Skip to content

Commit

Permalink
crypto: remove webcrypto EdDSA key checks and properties
Browse files Browse the repository at this point in the history
As per WICG/webcrypto-secure-curves#24

PR-URL: #49408
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
  • Loading branch information
panva authored and UlisesGascon committed Sep 10, 2023
1 parent 8949cc7 commit ef3d8dd
Show file tree
Hide file tree
Showing 4 changed files with 17 additions and 36 deletions.
2 changes: 1 addition & 1 deletion doc/api/webcrypto.md
Original file line number Diff line number Diff line change
Expand Up @@ -1639,7 +1639,7 @@ added: v15.0.0
The length (in bytes) of the random salt to use.

[^1]: An experimental implementation of
[Secure Curves in the Web Cryptography API][] as of 05 May 2022
[Secure Curves in the Web Cryptography API][] as of 30 August 2023

[JSON Web Key]: https://tools.ietf.org/html/rfc7517
[Key usages]: #cryptokeyusages
Expand Down
11 changes: 0 additions & 11 deletions lib/internal/crypto/cfrg.js
Original file line number Diff line number Diff line change
Expand Up @@ -272,17 +272,6 @@ async function cfrgImportKey(
'DataError');
}

if (keyData.alg !== undefined) {
if (
(name === 'Ed25519' || name === 'Ed448') &&
keyData.alg !== 'EdDSA'
) {
throw lazyDOMException(
'JWK "alg" does not match the requested algorithm',
'DataError');
}
}

if (!isPublic && typeof keyData.x !== 'string') {
throw lazyDOMException('Invalid JWK', 'DataError');
}
Expand Down
1 change: 0 additions & 1 deletion lib/internal/crypto/webcrypto.js
Original file line number Diff line number Diff line change
Expand Up @@ -475,7 +475,6 @@ async function exportKeyJWK(key) {
// Fall through
case 'Ed448':
jwk.crv ||= key.algorithm.name;
jwk.alg = 'EdDSA';
return jwk;
case 'AES-CTR':
// Fall through
Expand Down
39 changes: 16 additions & 23 deletions test/parallel/test-webcrypto-export-import-cfrg.js
Original file line number Diff line number Diff line change
Expand Up @@ -251,13 +251,8 @@ async function testImportJwk({ name, publicUsages, privateUsages }, extractable)
assert.strictEqual(pvtJwk.crv, jwk.crv);
assert.strictEqual(pvtJwk.d, jwk.d);

if (jwk.crv.startsWith('Ed')) {
assert.strictEqual(pubJwk.alg, 'EdDSA');
assert.strictEqual(pvtJwk.alg, 'EdDSA');
} else {
assert.strictEqual(pubJwk.alg, undefined);
assert.strictEqual(pvtJwk.alg, undefined);
}
assert.strictEqual(pubJwk.alg, undefined);
assert.strictEqual(pvtJwk.alg, undefined);
} else {
await assert.rejects(
subtle.exportKey('jwk', publicKey), {
Expand All @@ -281,24 +276,22 @@ async function testImportJwk({ name, publicUsages, privateUsages }, extractable)
{ message: 'Invalid JWK "use" Parameter' });
}

// The JWK alg member is ignored
// https://github.com/WICG/webcrypto-secure-curves/pull/24
if (name.startsWith('Ed')) {
await assert.rejects(
subtle.importKey(
'jwk',
{ kty: jwk.kty, x: jwk.x, crv: jwk.crv, alg: 'foo' },
{ name },
extractable,
publicUsages),
{ message: 'JWK "alg" does not match the requested algorithm' });
await subtle.importKey(
'jwk',
{ kty: jwk.kty, x: jwk.x, crv: jwk.crv, alg: 'foo' },
{ name },
extractable,
publicUsages);

await assert.rejects(
subtle.importKey(
'jwk',
{ ...jwk, alg: 'foo' },
{ name },
extractable,
privateUsages),
{ message: 'JWK "alg" does not match the requested algorithm' });
await subtle.importKey(
'jwk',
{ ...jwk, alg: 'foo' },
{ name },
extractable,
privateUsages);
}

for (const crv of [undefined, name === 'Ed25519' ? 'Ed448' : 'Ed25519']) {
Expand Down

0 comments on commit ef3d8dd

Please sign in to comment.