1 files changed, 2 insertions, 4 deletions

diff --git a/testing/web-platform/tests/WebCryptoAPI/derive_bits_keys/cfrg_curves_bits.js b/testing/web-platform/tests/WebCryptoAPI/derive_bits_keys/cfrg_curves_bits.js
index ef6905e574..422a230bd1 100644
--- a/testing/web-platform/tests/WebCryptoAPI/derive_bits_keys/cfrg_curves_bits.js
+++ b/testing/web-platform/tests/WebCryptoAPI/derive_bits_keys/cfrg_curves_bits.js
@@ -6,8 +6,6 @@ function define_tests() {
   // Verify the derive functions perform checks against the all-zero value results,
   // ensuring small-order points are rejected.
   // https://www.rfc-editor.org/rfc/rfc7748#section-6.1
-  // TODO: The spec states that the check must be done on use, but there is discussion about doing it on import.
-  // https://github.com/WICG/webcrypto-secure-curves/pull/13
   Object.keys(kSmallOrderPoint).forEach(function(algorithmName) {
       kSmallOrderPoint[algorithmName].forEach(function(test) {
           promise_test(async() => {
@@ -23,8 +21,8 @@ function define_tests() {
                                                  false, [])
                   derived = await subtle.deriveBits({name: algorithmName, public: publicKey}, privateKey, 8 * sizes[algorithmName]);
               } catch (err) {
-                  assert_false(privateKey === undefined, "Private key should be valid.");
-                  assert_false(publicKey === undefined, "Public key should be valid.");
+                  assert_true(privateKey !== undefined, "Private key should be valid.");
+                  assert_true(publicKey !== undefined, "Public key should be valid.");
                   assert_equals(err.name, "OperationError", "Should throw correct error, not " + err.name + ": " + err.message + ".");
               }
               assert_equals(derived, undefined, "Operation succeeded, but should not have.");