diff options
author | Filip Skokan <panva.ip@gmail.com> | 2022-09-03 15:36:20 +0300 |
---|---|---|
committer | Juan José Arboleda <soyjuanarbol@gmail.com> | 2022-10-11 22:45:22 +0300 |
commit | 9a52ee757737329fb00e8c706844d5785db6ae8e (patch) | |
tree | f11b2c8c31fc94a8ee656b77056b698daaf3c254 /lib | |
parent | 0e2c2064bbfa9fb5806a023f9fd8f8c9ca4d4fc5 (diff) |
crypto: handle invalid prepareAsymmetricKey JWK inputs
Fixes #44471
PR-URL: https://github.com/nodejs/node/pull/44475
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Diffstat (limited to 'lib')
-rw-r--r-- | lib/internal/crypto/keygen.js | 5 | ||||
-rw-r--r-- | lib/internal/crypto/keys.js | 11 |
2 files changed, 9 insertions, 7 deletions
diff --git a/lib/internal/crypto/keygen.js b/lib/internal/crypto/keygen.js index af9c7eb231a..865e137072b 100644 --- a/lib/internal/crypto/keygen.js +++ b/lib/internal/crypto/keygen.js @@ -31,7 +31,6 @@ const { SecretKeyObject, parsePublicKeyEncoding, parsePrivateKeyEncoding, - isJwk } = require('internal/crypto/keys'); const { @@ -66,6 +65,10 @@ const { isArrayBufferView } = require('internal/util/types'); const { getOptionValue } = require('internal/options'); const pendingDeprecation = getOptionValue('--pending-deprecation'); +function isJwk(obj) { + return obj != null && obj.kty !== undefined; +} + function wrapKey(key, ctor) { if (typeof key === 'string' || isArrayBufferView(key) || diff --git a/lib/internal/crypto/keys.js b/lib/internal/crypto/keys.js index 881cf00f051..cdc87f4c1cb 100644 --- a/lib/internal/crypto/keys.js +++ b/lib/internal/crypto/keys.js @@ -526,14 +526,18 @@ function prepareAsymmetricKey(key, ctx) { return { format: kKeyFormatPEM, data: getArrayBufferOrView(key, 'key') }; } else if (typeof key === 'object') { const { key: data, encoding, format } = key; + // The 'key' property can be a KeyObject as well to allow specifying // additional options such as padding along with the key. if (isKeyObject(data)) return { data: getKeyObjectHandle(data, ctx) }; else if (isCryptoKey(data)) return { data: getKeyObjectHandle(data[kKeyObject], ctx) }; - else if (isJwk(data) && format === 'jwk') + else if (format === 'jwk') { + validateObject(data, 'key.key'); return { data: getKeyObjectHandleFromJwk(data, ctx), format: 'jwk' }; + } + // Either PEM or DER using PKCS#1 or SPKI. if (!isStringOrBuffer(data)) { throw new ERR_INVALID_ARG_TYPE( @@ -723,10 +727,6 @@ function isCryptoKey(obj) { return obj != null && obj[kKeyObject] !== undefined; } -function isJwk(obj) { - return obj != null && obj.kty !== undefined; -} - module.exports = { // Public API. createSecretKey, @@ -748,5 +748,4 @@ module.exports = { PrivateKeyObject, isKeyObject, isCryptoKey, - isJwk, }; |