diff options
| author | 李瑞丰 <liruifeng1024@gmail.com> | 2022-10-03 12:07:25 +0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-10-03 09:37:25 +0530 |
| commit | b3444e0d3b3544816e0286dda3e861fd5debea65 (patch) | |
| tree | 1bfbe5af1c433ed42088b23c0060287de3604f4e | |
| parent | bac3a1210f9c773112f3d5001305d1cc6a097798 (diff) | |
fix(ext/crypto): fix importKey error when leading zeroes (#16009)
Co-authored-by: Jason <m.jason.liu@outlook.com>
| -rw-r--r-- | cli/tests/unit/webcrypto_test.ts | 27 | ||||
| -rw-r--r-- | ext/crypto/import_key.rs | 10 |
2 files changed, 36 insertions, 1 deletions
diff --git a/cli/tests/unit/webcrypto_test.ts b/cli/tests/unit/webcrypto_test.ts index a6cab93dd..6695b157a 100644 --- a/cli/tests/unit/webcrypto_test.ts +++ b/cli/tests/unit/webcrypto_test.ts @@ -1827,3 +1827,30 @@ Deno.test(async function exportKeyNotExtractable() { await crypto.subtle.exportKey("raw", key); }, DOMException); }); + +// https://github.com/denoland/deno/issues/15126 +Deno.test(async function testImportLeadingZeroesKey() { + const alg = { name: "ECDSA", namedCurve: "P-256" }; + + const jwk = { + kty: "EC", + crv: "P-256", + alg: "ES256", + x: "EvidcdFB1xC6tgfakqZsU9aIURxAJkcX62zHe1Nt6xU", + y: "AHsk6BioGM7MZWeXOE_49AGmtuaXFT3Ill3DYtz9uYg", + d: "WDeYo4o1heCF9l_2VIaClRyIeO16zsMlN8UG6Le9dU8", + "key_ops": ["sign"], + ext: true, + }; + + const key = await crypto.subtle.importKey( + "jwk", + jwk, + alg, + true, + ["sign"], + ); + + assert(key instanceof CryptoKey); + assertEquals(key.type, "private"); +}); diff --git a/ext/crypto/import_key.rs b/ext/crypto/import_key.rs index 015ee41d5..225950aa7 100644 --- a/ext/crypto/import_key.rs +++ b/ext/crypto/import_key.rs @@ -637,7 +637,15 @@ fn decode_b64url_to_field_bytes<C: elliptic_curve::Curve>( jwt_b64_int_or_err!(val, b64, "invalid b64 coordinate"); let mut bytes = elliptic_curve::FieldBytes::<C>::default(); - let val = val.as_bytes(); + let original_bytes = val.as_bytes(); + let mut new_bytes: Vec<u8> = vec![]; + if original_bytes.len() < bytes.len() { + new_bytes = vec![0; bytes.len() - original_bytes.len()]; + } + new_bytes.extend_from_slice(original_bytes); + + let val = new_bytes.as_slice(); + if val.len() != bytes.len() { return Err(data_error("invalid b64 coordinate")); } |