diff options
| author | Luca Casonato <hello@lcas.dev> | 2021-12-15 15:46:29 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-12-15 15:46:29 +0100 |
| commit | ec7d90666f68ae0bf6036a6915296622adc9b65c (patch) | |
| tree | 865f968bd48fb5d6d3b49be2bc31cd4d28a68ce0 /ext/crypto/00_crypto.js | |
| parent | ee49cce726c27cdcb372b9dba7f2deab840d9e6b (diff) | |
fix(ext/crypto): various cleanup in JWK imports (#13092)
This aligns all of the error messages, and makes falsey comparisons
more strict.
Diffstat (limited to 'ext/crypto/00_crypto.js')
| -rw-r--r-- | ext/crypto/00_crypto.js | 74 |
1 files changed, 38 insertions, 36 deletions
diff --git a/ext/crypto/00_crypto.js b/ext/crypto/00_crypto.js index 0e09197a8..3e0af0b3c 100644 --- a/ext/crypto/00_crypto.js +++ b/ext/crypto/00_crypto.js @@ -1869,10 +1869,11 @@ case "jwk": { // 1. const jwk = keyData; + // 2. if (jwk.kty !== "oct") { throw new DOMException( - "`kty` member of JsonWebKey must be `oct`", + "'kty' property of JsonWebKey must be 'oct'", "DataError", ); } @@ -1880,7 +1881,7 @@ // Section 6.4.1 of RFC7518 if (jwk.k === undefined) { throw new DOMException( - "`k` member of JsonWebKey must be present", + "'k' property of JsonWebKey must be present", "DataError", ); } @@ -1927,13 +1928,15 @@ } // 6. - if (keyUsages.length > 0 && jwk.use && jwk.use !== "enc") { + if ( + keyUsages.length > 0 && jwk.use !== undefined && jwk.use !== "enc" + ) { throw new DOMException("Invalid key usages", "DataError"); } // 7. // Section 4.3 of RFC7517 - if (jwk.key_ops) { + if (jwk.key_ops !== undefined) { if ( ArrayPrototypeFind( jwk.key_ops, @@ -1941,7 +1944,7 @@ ) !== undefined ) { throw new DOMException( - "`key_ops` member of JsonWebKey is invalid", + "'key_ops' property of JsonWebKey is invalid", "DataError", ); } @@ -1953,16 +1956,16 @@ ) ) { throw new DOMException( - "`key_ops` member of JsonWebKey is invalid", + "'key_ops' property of JsonWebKey is invalid", "DataError", ); } } // 8. - if (jwk.ext === false && extractable == true) { + if (jwk.ext === false && extractable === true) { throw new DOMException( - "`ext` member of JsonWebKey is invalid", + "'ext' property of JsonWebKey must not be false if extractable is true", "DataError", ); } @@ -2026,21 +2029,20 @@ break; } case "jwk": { - // TODO(@littledivy): Why does the spec validate JWK twice? const jwk = keyData; // 2. if (jwk.kty !== "oct") { throw new DOMException( - "`kty` member of JsonWebKey must be `oct`", + "'kty' property of JsonWebKey must be 'oct'", "DataError", ); } // Section 6.4.1 of RFC7518 - if (!jwk.k) { + if (jwk.k === undefined) { throw new DOMException( - "`k` member of JsonWebKey must be present", + "'k' property of JsonWebKey must be present", "DataError", ); } @@ -2061,7 +2063,7 @@ case "SHA-1": { if (jwk.alg !== undefined && jwk.alg !== "HS1") { throw new DOMException( - "`alg` member of JsonWebKey must be `HS1`", + "'alg' property of JsonWebKey must be 'HS1'", "DataError", ); } @@ -2070,7 +2072,7 @@ case "SHA-256": { if (jwk.alg !== undefined && jwk.alg !== "HS256") { throw new DOMException( - "`alg` member of JsonWebKey must be `HS256`", + "'alg' property of JsonWebKey must be 'HS256'", "DataError", ); } @@ -2079,7 +2081,7 @@ case "SHA-384": { if (jwk.alg !== undefined && jwk.alg !== "HS384") { throw new DOMException( - "`alg` member of JsonWebKey must be `HS384`", + "'alg' property of JsonWebKey must be 'HS384'", "DataError", ); } @@ -2088,7 +2090,7 @@ case "SHA-512": { if (jwk.alg !== undefined && jwk.alg !== "HS512") { throw new DOMException( - "`alg` member of JsonWebKey must be `HS512`", + "'alg' property of JsonWebKey must be 'HS512'", "DataError", ); } @@ -2099,16 +2101,18 @@ } // 7. - if (keyUsages.length > 0 && jwk.use && jwk.use !== "sign") { + if ( + keyUsages.length > 0 && jwk.use !== undefined && jwk.use !== "sign" + ) { throw new DOMException( - "`use` member of JsonWebKey must be `sign`", + "'use' property of JsonWebKey must be 'sign'", "DataError", ); } // 8. // Section 4.3 of RFC7517 - if (jwk.key_ops) { + if (jwk.key_ops !== undefined) { if ( ArrayPrototypeFind( jwk.key_ops, @@ -2116,7 +2120,7 @@ ) !== undefined ) { throw new DOMException( - "`key_ops` member of JsonWebKey is invalid", + "'key_ops' property of JsonWebKey is invalid", "DataError", ); } @@ -2128,16 +2132,16 @@ ) ) { throw new DOMException( - "`key_ops` member of JsonWebKey is invalid", + "'key_ops' property of JsonWebKey is invalid", "DataError", ); } } // 9. - if (jwk.ext === false && extractable == true) { + if (jwk.ext === false && extractable === true) { throw new DOMException( - "`ext` member of JsonWebKey is invalid", + "'ext' property of JsonWebKey must not be false if extractable is true", "DataError", ); } @@ -2390,19 +2394,17 @@ ) { throw new DOMException("Invalid key usages", "SyntaxError"); } - } else { - if ( - ArrayPrototypeFind( - keyUsages, - (u) => - !ArrayPrototypeIncludes( - SUPPORTED_RSA_KEY_USAGES[normalizedAlgorithm.name].public, - u, - ), - ) !== undefined - ) { - throw new DOMException("Invalid key usages", "SyntaxError"); - } + } else if ( + ArrayPrototypeFind( + keyUsages, + (u) => + !ArrayPrototypeIncludes( + SUPPORTED_RSA_KEY_USAGES[normalizedAlgorithm.name].public, + u, + ), + ) !== undefined + ) { + throw new DOMException("Invalid key usages", "SyntaxError"); } // 3. |