Skip to content

Commit

Permalink
crypto: ensure CryptoKey usages and algorithm are cached objects
Browse files Browse the repository at this point in the history
PR-URL: #56108
Reviewed-By: Matthew Aitken <maitken033380023@gmail.com>
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
  • Loading branch information
panva authored and targos committed Dec 6, 2024
1 parent 9b272ae commit 53c0f2f
Show file tree
Hide file tree
Showing 6 changed files with 51 additions and 2 deletions.
3 changes: 1 addition & 2 deletions lib/internal/crypto/keys.js
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
'use strict';

const {
ArrayFrom,
ArrayPrototypeSlice,
ObjectDefineProperties,
ObjectDefineProperty,
Expand Down Expand Up @@ -781,7 +780,7 @@ class CryptoKey {
get usages() {
if (!(this instanceof CryptoKey))
throw new ERR_INVALID_THIS('CryptoKey');
return ArrayFrom(this[kKeyUsages]);
return this[kKeyUsages];
}
}

Expand Down
10 changes: 10 additions & 0 deletions test/parallel/test-webcrypto-export-import-cfrg.js
Original file line number Diff line number Diff line change
Expand Up @@ -115,6 +115,8 @@ async function testImportSpki({ name, publicUsages }, extractable) {
assert.strictEqual(key.extractable, extractable);
assert.deepStrictEqual(key.usages, publicUsages);
assert.deepStrictEqual(key.algorithm.name, name);
assert.strictEqual(key.algorithm, key.algorithm);
assert.strictEqual(key.usages, key.usages);

if (extractable) {
// Test the roundtrip
Expand Down Expand Up @@ -151,6 +153,8 @@ async function testImportPkcs8({ name, privateUsages }, extractable) {
assert.strictEqual(key.extractable, extractable);
assert.deepStrictEqual(key.usages, privateUsages);
assert.deepStrictEqual(key.algorithm.name, name);
assert.strictEqual(key.algorithm, key.algorithm);
assert.strictEqual(key.usages, key.usages);

if (extractable) {
// Test the roundtrip
Expand Down Expand Up @@ -227,6 +231,10 @@ async function testImportJwk({ name, publicUsages, privateUsages }, extractable)
assert.deepStrictEqual(privateKey.usages, privateUsages);
assert.strictEqual(publicKey.algorithm.name, name);
assert.strictEqual(privateKey.algorithm.name, name);
assert.strictEqual(privateKey.algorithm, privateKey.algorithm);
assert.strictEqual(privateKey.usages, privateKey.usages);
assert.strictEqual(publicKey.algorithm, publicKey.algorithm);
assert.strictEqual(publicKey.usages, publicKey.usages);

if (extractable) {
// Test the round trip
Expand Down Expand Up @@ -345,6 +353,8 @@ async function testImportRaw({ name, publicUsages }) {
assert.strictEqual(publicKey.type, 'public');
assert.deepStrictEqual(publicKey.usages, publicUsages);
assert.strictEqual(publicKey.algorithm.name, name);
assert.strictEqual(publicKey.algorithm, publicKey.algorithm);
assert.strictEqual(publicKey.usages, publicKey.usages);
}

(async function() {
Expand Down
10 changes: 10 additions & 0 deletions test/parallel/test-webcrypto-export-import-ec.js
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,8 @@ async function testImportSpki({ name, publicUsages }, namedCurve, extractable) {
assert.deepStrictEqual(key.usages, publicUsages);
assert.deepStrictEqual(key.algorithm.name, name);
assert.deepStrictEqual(key.algorithm.namedCurve, namedCurve);
assert.strictEqual(key.algorithm, key.algorithm);
assert.strictEqual(key.usages, key.usages);

if (extractable) {
// Test the roundtrip
Expand Down Expand Up @@ -151,6 +153,8 @@ async function testImportPkcs8(
assert.deepStrictEqual(key.usages, privateUsages);
assert.deepStrictEqual(key.algorithm.name, name);
assert.deepStrictEqual(key.algorithm.namedCurve, namedCurve);
assert.strictEqual(key.algorithm, key.algorithm);
assert.strictEqual(key.usages, key.usages);

if (extractable) {
// Test the roundtrip
Expand Down Expand Up @@ -234,6 +238,10 @@ async function testImportJwk(
assert.strictEqual(privateKey.algorithm.name, name);
assert.strictEqual(publicKey.algorithm.namedCurve, namedCurve);
assert.strictEqual(privateKey.algorithm.namedCurve, namedCurve);
assert.strictEqual(privateKey.algorithm, privateKey.algorithm);
assert.strictEqual(privateKey.usages, privateKey.usages);
assert.strictEqual(publicKey.algorithm, publicKey.algorithm);
assert.strictEqual(publicKey.usages, publicKey.usages);

if (extractable) {
// Test the round trip
Expand Down Expand Up @@ -368,6 +376,8 @@ async function testImportRaw({ name, publicUsages }, namedCurve) {
assert.deepStrictEqual(publicKey.usages, publicUsages);
assert.strictEqual(publicKey.algorithm.name, name);
assert.strictEqual(publicKey.algorithm.namedCurve, namedCurve);
assert.strictEqual(publicKey.algorithm, publicKey.algorithm);
assert.strictEqual(publicKey.usages, publicKey.usages);
}

(async function() {
Expand Down
8 changes: 8 additions & 0 deletions test/parallel/test-webcrypto-export-import-rsa.js
Original file line number Diff line number Diff line change
Expand Up @@ -315,6 +315,8 @@ async function testImportSpki({ name, publicUsages }, size, hash, extractable) {
assert.deepStrictEqual(key.algorithm.publicExponent,
new Uint8Array([1, 0, 1]));
assert.strictEqual(key.algorithm.hash.name, hash);
assert.strictEqual(key.algorithm, key.algorithm);
assert.strictEqual(key.usages, key.usages);

if (extractable) {
const spki = await subtle.exportKey('spki', key);
Expand Down Expand Up @@ -349,6 +351,8 @@ async function testImportPkcs8(
assert.deepStrictEqual(key.algorithm.publicExponent,
new Uint8Array([1, 0, 1]));
assert.strictEqual(key.algorithm.hash.name, hash);
assert.strictEqual(key.algorithm, key.algorithm);
assert.strictEqual(key.usages, key.usages);

if (extractable) {
const pkcs8 = await subtle.exportKey('pkcs8', key);
Expand Down Expand Up @@ -415,6 +419,10 @@ async function testImportJwk(
new Uint8Array([1, 0, 1]));
assert.deepStrictEqual(publicKey.algorithm.publicExponent,
privateKey.algorithm.publicExponent);
assert.strictEqual(privateKey.algorithm, privateKey.algorithm);
assert.strictEqual(privateKey.usages, privateKey.usages);
assert.strictEqual(publicKey.algorithm, publicKey.algorithm);
assert.strictEqual(publicKey.usages, publicKey.usages);

if (extractable) {
const [
Expand Down
6 changes: 6 additions & 0 deletions test/parallel/test-webcrypto-export-import.js
Original file line number Diff line number Diff line change
Expand Up @@ -86,6 +86,10 @@ const { subtle } = globalThis.crypto;
hash: 'SHA-256'
}, true, ['sign', 'verify']);


assert.strictEqual(key.algorithm, key.algorithm);
assert.strictEqual(key.usages, key.usages);

const raw = await subtle.exportKey('raw', key);

assert.deepStrictEqual(
Expand Down Expand Up @@ -127,6 +131,8 @@ const { subtle } = globalThis.crypto;
name: 'AES-CTR',
length: 256,
}, true, ['encrypt', 'decrypt']);
assert.strictEqual(key.algorithm, key.algorithm);
assert.strictEqual(key.usages, key.usages);

const raw = await subtle.exportKey('raw', key);

Expand Down
16 changes: 16 additions & 0 deletions test/parallel/test-webcrypto-keygen.js
Original file line number Diff line number Diff line change
Expand Up @@ -298,6 +298,10 @@ const vectors = {
KeyObject.from(privateKey).asymmetricKeyDetails.publicExponent,
bigIntArrayToUnsignedBigInt(publicExponent));
assert.strictEqual(privateKey.algorithm.hash.name, hash);
assert.strictEqual(privateKey.algorithm, privateKey.algorithm);
assert.strictEqual(privateKey.usages, privateKey.usages);
assert.strictEqual(publicKey.algorithm, publicKey.algorithm);
assert.strictEqual(publicKey.usages, publicKey.usages);

// Missing parameters
await assert.rejects(
Expand Down Expand Up @@ -442,6 +446,10 @@ const vectors = {
assert.strictEqual(privateKey.algorithm.name, name);
assert.strictEqual(publicKey.algorithm.namedCurve, namedCurve);
assert.strictEqual(privateKey.algorithm.namedCurve, namedCurve);
assert.strictEqual(privateKey.algorithm, privateKey.algorithm);
assert.strictEqual(privateKey.usages, privateKey.usages);
assert.strictEqual(publicKey.algorithm, publicKey.algorithm);
assert.strictEqual(publicKey.usages, publicKey.usages);

// Invalid parameters
[1, true, {}, [], null].forEach(async (namedCurve) => {
Expand Down Expand Up @@ -508,6 +516,8 @@ const vectors = {
assert.deepStrictEqual(key.usages, usages);
assert.strictEqual(key.algorithm.name, name);
assert.strictEqual(key.algorithm.length, length);
assert.strictEqual(key.algorithm, key.algorithm);
assert.strictEqual(key.usages, key.usages);

// Invalid parameters
[1, 100, 257, '', false, null].forEach(async (length) => {
Expand Down Expand Up @@ -568,6 +578,8 @@ const vectors = {
assert.strictEqual(key.algorithm.name, 'HMAC');
assert.strictEqual(key.algorithm.length, length);
assert.strictEqual(key.algorithm.hash.name, hash);
assert.strictEqual(key.algorithm, key.algorithm);
assert.strictEqual(key.usages, key.usages);

[1, false, null].forEach(async (hash) => {
await assert.rejects(
Expand Down Expand Up @@ -632,6 +644,10 @@ assert.throws(() => new CryptoKey(), { code: 'ERR_ILLEGAL_CONSTRUCTOR' });
assert.deepStrictEqual(privateKey.usages, privateUsages);
assert.strictEqual(publicKey.algorithm.name, name);
assert.strictEqual(privateKey.algorithm.name, name);
assert.strictEqual(privateKey.algorithm, privateKey.algorithm);
assert.strictEqual(privateKey.usages, privateKey.usages);
assert.strictEqual(publicKey.algorithm, publicKey.algorithm);
assert.strictEqual(publicKey.usages, publicKey.usages);
}

const kTests = [
Expand Down

0 comments on commit 53c0f2f

Please sign in to comment.