crypto: refactor subtle methods to use synchronous import

Refs: #59699 PR-URL: https://github.com/nodejs/node/pull/59771 Refs: https://github.com/nodejs/node/issues/59699 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
2026-01-15 12:15:26 +00:00 · 2025-09-07 22:59:27 +02:00
parent e1d4d6ab49
commit d6221f6f51
1 changed files with 50 additions and 39 deletions
--- a/lib/internal/crypto/webcrypto.js
+++ b/lib/internal/crypto/webcrypto.js
@@ -378,7 +378,7 @@ async function deriveKey(
  }

  return ReflectApply(
-    importKey,
+    importKeySync,
    this,
    ['raw-secret', bits, derivedKeyAlgorithm, extractable, keyUsages],
  );
@@ -734,40 +734,7 @@ function aliasKeyFormat(format) {
  }
 }

-async function importKey(
-  format,
-  keyData,
-  algorithm,
-  extractable,
-  keyUsages) {
-  if (this !== subtle) throw new ERR_INVALID_THIS('SubtleCrypto');
-
-  webidl ??= require('internal/crypto/webidl');
-  const prefix = "Failed to execute 'importKey' on 'SubtleCrypto'";
-  webidl.requiredArguments(arguments.length, 4, { prefix });
-  format = webidl.converters.KeyFormat(format, {
-    prefix,
-    context: '1st argument',
-  });
-  const type = format === 'jwk' ? 'JsonWebKey' : 'BufferSource';
-  keyData = webidl.converters[type](keyData, {
-    prefix,
-    context: '2nd argument',
-  });
-  algorithm = webidl.converters.AlgorithmIdentifier(algorithm, {
-    prefix,
-    context: '3rd argument',
-  });
-  extractable = webidl.converters.boolean(extractable, {
-    prefix,
-    context: '4th argument',
-  });
-  keyUsages = webidl.converters['sequence<KeyUsage>'](keyUsages, {
-    prefix,
-    context: '5th argument',
-  });
-
-  algorithm = normalizeAlgorithm(algorithm, 'importKey');
+function importKeySync(format, keyData, algorithm, extractable, keyUsages) {
  let result;
  switch (algorithm.name) {
    case 'RSASSA-PKCS1-v1_5':
@@ -879,6 +846,48 @@ async function importKey(
  return result;
 }

+async function importKey(
+  format,
+  keyData,
+  algorithm,
+  extractable,
+  keyUsages) {
+  if (this !== subtle) throw new ERR_INVALID_THIS('SubtleCrypto');
+
+  webidl ??= require('internal/crypto/webidl');
+  const prefix = "Failed to execute 'importKey' on 'SubtleCrypto'";
+  webidl.requiredArguments(arguments.length, 4, { prefix });
+  format = webidl.converters.KeyFormat(format, {
+    prefix,
+    context: '1st argument',
+  });
+  const type = format === 'jwk' ? 'JsonWebKey' : 'BufferSource';
+  keyData = webidl.converters[type](keyData, {
+    prefix,
+    context: '2nd argument',
+  });
+  algorithm = webidl.converters.AlgorithmIdentifier(algorithm, {
+    prefix,
+    context: '3rd argument',
+  });
+  extractable = webidl.converters.boolean(extractable, {
+    prefix,
+    context: '4th argument',
+  });
+  keyUsages = webidl.converters['sequence<KeyUsage>'](keyUsages, {
+    prefix,
+    context: '5th argument',
+  });
+
+  algorithm = normalizeAlgorithm(algorithm, 'importKey');
+
+  return ReflectApply(
+    importKeySync,
+    this,
+    [format, keyData, algorithm, extractable, keyUsages],
+  );
+}
+
 // subtle.wrapKey() is essentially a subtle.exportKey() followed
 // by a subtle.encrypt().
 async function wrapKey(format, key, wrappingKey, algorithm) {
@@ -985,6 +994,8 @@ async function unwrapKey(
    unwrapAlgo = normalizeAlgorithm(unwrapAlgo, 'decrypt');
  }

+  unwrappedKeyAlgo = normalizeAlgorithm(unwrappedKeyAlgo, 'importKey');
+
  let keyData = await cipherOrWrap(
    kWebCryptoCipherDecrypt,
    unwrapAlgo,
@@ -1005,7 +1016,7 @@ async function unwrapKey(
  }

  return ReflectApply(
-    importKey,
+    importKeySync,
    this,
    [format, keyData, unwrappedKeyAlgo, extractable, keyUsages],
  );
@@ -1318,8 +1329,8 @@ async function encapsulateKey(encapsulationAlgorithm, encapsulationKey, sharedKe
      throw lazyDOMException('Unrecognized algorithm name', 'NotSupportedError');
  }

-  const sharedKey = await ReflectApply(
-    importKey,
+  const sharedKey = ReflectApply(
+    importKeySync,
    this,
    ['raw-secret', encapsulateBits.sharedKey, normalizedSharedKeyAlgorithm, extractable, usages],
  );
@@ -1439,7 +1450,7 @@ async function decapsulateKey(
  }

  return ReflectApply(
-    importKey,
+    importKeySync,
    this,
    ['raw-secret', decapsulatedBits, normalizedSharedKeyAlgorithm, extractable, usages],
  );