crypto: fix webcrypto generateKey() with empty usages

PR-URL: https://github.com/nodejs/node/pull/43431 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
2024-11-21 10:59:27 +00:00 · 2022-06-14 21:29:17 +02:00 · 2022-06-14 21:29:17 +02:00 · 677bd668b7
commit 677bd668b7
parent 288304c888
3 changed files with 15 additions and 1 deletions
--- a/lib/internal/crypto/webcrypto.js
+++ b/lib/internal/crypto/webcrypto.js
@ -89,6 +89,11 @@ async function generateKey(
  algorithm = normalizeAlgorithm(algorithm);
  validateBoolean(extractable, 'extractable');
  validateArray(keyUsages, 'keyUsages');
+  if (keyUsages.length === 0) {
+    throw lazyDOMException(
+      'Usages cannot be empty when creating a key',
+      'SyntaxError');
+  }
  switch (algorithm.name) {
    case 'RSASSA-PKCS1-v1_5':
      // Fall through
--- a/test/parallel/test-webcrypto-keygen.js
+++ b/test/parallel/test-webcrypto-keygen.js
@ -210,6 +210,15 @@ const vectors = {
 // Test bad usages
 {
  async function test(name) {
+    await assert.rejects(
+      subtle.generateKey(
+        {
+          name, ...vectors[name].algorithm
+        },
+        true,
+        []),
+      { message: /Usages cannot be empty/ });
+
    const invalidUsages = [];
    allUsages.forEach((usage) => {
      if (!vectors[name].usages.includes(usage))
--- a/test/parallel/test-webcrypto-sign-verify-hmac.js
+++ b/test/parallel/test-webcrypto-sign-verify-hmac.js
@ -153,7 +153,7 @@ async function testSign({ hash,
  }

  await assert.rejects(
-    subtle.generateKey({ name }, false, []), {
+    subtle.generateKey({ name }, false, ['sign', 'verify']), {
      name: 'TypeError',
      code: 'ERR_MISSING_OPTION',
      message: 'algorithm.hash is required'