crypto: implement rfc7517 recommendation

print warning with unrelated key combination

Author: hotpineapple

lib/internal/crypto/util.js

@@ -16,6 +16,7 @@ const {
   ObjectKeys,
   ObjectPrototypeHasOwnProperty,
   Promise,
+  SafeSet,
   StringPrototypeToUpperCase,
   Symbol,
   TypedArrayPrototypeGetBuffer,
@@ -757,9 +758,26 @@ const kKeyOps = {
   deriveBits: 8,
 };
 
+const allowedGroups = [
+  new SafeSet(['sign', 'verify']),
+  new SafeSet(['encrypt', 'decrypt']),
+  new SafeSet(['wrapKey', 'unwrapKey']),
+];
+
 function validateKeyOps(keyOps, usagesSet) {
   if (keyOps === undefined) return;
   validateArray(keyOps, 'keyData.key_ops');
+  const keyOpsSet = new SafeSet(keyOps);
+  const isValidCombo = allowedGroups.some((group) => {
+    return [...keyOpsSet].every((op) => group.has(op));
+  });
+  if (!isValidCombo && keyOpsSet.size > 1) {
+    process.emitWarning(
+      'Using unrelated key_ops combinations (RFC7517 section 4.3) is deprecated and will throw in a future version.',
+      'DeprecationWarning',
+    );
+  }
+
   let flags = 0;
   for (let n = 0; n < keyOps.length; n++) {
     const op = keyOps[n];
@@ -771,10 +789,6 @@ function validateKeyOps(keyOps, usagesSet) {
     if (flags & (1 << op_flag))
       throw lazyDOMException('Duplicate key operation', 'DataError');
     flags |= (1 << op_flag);
-
-    // TODO(@jasnell): RFC7517 section 4.3 strong recommends validating
-    // key usage combinations. Specifically, it says that unrelated key
-    // ops SHOULD NOT be used together. We're not yet validating that here.
   }
 
   if (usagesSet !== undefined) {