Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto: fix webcrypto JWK EC and OKP import crv check #43346

Merged
merged 1 commit into from
Jun 15, 2022
Merged

crypto: fix webcrypto JWK EC and OKP import crv check #43346

merged 1 commit into from
Jun 15, 2022

Conversation

panva
Copy link
Member

@panva panva commented Jun 8, 2022
edited
Loading

This PR ensures the JWK crv member is properly validated to match the algorithm.

For kty: EC this has to match the namedCurve property of the algorithm for both ECDSA and ECDH keys.
For kty: OKP this has to match the name of the algorithm.

Current behaviour is that the crv member is incorrectly ignored and may even be undefined.

@panva panva added crypto Issues and PRs related to the crypto subsystem. webcrypto labels Jun 8, 2022
@panva panva requested review from jasnell and tniessen June 8, 2022 11:41
@nodejs-github-bot
Copy link
Collaborator

Review requested:

  • @nodejs/crypto

@nodejs-github-bot nodejs-github-bot added the needs-ci PRs that need a full CI run. label Jun 8, 2022
@panva panva added the request-ci Add this label to start a Jenkins CI on a PR. label Jun 8, 2022
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Jun 8, 2022
@nodejs-github-bot

This comment was marked as outdated.

Sign in to view
@nodejs-github-bot

This comment was marked as outdated.

Sign in to view
@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/44408/

@panva panva added the experimental Issues and PRs related to experimental features. label Jun 9, 2022
@tniessen tniessen added the author ready PRs that have at least one approval, no pending requests for changes, and a CI started. label Jun 9, 2022
@github-actions github-actions bot mentioned this pull request Jun 13, 2022
Open
15 tasks
@panva panva added the commit-queue Add this label to land a pull request using GitHub Actions. label Jun 15, 2022
@nodejs-github-bot nodejs-github-bot removed the commit-queue Add this label to land a pull request using GitHub Actions. label Jun 15, 2022
@nodejs-github-bot nodejs-github-bot merged commit 4420d52 into nodejs:master Jun 15, 2022
@nodejs-github-bot
Copy link
Collaborator

Landed in 4420d52

danielleadams pushed a commit that referenced this pull request Jun 16, 2022
@panva @danielleadams
crypto: fix webcrypto JWK EC and OKP import crv check
0a075cb 
PR-URL: #43346
Reviewed-By: Tobias Nießen <[email protected]>
@danielleadams danielleadams mentioned this pull request Jun 16, 2022
Merged
targos pushed a commit that referenced this pull request Jul 12, 2022
@panva @targos
crypto: fix webcrypto JWK EC and OKP import crv check
bedf0c0 
PR-URL: #43346
Reviewed-By: Tobias Nießen <[email protected]>
targos pushed a commit that referenced this pull request Jul 31, 2022
@panva @targos
crypto: fix webcrypto JWK EC and OKP import crv check
a57149d 
PR-URL: #43346
Reviewed-By: Tobias Nießen <[email protected]>
@targos targos mentioned this pull request Aug 3, 2022
Merged
guangwong pushed a commit to noslate-project/node that referenced this pull request Oct 10, 2022
@panva @guangwong
crypto: fix webcrypto JWK EC and OKP import crv check
016be67 
PR-URL: nodejs/node#43346
Reviewed-By: Tobias Nießen <[email protected]>
@panva panva deleted the fix-jwk-crv-import branch October 13, 2022 09:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tniessen tniessen tniessen approved these changes

@jasnell jasnell Awaiting requested review from jasnell

Assignees
No one assigned
Labels
author ready PRs that have at least one approval, no pending requests for changes, and a CI started. crypto Issues and PRs related to the crypto subsystem. experimental Issues and PRs related to experimental features. needs-ci PRs that need a full CI run. webcrypto
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@panva @nodejs-github-bot @tniessen