foster/deno
0
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2025-03-03 09:31:22 -05:00
Code Issues Packages 1 Wiki Activity

fix(ext/crypto): various cleanup in JWK imports (#13092)

Browse source 
This aligns all of the error messages, and makes falsey comparisons
more strict.
This commit is contained in:
Luca Casonato 2021-12-15 15:46:29 +01:00 committed by GitHub
parent ee49cce726
commit ec7d90666f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 38 additions and 36 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

74
ext/crypto/00_crypto.js
View file

@ -1869,10 +1869,11 @@
case "jwk": {
// 1.
const jwk = keyData;
// 2.
if (jwk.kty !== "oct") {
throw new DOMException(
"`kty` member of JsonWebKey must be `oct`",
"'kty' property of JsonWebKey must be 'oct'",
"DataError",
);
}
@ -1880,7 +1881,7 @@
// Section 6.4.1 of RFC7518
if (jwk.k === undefined) {
throw new DOMException(
"`k` member of JsonWebKey must be present",
"'k' property of JsonWebKey must be present",
"DataError",
);
}
@ -1927,13 +1928,15 @@
}
// 6.
if (keyUsages.length > 0 && jwk.use && jwk.use !== "enc") {
if (
keyUsages.length > 0 && jwk.use !== undefined && jwk.use !== "enc"
) {
throw new DOMException("Invalid key usages", "DataError");
}
// 7.
// Section 4.3 of RFC7517
if (jwk.key_ops) {
if (jwk.key_ops !== undefined) {
if (
ArrayPrototypeFind(
jwk.key_ops,
@ -1941,7 +1944,7 @@
) !== undefined
) {
throw new DOMException(
"`key_ops` member of JsonWebKey is invalid",
"'key_ops' property of JsonWebKey is invalid",
"DataError",
);
}
@ -1953,16 +1956,16 @@
)
) {
throw new DOMException(
"`key_ops` member of JsonWebKey is invalid",
"'key_ops' property of JsonWebKey is invalid",
"DataError",
);
}
}
// 8.
if (jwk.ext === false && extractable == true) {
if (jwk.ext === false && extractable === true) {
throw new DOMException(
"`ext` member of JsonWebKey is invalid",
"'ext' property of JsonWebKey must not be false if extractable is true",
"DataError",
);
}
@ -2026,21 +2029,20 @@
break;
}
case "jwk": {
// TODO(@littledivy): Why does the spec validate JWK twice?
const jwk = keyData;
// 2.
if (jwk.kty !== "oct") {
throw new DOMException(
"`kty` member of JsonWebKey must be `oct`",
"'kty' property of JsonWebKey must be 'oct'",
"DataError",
);
}
// Section 6.4.1 of RFC7518
if (!jwk.k) {
if (jwk.k === undefined) {
throw new DOMException(
"`k` member of JsonWebKey must be present",
"'k' property of JsonWebKey must be present",
"DataError",
);
}
@ -2061,7 +2063,7 @@
case "SHA-1": {
if (jwk.alg !== undefined && jwk.alg !== "HS1") {
throw new DOMException(
"`alg` member of JsonWebKey must be `HS1`",
"'alg' property of JsonWebKey must be 'HS1'",
"DataError",
);
}
@ -2070,7 +2072,7 @@
case "SHA-256": {
if (jwk.alg !== undefined && jwk.alg !== "HS256") {
throw new DOMException(
"`alg` member of JsonWebKey must be `HS256`",
"'alg' property of JsonWebKey must be 'HS256'",
"DataError",
);
}
@ -2079,7 +2081,7 @@
case "SHA-384": {
if (jwk.alg !== undefined && jwk.alg !== "HS384") {
throw new DOMException(
"`alg` member of JsonWebKey must be `HS384`",
"'alg' property of JsonWebKey must be 'HS384'",
"DataError",
);
}
@ -2088,7 +2090,7 @@
case "SHA-512": {
if (jwk.alg !== undefined && jwk.alg !== "HS512") {
throw new DOMException(
"`alg` member of JsonWebKey must be `HS512`",
"'alg' property of JsonWebKey must be 'HS512'",
"DataError",
);
}
@ -2099,16 +2101,18 @@
}
// 7.
if (keyUsages.length > 0 && jwk.use && jwk.use !== "sign") {
if (
keyUsages.length > 0 && jwk.use !== undefined && jwk.use !== "sign"
) {
throw new DOMException(
"`use` member of JsonWebKey must be `sign`",
"'use' property of JsonWebKey must be 'sign'",
"DataError",
);
}
// 8.
// Section 4.3 of RFC7517
if (jwk.key_ops) {
if (jwk.key_ops !== undefined) {
if (
ArrayPrototypeFind(
jwk.key_ops,
@ -2116,7 +2120,7 @@
) !== undefined
) {
throw new DOMException(
"`key_ops` member of JsonWebKey is invalid",
"'key_ops' property of JsonWebKey is invalid",
"DataError",
);
}
@ -2128,16 +2132,16 @@
)
) {
throw new DOMException(
"`key_ops` member of JsonWebKey is invalid",
"'key_ops' property of JsonWebKey is invalid",
"DataError",
);
}
}
// 9.
if (jwk.ext === false && extractable == true) {
if (jwk.ext === false && extractable === true) {
throw new DOMException(
"`ext` member of JsonWebKey is invalid",
"'ext' property of JsonWebKey must not be false if extractable is true",
"DataError",
);
}
@ -2390,19 +2394,17 @@
) {
throw new DOMException("Invalid key usages", "SyntaxError");
}
} else {
if (
ArrayPrototypeFind(
keyUsages,
(u) =>
!ArrayPrototypeIncludes(
SUPPORTED_RSA_KEY_USAGES[normalizedAlgorithm.name].public,
u,
),
) !== undefined
) {
throw new DOMException("Invalid key usages", "SyntaxError");
}
} else if (
ArrayPrototypeFind(
keyUsages,
(u) =>
!ArrayPrototypeIncludes(
SUPPORTED_RSA_KEY_USAGES[normalizedAlgorithm.name].public,
u,
),
) !== undefined
) {
throw new DOMException("Invalid key usages", "SyntaxError");
}
// 3.