Bug 260430
Summary: | [WebCrypto] Import key in jwk format should throw DataError instead of TypeError | ||
---|---|---|---|
Product: | WebKit | Reporter: | Javier Fernandez <jfernandez> |
Component: | WebCore Misc. | Assignee: | Javier Fernandez <jfernandez> |
Status: | RESOLVED FIXED | ||
Severity: | Normal | CC: | webkit-bug-importer |
Priority: | P2 | Keywords: | InRadar |
Version: | WebKit Nightly Build | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Bug Depends on: | |||
Bug Blocks: | 245778 |
Javier Fernandez
This bug affects the recently added algorithm Ed25519, but also other algorithms. In the case of the former one, according to the Secure Curves spec [1], if the kty field is not present or incorrect, we should throw a DataError exception.
> If the kty field of jwk is not "OKP", then throw a DataError.
On the other hand, the Web Cryptography specification states something similar for other algorithms:
* In case of the RSA-* [2][3][4] algorithms:
> If the "kty" field of jwk is not a case-sensitive string match to "RSA", then throw a DataError.
* In case of the EC* [5][6] algorithms:
> If the "kty" field of jwk is not "EC", then throw a DataError.
* In case of the AES-* [7][8][9][10] algorithms:
> If the "kty" field of jwk is not "oct", then throw a DataError.
* In case of the HMAC [11] algorithm:
> If the "kty" field of jwk is not "oct", then throw a DataError.
[1] https://wicg.github.io/webcrypto-secure-curves/#ed25519-operations
[2] https://www.w3.org/TR/WebCryptoAPI/#rsassa-pkcs1-operations
[3] https://www.w3.org/TR/WebCryptoAPI/#rsa-pss-operations
[4] https://www.w3.org/TR/WebCryptoAPI/#rsa-oaep-operations
[5] https://www.w3.org/TR/WebCryptoAPI/#ecdsa-operations
[6] https://www.w3.org/TR/WebCryptoAPI/#ecdh-operations
[7] https://www.w3.org/TR/WebCryptoAPI/#aes-ctr-operations
[8] https://www.w3.org/TR/WebCryptoAPI/#aes-cbc-operations
[9] https://www.w3.org/TR/WebCryptoAPI/#aes-gcm-operations
[10] https://www.w3.org/TR/WebCryptoAPI/#aes-kw-operations
[11] https://www.w3.org/TR/WebCryptoAPI/#hmac-operations
Attachments | ||
---|---|---|
Add attachment proposed patch, testcase, etc. |
Javier Fernandez
Pull request: https://github.com/WebKit/WebKit/pull/16869
EWS
Committed 267131@main (58f6c8c90849): <https://commits.webkit.org/267131@main>
Reviewed commits have been landed. Closing PR #16869 and removing active labels.
Radar WebKit Bug Importer
<rdar://problem/114256855>