Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

crypto: fix webcrypto JWK EC and OKP import crv check #43346

Merged
merged 1 commit into from
Jun 15, 2022
Merged

crypto: fix webcrypto JWK EC and OKP import crv check #43346

merged 1 commit into from
Jun 15, 2022

Conversation

panva
Copy link
Member

@panva panva commented Jun 8, 2022
edited
Loading

This PR ensures the JWK crv member is properly validated to match the algorithm.

For kty: EC this has to match the namedCurve property of the algorithm for both ECDSA and ECDH keys.
For kty: OKP this has to match the name of the algorithm.

Current behaviour is that the crv member is incorrectly ignored and may even be undefined.

@panva panva added crypto Issues and PRs related to the crypto subsystem. webcrypto labels Jun 8, 2022
@panva panva requested review from jasnell and tniessen June 8, 2022 11:41
@nodejs-github-bot
Copy link
Collaborator

Review requested:

  • @nodejs/crypto

@nodejs-github-bot nodejs-github-bot added the needs-ci PRs that need a full CI run. label Jun 8, 2022
@panva panva added the request-ci Add this label to start a Jenkins CI on a PR. label Jun 8, 2022
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Jun 8, 2022
@nodejs-github-bot

This comment was marked as outdated.

# to view
@nodejs-github-bot

This comment was marked as outdated.

# to view
@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/44408/

@panva panva added the experimental Issues and PRs related to experimental features. label Jun 9, 2022
@tniessen tniessen added the author ready PRs that have at least one approval, no pending requests for changes, and a CI started. label Jun 9, 2022
@github-actions github-actions bot mentioned this pull request Jun 13, 2022
Open
15 tasks
@panva panva added the commit-queue Add this label to land a pull request using GitHub Actions. label Jun 15, 2022
@nodejs-github-bot nodejs-github-bot removed the commit-queue Add this label to land a pull request using GitHub Actions. label Jun 15, 2022
@nodejs-github-bot nodejs-github-bot merged commit 4420d52 into nodejs:master Jun 15, 2022
@nodejs-github-bot
Copy link
Collaborator

Landed in 4420d52

danielleadams pushed a commit that referenced this pull request Jun 16, 2022
@panva @danielleadams
crypto: fix webcrypto JWK EC and OKP import crv check
0a075cb 
PR-URL: #43346
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
@danielleadams danielleadams mentioned this pull request Jun 16, 2022
Merged
targos pushed a commit that referenced this pull request Jul 12, 2022
@panva @targos
crypto: fix webcrypto JWK EC and OKP import crv check
bedf0c0 
PR-URL: #43346
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
targos pushed a commit that referenced this pull request Jul 31, 2022
@panva @targos
crypto: fix webcrypto JWK EC and OKP import crv check
a57149d 
PR-URL: #43346
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
@targos targos mentioned this pull request Aug 3, 2022
Merged
guangwong pushed a commit to noslate-project/node that referenced this pull request Oct 10, 2022
@panva @guangwong
crypto: fix webcrypto JWK EC and OKP import crv check
016be67 
PR-URL: nodejs/node#43346
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
@panva panva deleted the fix-jwk-crv-import branch October 13, 2022 09:12
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@tniessen tniessen tniessen approved these changes

@jasnell jasnell Awaiting requested review from jasnell

Assignees
No one assigned
Labels
author ready PRs that have at least one approval, no pending requests for changes, and a CI started. crypto Issues and PRs related to the crypto subsystem. experimental Issues and PRs related to experimental features. needs-ci PRs that need a full CI run. webcrypto
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@panva @nodejs-github-bot @tniessen