Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit ef64b86

Browse filesBrowse files
panvadanielleadams
panva
authored and
danielleadams
committed
crypto: fix ECDH webcrypto public CryptoKey usages
PR-URL: #45569 Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
1 parent b92b804 commit ef64b86
Copy full SHA for ef64b86

File tree

Expand file treeCollapse file tree

4 files changed

+24
-17
lines changed
Open diff view settings
Filter options
Expand file treeCollapse file tree

4 files changed

+24
-17
lines changed
Open diff view settings
Collapse file

‎lib/internal/crypto/ec.js‎

Copy file name to clipboardExpand all lines: lib/internal/crypto/ec.js
+8-1Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -58,7 +58,14 @@ function verifyAcceptableEcKeyUse(name, type, usages) {
5858
let checkSet;
5959
switch (name) {
6060
case 'ECDH':
61-
checkSet = ['deriveKey', 'deriveBits'];
61+
switch (type) {
62+
case 'private':
63+
checkSet = ['deriveKey', 'deriveBits'];
64+
break;
65+
case 'public':
66+
checkSet = [];
67+
break;
68+
}
6269
break;
6370
case 'ECDSA':
6471
switch (type) {
Collapse file

‎test/parallel/test-webcrypto-derivebits-ecdh.js‎

Copy file name to clipboardExpand all lines: test/parallel/test-webcrypto-derivebits-ecdh.js
+6-6Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -73,7 +73,7 @@ async function prepareKeys() {
7373
namedCurve
7474
},
7575
true,
76-
['deriveKey', 'deriveBits']),
76+
[]),
7777
]);
7878
keys[namedCurve] = {
7979
privateKey,
@@ -235,17 +235,17 @@ async function prepareKeys() {
235235
name: 'ECDH',
236236
public: keys['P-521'].publicKey
237237
}, keys['P-521'].publicKey, null), {
238-
message: /baseKey must be a private key/
238+
name: 'InvalidAccessError'
239239
});
240240
}
241241

242242
{
243-
// Base key is not a private key
243+
// Public is not a public key
244244
await assert.rejects(subtle.deriveBits({
245245
name: 'ECDH',
246246
public: keys['P-521'].privateKey
247-
}, keys['P-521'].publicKey, null), {
248-
message: /algorithm\.public must be a public key/
247+
}, keys['P-521'].privateKey, null), {
248+
name: 'InvalidAccessError'
249249
});
250250
}
251251

@@ -262,7 +262,7 @@ async function prepareKeys() {
262262
name: 'ECDH',
263263
public: key
264264
}, keys['P-521'].publicKey, null), {
265-
message: /algorithm\.public must be a public key/
265+
name: 'InvalidAccessError'
266266
});
267267
}
268268
})().then(common.mustCall());
Collapse file

‎test/parallel/test-webcrypto-derivekey-ecdh.js‎

Copy file name to clipboardExpand all lines: test/parallel/test-webcrypto-derivekey-ecdh.js
+4-4Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -68,7 +68,7 @@ async function prepareKeys() {
6868
namedCurve
6969
},
7070
true,
71-
['deriveKey', 'deriveBits']),
71+
[]),
7272
]);
7373
keys[namedCurve] = {
7474
privateKey,
@@ -209,7 +209,7 @@ async function prepareKeys() {
209209
},
210210
keys['P-521'].publicKey,
211211
...otherArgs),
212-
{ message: /baseKey must be a private key/ });
212+
{ name: 'InvalidAccessError' });
213213
}
214214

215215
{
@@ -222,7 +222,7 @@ async function prepareKeys() {
222222
},
223223
keys['P-521'].publicKey,
224224
...otherArgs),
225-
{ message: /algorithm\.public must be a public key/ });
225+
{ name: 'InvalidAccessError' });
226226
}
227227

228228
{
@@ -242,6 +242,6 @@ async function prepareKeys() {
242242
},
243243
keys['P-521'].publicKey,
244244
...otherArgs),
245-
{ message: /algorithm\.public must be a public key/ });
245+
{ name: 'InvalidAccessError' });
246246
}
247247
})().then(common.mustCall());
Collapse file

‎test/parallel/test-webcrypto-export-import-ec.js‎

Copy file name to clipboardExpand all lines: test/parallel/test-webcrypto-export-import-ec.js
+6-6Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -333,19 +333,19 @@ async function testImportRaw({ name, publicUsages }, namedCurve) {
333333
const rsaPrivate = crypto.createPrivateKey(
334334
fixtures.readKey('rsa_private_2048.pem'));
335335

336-
for (const [name, [publicUsage, privateUsage]] of Object.entries({
337-
'ECDSA': ['verify', 'sign'],
338-
'ECDH': ['deriveBits', 'deriveBits'],
339-
})) {
336+
for (const [name, publicUsages, privateUsages] of [
337+
['ECDSA', ['verify'], ['sign']],
338+
['ECDH', [], ['deriveBits', 'deriveBits']],
339+
]) {
340340
assert.rejects(subtle.importKey(
341341
'spki',
342342
rsaPublic.export({ format: 'der', type: 'spki' }),
343343
{ name, hash: 'SHA-256', namedCurve: 'P-256' },
344-
true, [publicUsage]), { message: /Invalid key type/ });
344+
true, publicUsages), { message: /Invalid key type/ });
345345
assert.rejects(subtle.importKey(
346346
'pkcs8',
347347
rsaPrivate.export({ format: 'der', type: 'pkcs8' }),
348348
{ name, hash: 'SHA-256', namedCurve: 'P-256' },
349-
true, [privateUsage]), { message: /Invalid key type/ });
349+
true, privateUsages), { message: /Invalid key type/ });
350350
}
351351
}

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.