crypto: update WebCryptoAPI Ed25519/448 JWK alg handling

panva · panva · commit 8d557073859b · 2025-03-07T19:38:02.000+01:00
diff --git a/lib/internal/crypto/cfrg.js b/lib/internal/crypto/cfrg.js
@@ -279,6 +279,14 @@ function cfrgImportKey(
           'DataError');
       }
 
+      if (keyData.alg !== undefined && (name === 'Ed25519' || name === 'Ed448')) {
+        if (keyData.alg !== name && keyData.alg !== 'EdDSA') {
+          throw lazyDOMException(
+            'JWK "alg" does not match the requested algorithm',
+            'DataError');
+        }
+      }
+
       if (!isPublic && typeof keyData.x !== 'string') {
         throw lazyDOMException('Invalid JWK', 'DataError');
       }
diff --git a/lib/internal/crypto/webcrypto.js b/lib/internal/crypto/webcrypto.js
@@ -467,6 +467,7 @@ async function exportKeyJWK(key) {
       // Fall through
     case 'Ed448':
       jwk.crv ||= key.algorithm.name;
+      jwk.alg = key.algorithm.name;
       return jwk;
     case 'AES-CTR':
       // Fall through
diff --git a/test/parallel/test-webcrypto-export-import-cfrg.js b/test/parallel/test-webcrypto-export-import-cfrg.js
@@ -12,7 +12,7 @@ const { subtle } = globalThis.crypto;
 
 const keyData = {
   'Ed25519': {
-    jwsAlg: 'EdDSA',
+    jwsAlg: 'Ed25519',
     spki: Buffer.from(
       '302a300506032b6570032100a054b618c12b26c8d43595a5c38dd2b0140b944a' +
       '151f75003278c2b6c58ec08f', 'hex'),
@@ -27,7 +27,7 @@ const keyData = {
     }
   },
   'Ed448': {
-    jwsAlg: 'EdDSA',
+    jwsAlg: 'Ed448',
     spki: Buffer.from(
       '3043300506032b6571033a0008cc38160c85bca5656ac4924af7ea97a9161b20' +
       '2528273dcb84afd2eeb99ac912a401b34ef15ef4d9486406a6eecc31e5909219' +
@@ -183,10 +183,7 @@ async function testImportJwk({ name, publicUsages, privateUsages }, extractable)
 
   const jwk = keyData[name].jwk;
 
-  const [
-    publicKey,
-    privateKey,
-  ] = await Promise.all([
+  const tests = [
     subtle.importKey(
       'jwk',
       {
@@ -221,7 +218,37 @@ async function testImportJwk({ name, publicUsages, privateUsages }, extractable)
       { name },
       extractable,
       privateUsages),
-  ]);
+  ];
+
+  // Test the deprecated "alg" value
+  if (keyData[name].jwsAlg?.startsWith('Ed')) {
+    tests.push(
+      subtle.importKey(
+        'jwk',
+        {
+          alg: 'EdDSA',
+          kty: jwk.kty,
+          crv: jwk.crv,
+          x: jwk.x,
+        },
+        { name },
+        extractable, publicUsages),
+      subtle.importKey(
+        'jwk',
+        {
+          ...jwk,
+          alg: 'EdDSA',
+        },
+        { name },
+        extractable,
+        privateUsages),
+    );
+  }
+
+  const [
+    publicKey,
+    privateKey,
+  ] = await Promise.all(tests);
 
   assert.strictEqual(publicKey.type, 'public');
   assert.strictEqual(privateKey.type, 'private');
@@ -259,8 +286,13 @@ async function testImportJwk({ name, publicUsages, privateUsages }, extractable)
     assert.strictEqual(pvtJwk.crv, jwk.crv);
     assert.strictEqual(pvtJwk.d, jwk.d);
 
-    assert.strictEqual(pubJwk.alg, undefined);
-    assert.strictEqual(pvtJwk.alg, undefined);
+    if (jwk.crv.startsWith('Ed')) {
+      assert.strictEqual(pubJwk.alg, jwk.crv);
+      assert.strictEqual(pvtJwk.alg, jwk.crv);
+    } else {
+      assert.strictEqual(pubJwk.alg, undefined);
+      assert.strictEqual(pvtJwk.alg, undefined);
+    }
   } else {
     await assert.rejects(
       subtle.exportKey('jwk', publicKey), {
@@ -284,22 +316,24 @@ async function testImportJwk({ name, publicUsages, privateUsages }, extractable)
       { message: 'Invalid JWK "use" Parameter' });
   }
 
-  // The JWK alg member is ignored
-  // https://github.com/WICG/webcrypto-secure-curves/pull/24
   if (name.startsWith('Ed')) {
-    await subtle.importKey(
-      'jwk',
-      { kty: jwk.kty, x: jwk.x, crv: jwk.crv, alg: 'foo' },
-      { name },
-      extractable,
-      publicUsages);
+    await assert.rejects(
+      subtle.importKey(
+        'jwk',
+        { kty: jwk.kty, x: jwk.x, crv: jwk.crv, alg: 'foo' },
+        { name },
+        extractable,
+        publicUsages),
+      { message: 'JWK "alg" does not match the requested algorithm' });
 
-    await subtle.importKey(
-      'jwk',
-      { ...jwk, alg: 'foo' },
-      { name },
-      extractable,
-      privateUsages);
+    await assert.rejects(
+      subtle.importKey(
+        'jwk',
+        { ...jwk, alg: 'foo' },
+        { name },
+        extractable,
+        privateUsages),
+      { message: 'JWK "alg" does not match the requested algorithm' });
   }
 
   for (const crv of [undefined, name === 'Ed25519' ? 'Ed448' : 'Ed25519']) {

Original file line number	Diff line number	Diff line change
`@@ -279,6 +279,14 @@ function cfrgImportKey(`
`279`	`279`	`'DataError');`
`280`	`280`	`}`
`281`	`281`
	`282`	`+ if (keyData.alg !== undefined && (name === 'Ed25519' \|\| name === 'Ed448')) {`
	`283`	`+ if (keyData.alg !== name && keyData.alg !== 'EdDSA') {`
	`284`	`+ throw lazyDOMException(`
	`285`	`+ 'JWK "alg" does not match the requested algorithm',`
	`286`	`+ 'DataError');`
	`287`	`+ }`
	`288`	`+ }`
	`289`	`+`
`282`	`290`	`if (!isPublic && typeof keyData.x !== 'string') {`
`283`	`291`	`throw lazyDOMException('Invalid JWK', 'DataError');`
`284`	`292`	`}`