crypto: ensure "x" is present when importing private CFRG webcrypto keys

PR-URL: https://github.com/nodejs/node/pull/45569 Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
2026-01-15 12:15:26 +00:00 · 2022-11-21 23:09:57 +01:00
parent 982d0c59db
commit 123b4dac5b
2 changed files with 4 additions and 24 deletions
--- a/lib/internal/crypto/cfrg.js
+++ b/lib/internal/crypto/cfrg.js
@@ -275,6 +275,10 @@ async function cfrgImportKey(
        }
      }

+      if (!isPublic && typeof keyData.x !== 'string') {
+        throw lazyDOMException('Invalid JWK keyData', 'DataError');
+      }
+
      verifyAcceptableCfrgKeyUse(
        name,
        isPublic ? 'public' : 'private',
--- a/test/wpt/status/WebCryptoAPI.json
+++ b/test/wpt/status/WebCryptoAPI.json
@@ -27,10 +27,6 @@
        "Bad key length: importKey(jwk (public) , {name: Ed25519}, false, [verify])",
        "Bad key length: importKey(jwk (public) , {name: Ed25519}, true, [verify, verify])",
        "Bad key length: importKey(jwk (public) , {name: Ed25519}, false, [verify, verify])",
-        "Missing JWK 'x' parameter: importKey(jwk(private), {name: Ed25519}, true, [sign])",
-        "Missing JWK 'x' parameter: importKey(jwk(private), {name: Ed25519}, false, [sign])",
-        "Missing JWK 'x' parameter: importKey(jwk(private), {name: Ed25519}, true, [sign, sign])",
-        "Missing JWK 'x' parameter: importKey(jwk(private), {name: Ed25519}, false, [sign, sign])",
        "Invalid key pair: importKey(jwk(private), {name: Ed25519}, true, [sign])",
        "Invalid key pair: importKey(jwk(private), {name: Ed25519}, true, [sign, sign])"
      ]
@@ -55,10 +51,6 @@
        "Bad key length: importKey(jwk (public) , {name: Ed448}, false, [verify])",
        "Bad key length: importKey(jwk (public) , {name: Ed448}, true, [verify, verify])",
        "Bad key length: importKey(jwk (public) , {name: Ed448}, false, [verify, verify])",
-        "Missing JWK 'x' parameter: importKey(jwk(private), {name: Ed448}, true, [sign])",
-        "Missing JWK 'x' parameter: importKey(jwk(private), {name: Ed448}, false, [sign])",
-        "Missing JWK 'x' parameter: importKey(jwk(private), {name: Ed448}, true, [sign, sign])",
-        "Missing JWK 'x' parameter: importKey(jwk(private), {name: Ed448}, false, [sign, sign])",
        "Invalid key pair: importKey(jwk(private), {name: Ed448}, true, [sign])",
        "Invalid key pair: importKey(jwk(private), {name: Ed448}, true, [sign, sign])"
      ]
@@ -95,14 +87,6 @@
        "Bad key length: importKey(jwk(private), {name: X25519}, false, [deriveBits])",
        "Bad key length: importKey(jwk(private), {name: X25519}, true, [deriveKey, deriveBits, deriveKey, deriveBits])",
        "Bad key length: importKey(jwk(private), {name: X25519}, false, [deriveKey, deriveBits, deriveKey, deriveBits])",
-        "Missing JWK 'x' parameter: importKey(jwk(private), {name: X25519}, true, [deriveKey])",
-        "Missing JWK 'x' parameter: importKey(jwk(private), {name: X25519}, false, [deriveKey])",
-        "Missing JWK 'x' parameter: importKey(jwk(private), {name: X25519}, true, [deriveBits, deriveKey])",
-        "Missing JWK 'x' parameter: importKey(jwk(private), {name: X25519}, false, [deriveBits, deriveKey])",
-        "Missing JWK 'x' parameter: importKey(jwk(private), {name: X25519}, true, [deriveBits])",
-        "Missing JWK 'x' parameter: importKey(jwk(private), {name: X25519}, false, [deriveBits])",
-        "Missing JWK 'x' parameter: importKey(jwk(private), {name: X25519}, true, [deriveKey, deriveBits, deriveKey, deriveBits])",
-        "Missing JWK 'x' parameter: importKey(jwk(private), {name: X25519}, false, [deriveKey, deriveBits, deriveKey, deriveBits])",
        "Invalid key pair: importKey(jwk(private), {name: X25519}, true, [deriveKey])",
        "Invalid key pair: importKey(jwk(private), {name: X25519}, true, [deriveBits, deriveKey])",
        "Invalid key pair: importKey(jwk(private), {name: X25519}, true, [deriveBits])",
@@ -141,14 +125,6 @@
        "Bad key length: importKey(jwk(private), {name: X448}, false, [deriveKey, deriveBits, deriveKey, deriveBits])",
        "Bad key length: importKey(jwk (public) , {name: X448}, true, [])",
        "Bad key length: importKey(jwk (public) , {name: X448}, false, [])",
-        "Missing JWK 'x' parameter: importKey(jwk(private), {name: X448}, true, [deriveKey])",
-        "Missing JWK 'x' parameter: importKey(jwk(private), {name: X448}, false, [deriveKey])",
-        "Missing JWK 'x' parameter: importKey(jwk(private), {name: X448}, true, [deriveBits, deriveKey])",
-        "Missing JWK 'x' parameter: importKey(jwk(private), {name: X448}, false, [deriveBits, deriveKey])",
-        "Missing JWK 'x' parameter: importKey(jwk(private), {name: X448}, true, [deriveBits])",
-        "Missing JWK 'x' parameter: importKey(jwk(private), {name: X448}, false, [deriveBits])",
-        "Missing JWK 'x' parameter: importKey(jwk(private), {name: X448}, true, [deriveKey, deriveBits, deriveKey, deriveBits])",
-        "Missing JWK 'x' parameter: importKey(jwk(private), {name: X448}, false, [deriveKey, deriveBits, deriveKey, deriveBits])",
        "Invalid key pair: importKey(jwk(private), {name: X448}, true, [deriveKey])",
        "Invalid key pair: importKey(jwk(private), {name: X448}, true, [deriveBits, deriveKey])",
        "Invalid key pair: importKey(jwk(private), {name: X448}, true, [deriveBits])",