Skip to content
/ node Public
forked from nodejs/node

Commit

Permalink
crypto: use DataError for webcrypto keyData import failures
Browse files Browse the repository at this point in the history
PR-URL: nodejs#45569
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Backport-PR-URL: nodejs#47336
  • Loading branch information
panva committed Mar 31, 2023
1 parent a321238 commit b72552c
Show file tree
Hide file tree
Showing 3 changed files with 70 additions and 38 deletions.
38 changes: 24 additions & 14 deletions lib/internal/crypto/cfrg.js
Original file line number Diff line number Diff line change
Expand Up @@ -90,26 +90,26 @@ function createCFRGRawKey(name, keyData, isPublic) {
case 'X25519':
if (keyData.byteLength !== 32) {
throw lazyDOMException(
`${name} raw keys must be exactly 32-bytes`);
`${name} raw keys must be exactly 32-bytes`, 'DataError');
}
break;
case 'Ed448':
if (keyData.byteLength !== 57) {
throw lazyDOMException(
`${name} raw keys must be exactly 57-bytes`);
`${name} raw keys must be exactly 57-bytes`, 'DataError');
}
break;
case 'X448':
if (keyData.byteLength !== 56) {
throw lazyDOMException(
`${name} raw keys must be exactly 56-bytes`);
`${name} raw keys must be exactly 56-bytes`, 'DataError');
}
break;
}

const keyType = isPublic ? kKeyTypePublic : kKeyTypePrivate;
if (!handle.initEDRaw(name, keyData, keyType)) {
throw lazyDOMException('Failure to generate key object');
throw lazyDOMException('Invalid keyData', 'DataError');
}

return isPublic ? new PublicKeyObject(handle) : new PrivateKeyObject(handle);
Expand Down Expand Up @@ -221,20 +221,30 @@ async function cfrgImportKey(
switch (format) {
case 'spki': {
verifyAcceptableCfrgKeyUse(name, 'public', usagesSet);
keyObject = createPublicKey({
key: keyData,
format: 'der',
type: 'spki'
});
try {
keyObject = createPublicKey({
key: keyData,
format: 'der',
type: 'spki'
});
} catch {
throw lazyDOMException(
'Invalid keyData', 'DataError');
}
break;
}
case 'pkcs8': {
verifyAcceptableCfrgKeyUse(name, 'private', usagesSet);
keyObject = createPrivateKey({
key: keyData,
format: 'der',
type: 'pkcs8'
});
try {
keyObject = createPrivateKey({
key: keyData,
format: 'der',
type: 'pkcs8'
});
} catch {
throw lazyDOMException(
'Invalid keyData', 'DataError');
}
break;
}
case 'jwk': {
Expand Down
40 changes: 26 additions & 14 deletions lib/internal/crypto/ec.js
Original file line number Diff line number Diff line change
Expand Up @@ -80,8 +80,12 @@ function verifyAcceptableEcKeyUse(name, type, usages) {
function createECPublicKeyRaw(namedCurve, keyData) {
const handle = new KeyObjectHandle();
keyData = getArrayBufferOrView(keyData, 'keyData');
if (handle.initECRaw(kNamedCurveAliases[namedCurve], keyData))
return new PublicKeyObject(handle);

if (!handle.initECRaw(kNamedCurveAliases[namedCurve], keyData)) {
throw lazyDOMException('Invalid keyData', 'DataError');
}

return new PublicKeyObject(handle);
}

async function ecGenerateKey(algorithm, extractable, keyUsages) {
Expand Down Expand Up @@ -177,20 +181,30 @@ async function ecImportKey(
switch (format) {
case 'spki': {
verifyAcceptableEcKeyUse(name, 'public', usagesSet);
keyObject = createPublicKey({
key: keyData,
format: 'der',
type: 'spki'
});
try {
keyObject = createPublicKey({
key: keyData,
format: 'der',
type: 'spki'
});
} catch {
throw lazyDOMException(
'Invalid keyData', 'DataError');
}
break;
}
case 'pkcs8': {
verifyAcceptableEcKeyUse(name, 'private', usagesSet);
keyObject = createPrivateKey({
key: keyData,
format: 'der',
type: 'pkcs8'
});
try {
keyObject = createPrivateKey({
key: keyData,
format: 'der',
type: 'pkcs8'
});
} catch {
throw lazyDOMException(
'Invalid keyData', 'DataError');
}
break;
}
case 'jwk': {
Expand Down Expand Up @@ -247,8 +261,6 @@ async function ecImportKey(
case 'raw': {
verifyAcceptableEcKeyUse(name, 'public', usagesSet);
keyObject = createECPublicKeyRaw(namedCurve, keyData);
if (keyObject === undefined)
throw lazyDOMException('Unable to import EC key', 'OperationError');
break;
}
}
Expand Down
30 changes: 20 additions & 10 deletions lib/internal/crypto/rsa.js
Original file line number Diff line number Diff line change
Expand Up @@ -246,20 +246,30 @@ async function rsaImportKey(
switch (format) {
case 'spki': {
verifyAcceptableRsaKeyUse(algorithm.name, 'public', usagesSet);
keyObject = createPublicKey({
key: keyData,
format: 'der',
type: 'spki'
});
try {
keyObject = createPublicKey({
key: keyData,
format: 'der',
type: 'spki'
});
} catch {
throw lazyDOMException(
'Invalid keyData', 'DataError');
}
break;
}
case 'pkcs8': {
verifyAcceptableRsaKeyUse(algorithm.name, 'private', usagesSet);
keyObject = createPrivateKey({
key: keyData,
format: 'der',
type: 'pkcs8'
});
try {
keyObject = createPrivateKey({
key: keyData,
format: 'der',
type: 'pkcs8'
});
} catch {
throw lazyDOMException(
'Invalid keyData', 'DataError');
}
break;
}
case 'jwk': {
Expand Down

0 comments on commit b72552c

Please sign in to comment.