fix(ext/crypto) - exportKey JWK for AES/HMAC must use base64url (#13264)

Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
author: Sean Michael Wykes <8363933+SeanWykes@users.noreply.github.com> 2022-01-04 21:00:37 -0300
committer: GitHub <noreply@github.com> 2022-01-05 01:00:37 +0100
commit: c4a0a43ce832c85de6bb97a4afc9ecf915e63e5a (patch)
tree: c078f2dd3b0721b4ecedf63622015a189361d01c /ext/crypto/00_crypto.js
parent: 80bf2828c6398d000968d61f56f2f808a569adc2 (diff)
1 files changed, 23 insertions, 20 deletions
diff --git a/ext/crypto/00_crypto.js b/ext/crypto/00_crypto.js
index 5d216dbf4..95eb18daa 100644
--- a/ext/crypto/00_crypto.js
+++ b/ext/crypto/00_crypto.js
@@ -12,7 +12,6 @@
   const core = window.Deno.core;
   const webidl = window.__bootstrap.webidl;
   const { DOMException } = window.__bootstrap.domException;
-  const { btoa } = window.__bootstrap.base64;
 
   const {
     ArrayBuffer,
@@ -25,8 +24,6 @@
     Int32Array,
     Int8Array,
     ObjectAssign,
-    StringFromCharCode,
-    StringPrototypeReplace,
     StringPrototypeToLowerCase,
     StringPrototypeToUpperCase,
     Symbol,
@@ -175,15 +172,6 @@
     },
   };
 
-  function unpaddedBase64(bytes) {
-    let binaryString = "";
-    for (let i = 0; i < bytes.length; i++) {
-      binaryString += StringFromCharCode(bytes[i]);
-    }
-    const base64String = btoa(binaryString);
-    return StringPrototypeReplace(base64String, /=/g, "");
-  }
-
   // See https://www.w3.org/TR/WebCryptoAPI/#dfn-normalize-an-algorithm
   // 18.4.4
   function normalizeAlgorithm(algorithm, op) {
@@ -1836,16 +1824,18 @@
         return data.buffer;
       }
       case "jwk": {
-        // 1-3.
+        // 1-2.
         const jwk = {
           kty: "oct",
-          // 5.
-          ext: key[_extractable],
-          // 6.
-          "key_ops": key.usages,
-          k: unpaddedBase64(innerKey.data),
         };
 
+        // 3.
+        const data = core.opSync("op_crypto_export_key", {
+          format: "jwksecret",
+          algorithm: "AES",
+        }, innerKey);
+        ObjectAssign(jwk, data);
+
         // 4.
         const algorithm = key[_algorithm];
         switch (algorithm.length) {
@@ -1865,6 +1855,12 @@
             );
         }
 
+        // 5.
+        jwk.key_ops = key.usages;
+
+        // 6.
+        jwk.ext = key[_extractable];
+
         // 7.
         return jwk;
       }
@@ -3092,11 +3088,18 @@
         return bits.buffer;
       }
       case "jwk": {
-        // 1-3.
+        // 1-2.
         const jwk = {
           kty: "oct",
-          k: unpaddedBase64(innerKey.data),
         };
+
+        // 3.
+        const data = core.opSync("op_crypto_export_key", {
+          format: "jwksecret",
+          algorithm: key[_algorithm].name,
+        }, innerKey);
+        jwk.k = data.k;
+
         // 4.
         const algorithm = key[_algorithm];
         // 5.
author	Sean Michael Wykes <8363933+SeanWykes@users.noreply.github.com>	2022-01-04 21:00:37 -0300
committer	GitHub <noreply@github.com>	2022-01-05 01:00:37 +0100
commit	c4a0a43ce832c85de6bb97a4afc9ecf915e63e5a (patch)
tree	c078f2dd3b0721b4ecedf63622015a189361d01c /ext/crypto/00_crypto.js
parent	80bf2828c6398d000968d61f56f2f808a569adc2 (diff)