crypto: forbid NODE-ED25519 and NODE-ED448 "raw" key export

closes #38655

PR-URL: #38668
Reviewed-By: Gus Caplan <me@gus.host>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>

Author: panva

lib/internal/crypto/webcrypto.js

@@ -288,8 +288,11 @@ async function exportKeyRaw(key) {
     case 'NODE-ED25519':
       // Fall through
     case 'NODE-ED448':
-      return lazyRequire('internal/crypto/ec')
-        .ecExportKey(key, kWebCryptoKeyFormatRaw);
+      if (key.type === 'public') {
+        return lazyRequire('internal/crypto/ec')
+          .ecExportKey(key, kWebCryptoKeyFormatRaw);
+      }
+      break;
     case 'ECDSA':
       // Fall through
     case 'ECDH':

test/parallel/test-webcrypto-ed25519-ed448.js

@@ -268,15 +268,12 @@ async function test2(namedCurve) {
         true, ['verify']),
     ]);
 
-    const [
-      rawKey1,
-      rawKey2,
-    ] = await Promise.all([
-      subtle.exportKey('raw', privateKey),
-      subtle.exportKey('raw', publicKey),
-    ]);
-    assert.deepStrictEqual(Buffer.from(rawKey1), vector.privateKey);
-    assert.deepStrictEqual(Buffer.from(rawKey2), vector.publicKey);
+    const rawPublicKey = await subtle.exportKey('raw', publicKey);
+    assert.deepStrictEqual(Buffer.from(rawPublicKey), vector.publicKey);
+
+    assert.rejects(subtle.exportKey('raw', privateKey), {
+      message: new RegExp(`Unable to export a raw ${namedCurve} private key`)
+    }).then(common.mustCall());
 
     const sig = await subtle.sign(
       { name: namedCurve },