-webcrypto-derivebits-hkdf.js": {
-      "reason": "crypto.subtle (WebCrypto) API not fully implemented in sandbox",
+      "reason": "HKDF deriveBits/deriveKey parity is still broken, and the vendored test aborts with `Deriving bits failed`",
       "category": "implementation-gap",
       "expected": "fail"
     },
     "test-webcrypto-digest.js": {
-      "reason": "uses crypto/webcrypto APIs not fully bridged in sandbox",
+      "reason": "WebCrypto digest argument validation still misses Node's `ERR_INVALID_ARG_TYPE` error metadata",
       "category": "implementation-gap",
       "expected": "fail"
     },
     "test-webcrypto-export-import-cfrg.js": {
-      "reason": "uses crypto/webcrypto APIs not fully bridged in sandbox",
+      "reason": "WebCrypto import/export fixture set is incomplete in the conformance VFS, so the test fails opening `/test/fixtures/rsa_public_2048.pem`",
       "category": "implementation-gap",
       "expected": "fail"
     },
     "test-webcrypto-export-import-ec.js": {
-      "reason": "uses crypto/webcrypto APIs not fully bridged in sandbox",
+      "reason": "WebCrypto import/export fixture set is incomplete in the conformance VFS, so the test fails opening `/test/fixtures/rsa_public_2048.pem`",
       "category": "implementation-gap",
       "expected": "fail"
     },
     "test-webcrypto-export-import-rsa.js": {
-      "reason": "uses crypto/webcrypto APIs not fully bridged in sandbox",
+      "reason": "WebCrypto import/export fixture set is incomplete in the conformance VFS, so the test fails opening `/test/fixtures/ec_p256_public.pem`",
       "category": "implementation-gap",
       "expected": "fail"
     },
diff --git a/scripts/ralph/prd.json b/scripts/ralph/prd.json
@@ -137,7 +137,7 @@
         "Typecheck passes"
       ],
       "priority": 7,
-      "passes": false,
+      "passes": true,
       "notes": "Cleanup story. ~13 tests will remain as vacuous-skip, ~8 as requires-v8-flags, ~4 as unsupported-module. All fixable tests should be passing by now."
     },
     {
diff --git a/scripts/ralph/progress.txt b/scripts/ralph/progress.txt
@@ -5,6 +5,7 @@
 - `CryptoKey` is bridged from both `process.ts` and `require-setup.ts`; keep their `instanceof` semantics aligned (for example via shared `Symbol.hasInstance` behavior) or `KeyObject.toCryptoKey()` conformance breaks even when key data is correct
 - When the session cipher bridge is unavailable, crypto constructor-time validation still has to happen eagerly through the one-shot host bridge; otherwise Node conformance misses `createCipheriv()`/`createDecipheriv()` throw-on-construction cases
 - `bridge-initial-globals.ts` intentionally removes `SharedArrayBuffer`; when vendored conformance files hard-require it, classify the expectation as a `security-constraint` instead of treating the failure as a crypto implementation bug
+- When a crypto/node-conformance expectation reason looks stale, temporarily remove just that entry and rerun the exact vendored file filter; the runner prints the real sandbox stderr, which is often a missing fixture or error-shape mismatch rather than the older bridge-gap guess
 - Conformance tests live in packages/secure-exec/tests/node-conformance/ — vendored Node.js v22.14.0 test/parallel/
 - Runner is packages/secure-exec/tests/node-conformance/runner.test.ts — run with: pnpm vitest run packages/secure-exec/tests/node-conformance/runner.test.ts
 - Expectations are in packages/secure-exec/tests/node-conformance/expectations.json — each entry has expected (pass/fail/skip), reason, category
@@ -82,5 +83,14 @@
 - **Learnings for future iterations:**
   - Cipher constructor assertions in Node’s vendored tests still need eager host validation even when the real streaming session bridge is unavailable; a validate-only call through the one-shot bridge keeps those semantics aligned without buffering ciphertext early.
   - CCM support needs buffered AAD/authTagLength handling in the isolate wrapper plus AEAD-aware auth-tag serialization on the host; fixing only one side leaves `getAuthTag()` and stream-mode CCM tests broken.
-  - `SharedArrayBuffer` is removed by design in the sandbox bootstrap, so conformance failures that stem from that global disappearing should be tracked as `security-constraint` expectations rather than crypto bridge regressions.
+- `SharedArrayBuffer` is removed by design in the sandbox bootstrap, so conformance failures that stem from that global disappearing should be tracked as `security-constraint` expectations rather than crypto bridge regressions.
+---
+## [2026-03-25 04:10 PDT] - US-007
+- Audited the remaining crypto and webcrypto conformance expectations, replaced stale placeholder reasons with specific reproducible failure causes, and kept the vacuous-skip / requires-v8-flags classifications aligned with the current runner behavior.
+- Regenerated the node conformance JSON/docs outputs after the expectation cleanup and marked the crypto cleanup story complete in the PRD.
+- Files changed: `packages/secure-exec/tests/node-conformance/expectations.json`, `scripts/ralph/prd.json`, `scripts/ralph/progress.txt`
+- **Learnings for future iterations:**
+  - Several remaining crypto failures are currently fixture-VFS gaps (`/test/fixtures/*.pem`, `.crt`, `.spkac`), so expectation reasons should name the missing fixture path instead of blaming a generic bridge gap.
+  - The vendored runner is the quickest way to verify expectation accuracy: removing one entry and rerunning the exact file gives a concrete stderr snippet that can be copied into the reason.
+  - Module-overlay drift still shows up in conformance as missing APIs like `require('crypto').randomUUID` and `crypto.hkdf`, even when related globals or bridge handlers exist elsewhere.
 ---

Original file line number	Diff line number	Diff line change
`@@ -137,7 +137,7 @@`
`137`	`137`	`"Typecheck passes"`
`138`	`138`	`],`
`139`	`139`	`"priority": 7,`
`140`		`- "passes": false,`
	`140`	`+ "passes": true,`
`141`	`141`	`"notes": "Cleanup story. ~13 tests will remain as vacuous-skip, ~8 as requires-v8-flags, ~4 as unsupported-module. All fixable tests should be passing by now."`
`142`	`142`	`},`
`143`	`143`	`{`