Skip to content

Commit 8fcfbef

Browse files
panvadanielleadams
panva
authored and
danielleadams
committed
crypto: use DataError for webcrypto keyData import failures
PR-URL: #45569 Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
1 parent a976a63 commit 8fcfbef

File tree

4 files changed

+67
-71
lines changed

4 files changed

+67
-71
lines changed

lib/internal/crypto/cfrg.js

+21-11
Original file line numberDiff line numberDiff line change
@@ -109,7 +109,7 @@ function createCFRGRawKey(name, keyData, isPublic) {
109109

110110
const keyType = isPublic ? kKeyTypePublic : kKeyTypePrivate;
111111
if (!handle.initEDRaw(name, keyData, keyType)) {
112-
throw lazyDOMException('Failure to generate key object');
112+
throw lazyDOMException('Invalid keyData', 'DataError');
113113
}
114114

115115
return isPublic ? new PublicKeyObject(handle) : new PrivateKeyObject(handle);
@@ -220,20 +220,30 @@ async function cfrgImportKey(
220220
switch (format) {
221221
case 'spki': {
222222
verifyAcceptableCfrgKeyUse(name, 'public', usagesSet);
223-
keyObject = createPublicKey({
224-
key: keyData,
225-
format: 'der',
226-
type: 'spki'
227-
});
223+
try {
224+
keyObject = createPublicKey({
225+
key: keyData,
226+
format: 'der',
227+
type: 'spki'
228+
});
229+
} catch (err) {
230+
throw lazyDOMException(
231+
'Invalid keyData', { name: 'DataError', cause: err });
232+
}
228233
break;
229234
}
230235
case 'pkcs8': {
231236
verifyAcceptableCfrgKeyUse(name, 'private', usagesSet);
232-
keyObject = createPrivateKey({
233-
key: keyData,
234-
format: 'der',
235-
type: 'pkcs8'
236-
});
237+
try {
238+
keyObject = createPrivateKey({
239+
key: keyData,
240+
format: 'der',
241+
type: 'pkcs8'
242+
});
243+
} catch (err) {
244+
throw lazyDOMException(
245+
'Invalid keyData', { name: 'DataError', cause: err });
246+
}
237247
break;
238248
}
239249
case 'jwk': {

lib/internal/crypto/ec.js

+26-14
Original file line numberDiff line numberDiff line change
@@ -80,8 +80,12 @@ function verifyAcceptableEcKeyUse(name, type, usages) {
8080
function createECPublicKeyRaw(namedCurve, keyData) {
8181
const handle = new KeyObjectHandle();
8282
keyData = getArrayBufferOrView(keyData, 'keyData');
83-
if (handle.initECRaw(kNamedCurveAliases[namedCurve], keyData))
84-
return new PublicKeyObject(handle);
83+
84+
if (!handle.initECRaw(kNamedCurveAliases[namedCurve], keyData)) {
85+
throw lazyDOMException('Invalid keyData', 'DataError');
86+
}
87+
88+
return new PublicKeyObject(handle);
8589
}
8690

8791
async function ecGenerateKey(algorithm, extractable, keyUsages) {
@@ -176,20 +180,30 @@ async function ecImportKey(
176180
switch (format) {
177181
case 'spki': {
178182
verifyAcceptableEcKeyUse(name, 'public', usagesSet);
179-
keyObject = createPublicKey({
180-
key: keyData,
181-
format: 'der',
182-
type: 'spki'
183-
});
183+
try {
184+
keyObject = createPublicKey({
185+
key: keyData,
186+
format: 'der',
187+
type: 'spki'
188+
});
189+
} catch (err) {
190+
throw lazyDOMException(
191+
'Invalid keyData', { name: 'DataError', cause: err });
192+
}
184193
break;
185194
}
186195
case 'pkcs8': {
187196
verifyAcceptableEcKeyUse(name, 'private', usagesSet);
188-
keyObject = createPrivateKey({
189-
key: keyData,
190-
format: 'der',
191-
type: 'pkcs8'
192-
});
197+
try {
198+
keyObject = createPrivateKey({
199+
key: keyData,
200+
format: 'der',
201+
type: 'pkcs8'
202+
});
203+
} catch (err) {
204+
throw lazyDOMException(
205+
'Invalid keyData', { name: 'DataError', cause: err });
206+
}
193207
break;
194208
}
195209
case 'jwk': {
@@ -246,8 +260,6 @@ async function ecImportKey(
246260
case 'raw': {
247261
verifyAcceptableEcKeyUse(name, 'public', usagesSet);
248262
keyObject = createECPublicKeyRaw(namedCurve, keyData);
249-
if (keyObject === undefined)
250-
throw lazyDOMException('Unable to import EC key', 'OperationError');
251263
break;
252264
}
253265
}

lib/internal/crypto/rsa.js

+20-10
Original file line numberDiff line numberDiff line change
@@ -245,20 +245,30 @@ async function rsaImportKey(
245245
switch (format) {
246246
case 'spki': {
247247
verifyAcceptableRsaKeyUse(algorithm.name, 'public', usagesSet);
248-
keyObject = createPublicKey({
249-
key: keyData,
250-
format: 'der',
251-
type: 'spki'
252-
});
248+
try {
249+
keyObject = createPublicKey({
250+
key: keyData,
251+
format: 'der',
252+
type: 'spki'
253+
});
254+
} catch (err) {
255+
throw lazyDOMException(
256+
'Invalid keyData', { name: 'DataError', cause: err });
257+
}
253258
break;
254259
}
255260
case 'pkcs8': {
256261
verifyAcceptableRsaKeyUse(algorithm.name, 'private', usagesSet);
257-
keyObject = createPrivateKey({
258-
key: keyData,
259-
format: 'der',
260-
type: 'pkcs8'
261-
});
262+
try {
263+
keyObject = createPrivateKey({
264+
key: keyData,
265+
format: 'der',
266+
type: 'pkcs8'
267+
});
268+
} catch (err) {
269+
throw lazyDOMException(
270+
'Invalid keyData', { name: 'DataError', cause: err });
271+
}
262272
break;
263273
}
264274
case 'jwk': {

test/wpt/status/WebCryptoAPI.json

-36
Original file line numberDiff line numberDiff line change
@@ -11,14 +11,6 @@
1111
"import_export/okp_importKey_failures_Ed25519.https.any.js": {
1212
"fail": {
1313
"expected": [
14-
"Bad key length: importKey(spki, {name: Ed25519}, true, [verify])",
15-
"Bad key length: importKey(spki, {name: Ed25519}, false, [verify])",
16-
"Bad key length: importKey(spki, {name: Ed25519}, true, [verify, verify])",
17-
"Bad key length: importKey(spki, {name: Ed25519}, false, [verify, verify])",
18-
"Bad key length: importKey(pkcs8, {name: Ed25519}, true, [sign])",
19-
"Bad key length: importKey(pkcs8, {name: Ed25519}, false, [sign])",
20-
"Bad key length: importKey(pkcs8, {name: Ed25519}, true, [sign, sign])",
21-
"Bad key length: importKey(pkcs8, {name: Ed25519}, false, [sign, sign])",
2214
"Bad key length: importKey(jwk(private), {name: Ed25519}, true, [sign])",
2315
"Bad key length: importKey(jwk(private), {name: Ed25519}, false, [sign])",
2416
"Bad key length: importKey(jwk(private), {name: Ed25519}, true, [sign, sign])",
@@ -35,14 +27,6 @@
3527
"import_export/okp_importKey_failures_Ed448.https.any.js": {
3628
"fail": {
3729
"expected": [
38-
"Bad key length: importKey(spki, {name: Ed448}, true, [verify])",
39-
"Bad key length: importKey(spki, {name: Ed448}, false, [verify])",
40-
"Bad key length: importKey(spki, {name: Ed448}, true, [verify, verify])",
41-
"Bad key length: importKey(spki, {name: Ed448}, false, [verify, verify])",
42-
"Bad key length: importKey(pkcs8, {name: Ed448}, true, [sign])",
43-
"Bad key length: importKey(pkcs8, {name: Ed448}, false, [sign])",
44-
"Bad key length: importKey(pkcs8, {name: Ed448}, true, [sign, sign])",
45-
"Bad key length: importKey(pkcs8, {name: Ed448}, false, [sign, sign])",
4630
"Bad key length: importKey(jwk(private), {name: Ed448}, true, [sign])",
4731
"Bad key length: importKey(jwk(private), {name: Ed448}, false, [sign])",
4832
"Bad key length: importKey(jwk(private), {name: Ed448}, true, [sign, sign])",
@@ -59,16 +43,6 @@
5943
"import_export/okp_importKey_failures_X25519.https.any.js": {
6044
"fail": {
6145
"expected": [
62-
"Bad key length: importKey(spki, {name: X25519}, true, [])",
63-
"Bad key length: importKey(spki, {name: X25519}, false, [])",
64-
"Bad key length: importKey(pkcs8, {name: X25519}, true, [deriveKey])",
65-
"Bad key length: importKey(pkcs8, {name: X25519}, false, [deriveKey])",
66-
"Bad key length: importKey(pkcs8, {name: X25519}, true, [deriveBits, deriveKey])",
67-
"Bad key length: importKey(pkcs8, {name: X25519}, false, [deriveBits, deriveKey])",
68-
"Bad key length: importKey(pkcs8, {name: X25519}, true, [deriveBits])",
69-
"Bad key length: importKey(pkcs8, {name: X25519}, false, [deriveBits])",
70-
"Bad key length: importKey(pkcs8, {name: X25519}, true, [deriveKey, deriveBits, deriveKey, deriveBits])",
71-
"Bad key length: importKey(pkcs8, {name: X25519}, false, [deriveKey, deriveBits, deriveKey, deriveBits])",
7246
"Bad key length: importKey(jwk (public) , {name: X25519}, true, [])",
7347
"Bad key length: importKey(jwk (public) , {name: X25519}, false, [])",
7448
"Bad key length: importKey(jwk(private), {name: X25519}, true, [deriveKey])",
@@ -89,16 +63,6 @@
8963
"import_export/okp_importKey_failures_X448.https.any.js": {
9064
"fail": {
9165
"expected": [
92-
"Bad key length: importKey(spki, {name: X448}, true, [])",
93-
"Bad key length: importKey(spki, {name: X448}, false, [])",
94-
"Bad key length: importKey(pkcs8, {name: X448}, true, [deriveKey])",
95-
"Bad key length: importKey(pkcs8, {name: X448}, false, [deriveKey])",
96-
"Bad key length: importKey(pkcs8, {name: X448}, true, [deriveBits, deriveKey])",
97-
"Bad key length: importKey(pkcs8, {name: X448}, false, [deriveBits, deriveKey])",
98-
"Bad key length: importKey(pkcs8, {name: X448}, true, [deriveBits])",
99-
"Bad key length: importKey(pkcs8, {name: X448}, false, [deriveBits])",
100-
"Bad key length: importKey(pkcs8, {name: X448}, true, [deriveKey, deriveBits, deriveKey, deriveBits])",
101-
"Bad key length: importKey(pkcs8, {name: X448}, false, [deriveKey, deriveBits, deriveKey, deriveBits])",
10266
"Bad key length: importKey(jwk(private), {name: X448}, true, [deriveKey])",
10367
"Bad key length: importKey(jwk(private), {name: X448}, false, [deriveKey])",
10468
"Bad key length: importKey(jwk(private), {name: X448}, true, [deriveBits, deriveKey])",

0 commit comments

Comments
 (0)