feat(ext/crypto): JWK support for unwrapKey/wrapKey (#13261)

denoland · Jan 7, 2022 · 59f0eaf · 59f0eaf
1 parent 57bfa87
commit 59f0eaf
Show file tree

Hide file tree

Showing 2 changed files with 191 additions and 16 deletions.
diff --git a/ext/crypto/00_crypto.js b/ext/crypto/00_crypto.js
@@ -12,6 +12,7 @@
   const core = window.Deno.core;
   const webidl = window.__bootstrap.webidl;
   const { DOMException } = window.__bootstrap.domException;
+  const { TextEncoder, TextDecoder } = window.__bootstrap.encoding;
 
   const {
     ArrayBuffer,
@@ -23,6 +24,8 @@
     Int16Array,
     Int32Array,
     Int8Array,
+    JSONParse,
+    JSONStringify,
     ObjectAssign,
     StringPrototypeToLowerCase,
     StringPrototypeToUpperCase,
@@ -1259,11 +1262,9 @@
       if (format !== "jwk") {
         bytes = new Uint8Array(exportedKey);
       } else {
-        // TODO(@littledivy): Implement JWK.
-        throw new DOMException(
-          "Not implemented",
-          "NotSupportedError",
-        );
+        const jwk = JSONStringify(exportedKey);
+
+        bytes = new TextEncoder("utf-8").encode(jwk);
       }
 
       // 14-15.
@@ -1278,7 +1279,17 @@
       } else if (
         supportedAlgorithms["encrypt"][normalizedAlgorithm.name] !== undefined
       ) {
-        return await encrypt(normalizedAlgorithm, wrappingKey, bytes);
+        return await encrypt(
+          normalizedAlgorithm,
+          constructKey(
+            wrappingKey[_type],
+            wrappingKey[_extractable],
+            ["encrypt"],
+            wrappingKey[_algorithm],
+            wrappingKey[_handle],
+          ),
+          bytes,
+        );
       } else {
         throw new DOMException(
           "Algorithm not supported",
@@ -1390,7 +1401,13 @@
       ) {
         key = await this.decrypt(
           normalizedAlgorithm,
-          unwrappingKey,
+          constructKey(
+            unwrappingKey[_type],
+            unwrappingKey[_extractable],
+            ["decrypt"],
+            unwrappingKey[_algorithm],
+            unwrappingKey[_handle],
+          ),
           wrappedKey,
         );
       } else {
@@ -1400,14 +1417,14 @@
         );
       }
 
+      let bytes;
       // 14.
-      const bytes = key;
-      if (format == "jwk") {
-        // TODO(@littledivy): Implement JWK.
-        throw new DOMException(
-          "Not implemented",
-          "NotSupportedError",
-        );
+      if (format !== "jwk") {
+        bytes = key;
+      } else {
+        const utf8 = new TextDecoder("utf-8").decode(key);
+
+        bytes = JSONParse(utf8);
       }
 
       // 15.

diff --git a/tools/wpt/expectation.json b/tools/wpt/expectation.json
@@ -1119,8 +1119,166 @@
       "rsa_pss.https.any.worker.html": true
     },
     "wrapKey_unwrapKey": {
-      "wrapKey_unwrapKey.https.any.html": false,
-      "wrapKey_unwrapKey.https.any.worker.html": false
+      "wrapKey_unwrapKey.https.any.html": [
+        "setup",
+        "Can wrap and unwrap AES-GCM keys as non-extractable using raw and AES-CTR",
+        "Can wrap and unwrap AES-GCM keys as non-extractable using jwk and AES-CTR",
+        "Can unwrap AES-GCM non-extractable keys using jwk and AES-CTR",
+        "Can wrap and unwrap AES-KW keys as non-extractable using raw and AES-CTR",
+        "Can wrap and unwrap AES-KW keys as non-extractable using jwk and AES-CTR",
+        "Can unwrap AES-KW non-extractable keys using jwk and AES-CTR",
+        "Can wrap and unwrap AES-GCM keys as non-extractable using raw and AES-CBC",
+        "Can wrap and unwrap AES-GCM keys as non-extractable using jwk and AES-CBC",
+        "Can unwrap AES-GCM non-extractable keys using jwk and AES-CBC",
+        "Can wrap and unwrap AES-KW keys as non-extractable using raw and AES-CBC",
+        "Can wrap and unwrap AES-KW keys as non-extractable using jwk and AES-CBC",
+        "Can unwrap AES-KW non-extractable keys using jwk and AES-CBC",
+        "Can wrap and unwrap HMAC keys using raw and AES-GCM",
+        "Can wrap and unwrap HMAC keys as non-extractable using raw and AES-GCM",
+        "Can wrap and unwrap HMAC keys using jwk and AES-GCM",
+        "Can wrap and unwrap HMAC keys as non-extractable using jwk and AES-GCM",
+        "Can unwrap HMAC non-extractable keys using jwk and AES-GCM",
+        "Can wrap and unwrap AES-CTR keys using raw and AES-GCM",
+        "Can wrap and unwrap AES-CTR keys as non-extractable using raw and AES-GCM",
+        "Can wrap and unwrap AES-CTR keys using jwk and AES-GCM",
+        "Can wrap and unwrap AES-CTR keys as non-extractable using jwk and AES-GCM",
+        "Can unwrap AES-CTR non-extractable keys using jwk and AES-GCM",
+        "Can wrap and unwrap AES-CBC keys using raw and AES-GCM",
+        "Can wrap and unwrap AES-CBC keys as non-extractable using raw and AES-GCM",
+        "Can wrap and unwrap AES-CBC keys using jwk and AES-GCM",
+        "Can wrap and unwrap AES-CBC keys as non-extractable using jwk and AES-GCM",
+        "Can unwrap AES-CBC non-extractable keys using jwk and AES-GCM",
+        "Can wrap and unwrap AES-GCM keys using raw and AES-GCM",
+        "Can wrap and unwrap AES-GCM keys as non-extractable using raw and AES-GCM",
+        "Can wrap and unwrap AES-GCM keys using jwk and AES-GCM",
+        "Can wrap and unwrap AES-GCM keys as non-extractable using jwk and AES-GCM",
+        "Can unwrap AES-GCM non-extractable keys using jwk and AES-GCM",
+        "Can wrap and unwrap AES-KW keys using raw and AES-GCM",
+        "Can wrap and unwrap AES-KW keys as non-extractable using raw and AES-GCM",
+        "Can wrap and unwrap AES-KW keys using jwk and AES-GCM",
+        "Can wrap and unwrap AES-KW keys as non-extractable using jwk and AES-GCM",
+        "Can unwrap AES-KW non-extractable keys using jwk and AES-GCM",
+        "Can wrap and unwrap RSA-PSS public key keys using spki and AES-GCM",
+        "Can wrap and unwrap RSA-PSS public key keys using jwk and AES-GCM",
+        "Can wrap and unwrap RSA-PSS private key keys using pkcs8 and AES-GCM",
+        "Can wrap and unwrap RSA-PSS private key keys as non-extractable using pkcs8 and AES-GCM",
+        "Can wrap and unwrap RSA-PSS private key keys using jwk and AES-GCM",
+        "Can wrap and unwrap RSA-PSS private key keys as non-extractable using jwk and AES-GCM",
+        "Can unwrap RSA-PSS private key non-extractable keys using jwk and AES-GCM",
+        "Can wrap and unwrap RSA-OAEP public key keys using spki and AES-GCM",
+        "Can wrap and unwrap RSA-OAEP public key keys using jwk and AES-GCM",
+        "Can wrap and unwrap RSA-OAEP private key keys using pkcs8 and AES-GCM",
+        "Can wrap and unwrap RSA-OAEP private key keys as non-extractable using pkcs8 and AES-GCM",
+        "Can wrap and unwrap RSA-OAEP private key keys using jwk and AES-GCM",
+        "Can wrap and unwrap RSA-OAEP private key keys as non-extractable using jwk and AES-GCM",
+        "Can unwrap RSA-OAEP private key non-extractable keys using jwk and AES-GCM",
+        "Can wrap and unwrap RSASSA-PKCS1-v1_5 public key keys using spki and AES-GCM",
+        "Can wrap and unwrap RSASSA-PKCS1-v1_5 public key keys using jwk and AES-GCM",
+        "Can wrap and unwrap RSASSA-PKCS1-v1_5 private key keys using pkcs8 and AES-GCM",
+        "Can wrap and unwrap RSASSA-PKCS1-v1_5 private key keys as non-extractable using pkcs8 and AES-GCM",
+        "Can wrap and unwrap RSASSA-PKCS1-v1_5 private key keys using jwk and AES-GCM",
+        "Can wrap and unwrap RSASSA-PKCS1-v1_5 private key keys as non-extractable using jwk and AES-GCM",
+        "Can unwrap RSASSA-PKCS1-v1_5 private key non-extractable keys using jwk and AES-GCM",
+        "Can wrap and unwrap HMAC keys using raw and AES-KW",
+        "Can wrap and unwrap HMAC keys as non-extractable using raw and AES-KW",
+        "Can wrap and unwrap AES-CTR keys using raw and AES-KW",
+        "Can wrap and unwrap AES-CTR keys as non-extractable using raw and AES-KW",
+        "Can wrap and unwrap AES-CBC keys using raw and AES-KW",
+        "Can wrap and unwrap AES-CBC keys as non-extractable using raw and AES-KW",
+        "Can wrap and unwrap AES-GCM keys using raw and AES-KW",
+        "Can wrap and unwrap AES-GCM keys as non-extractable using raw and AES-KW",
+        "Can wrap and unwrap AES-KW keys using raw and AES-KW",
+        "Can wrap and unwrap AES-KW keys as non-extractable using raw and AES-KW",
+        "Can wrap and unwrap RSA-PSS public key keys using jwk and AES-KW",
+        "Can wrap and unwrap RSA-OAEP public key keys using jwk and AES-KW",
+        "Can wrap and unwrap RSASSA-PKCS1-v1_5 public key keys using jwk and AES-KW",
+        "Can wrap and unwrap AES-GCM keys as non-extractable using raw and RSA-OAEP",
+        "Can wrap and unwrap AES-GCM keys as non-extractable using jwk and RSA-OAEP",
+        "Can unwrap AES-GCM non-extractable keys using jwk and RSA-OAEP",
+        "Can wrap and unwrap AES-KW keys as non-extractable using raw and RSA-OAEP",
+        "Can wrap and unwrap AES-KW keys as non-extractable using jwk and RSA-OAEP",
+        "Can unwrap AES-KW non-extractable keys using jwk and RSA-OAEP"
+      ],
+      "wrapKey_unwrapKey.https.any.worker.html": [
+        "setup",
+        "Can wrap and unwrap AES-GCM keys as non-extractable using raw and AES-CTR",
+        "Can wrap and unwrap AES-GCM keys as non-extractable using jwk and AES-CTR",
+        "Can unwrap AES-GCM non-extractable keys using jwk and AES-CTR",
+        "Can wrap and unwrap AES-KW keys as non-extractable using raw and AES-CTR",
+        "Can wrap and unwrap AES-KW keys as non-extractable using jwk and AES-CTR",
+        "Can unwrap AES-KW non-extractable keys using jwk and AES-CTR",
+        "Can wrap and unwrap AES-GCM keys as non-extractable using raw and AES-CBC",
+        "Can wrap and unwrap AES-GCM keys as non-extractable using jwk and AES-CBC",
+        "Can unwrap AES-GCM non-extractable keys using jwk and AES-CBC",
+        "Can wrap and unwrap AES-KW keys as non-extractable using raw and AES-CBC",
+        "Can wrap and unwrap AES-KW keys as non-extractable using jwk and AES-CBC",
+        "Can unwrap AES-KW non-extractable keys using jwk and AES-CBC",
+        "Can wrap and unwrap HMAC keys using raw and AES-GCM",
+        "Can wrap and unwrap HMAC keys as non-extractable using raw and AES-GCM",
+        "Can wrap and unwrap HMAC keys using jwk and AES-GCM",
+        "Can wrap and unwrap HMAC keys as non-extractable using jwk and AES-GCM",
+        "Can unwrap HMAC non-extractable keys using jwk and AES-GCM",
+        "Can wrap and unwrap AES-CTR keys using raw and AES-GCM",
+        "Can wrap and unwrap AES-CTR keys as non-extractable using raw and AES-GCM",
+        "Can wrap and unwrap AES-CTR keys using jwk and AES-GCM",
+        "Can wrap and unwrap AES-CTR keys as non-extractable using jwk and AES-GCM",
+        "Can unwrap AES-CTR non-extractable keys using jwk and AES-GCM",
+        "Can wrap and unwrap AES-CBC keys using raw and AES-GCM",
+        "Can wrap and unwrap AES-CBC keys as non-extractable using raw and AES-GCM",
+        "Can wrap and unwrap AES-CBC keys using jwk and AES-GCM",
+        "Can wrap and unwrap AES-CBC keys as non-extractable using jwk and AES-GCM",
+        "Can unwrap AES-CBC non-extractable keys using jwk and AES-GCM",
+        "Can wrap and unwrap AES-GCM keys using raw and AES-GCM",
+        "Can wrap and unwrap AES-GCM keys as non-extractable using raw and AES-GCM",
+        "Can wrap and unwrap AES-GCM keys using jwk and AES-GCM",
+        "Can wrap and unwrap AES-GCM keys as non-extractable using jwk and AES-GCM",
+        "Can unwrap AES-GCM non-extractable keys using jwk and AES-GCM",
+        "Can wrap and unwrap AES-KW keys using raw and AES-GCM",
+        "Can wrap and unwrap AES-KW keys as non-extractable using raw and AES-GCM",
+        "Can wrap and unwrap AES-KW keys using jwk and AES-GCM",
+        "Can wrap and unwrap AES-KW keys as non-extractable using jwk and AES-GCM",
+        "Can unwrap AES-KW non-extractable keys using jwk and AES-GCM",
+        "Can wrap and unwrap RSA-OAEP public key keys using spki and AES-GCM",
+        "Can wrap and unwrap RSA-OAEP public key keys using jwk and AES-GCM",
+        "Can wrap and unwrap RSA-OAEP private key keys using pkcs8 and AES-GCM",
+        "Can wrap and unwrap RSA-OAEP private key keys as non-extractable using pkcs8 and AES-GCM",
+        "Can wrap and unwrap RSA-OAEP private key keys using jwk and AES-GCM",
+        "Can wrap and unwrap RSA-OAEP private key keys as non-extractable using jwk and AES-GCM",
+        "Can unwrap RSA-OAEP private key non-extractable keys using jwk and AES-GCM",
+        "Can wrap and unwrap RSASSA-PKCS1-v1_5 public key keys using spki and AES-GCM",
+        "Can wrap and unwrap RSASSA-PKCS1-v1_5 public key keys using jwk and AES-GCM",
+        "Can wrap and unwrap RSASSA-PKCS1-v1_5 private key keys using pkcs8 and AES-GCM",
+        "Can wrap and unwrap RSASSA-PKCS1-v1_5 private key keys as non-extractable using pkcs8 and AES-GCM",
+        "Can wrap and unwrap RSASSA-PKCS1-v1_5 private key keys using jwk and AES-GCM",
+        "Can wrap and unwrap RSASSA-PKCS1-v1_5 private key keys as non-extractable using jwk and AES-GCM",
+        "Can unwrap RSASSA-PKCS1-v1_5 private key non-extractable keys using jwk and AES-GCM",
+        "Can wrap and unwrap RSA-PSS public key keys using spki and AES-GCM",
+        "Can wrap and unwrap RSA-PSS public key keys using jwk and AES-GCM",
+        "Can wrap and unwrap RSA-PSS private key keys using pkcs8 and AES-GCM",
+        "Can wrap and unwrap RSA-PSS private key keys as non-extractable using pkcs8 and AES-GCM",
+        "Can wrap and unwrap RSA-PSS private key keys using jwk and AES-GCM",
+        "Can wrap and unwrap RSA-PSS private key keys as non-extractable using jwk and AES-GCM",
+        "Can unwrap RSA-PSS private key non-extractable keys using jwk and AES-GCM",
+        "Can wrap and unwrap HMAC keys using raw and AES-KW",
+        "Can wrap and unwrap HMAC keys as non-extractable using raw and AES-KW",
+        "Can wrap and unwrap AES-CTR keys using raw and AES-KW",
+        "Can wrap and unwrap AES-CTR keys as non-extractable using raw and AES-KW",
+        "Can wrap and unwrap AES-CBC keys using raw and AES-KW",
+        "Can wrap and unwrap AES-CBC keys as non-extractable using raw and AES-KW",
+        "Can wrap and unwrap AES-GCM keys using raw and AES-KW",
+        "Can wrap and unwrap AES-GCM keys as non-extractable using raw and AES-KW",
+        "Can wrap and unwrap AES-KW keys using raw and AES-KW",
+        "Can wrap and unwrap AES-KW keys as non-extractable using raw and AES-KW",
+        "Can wrap and unwrap RSA-OAEP public key keys using jwk and AES-KW",
+        "Can wrap and unwrap RSASSA-PKCS1-v1_5 public key keys using jwk and AES-KW",
+        "Can wrap and unwrap RSA-PSS public key keys using jwk and AES-KW",
+        "Can wrap and unwrap AES-GCM keys as non-extractable using raw and RSA-OAEP",
+        "Can wrap and unwrap AES-GCM keys as non-extractable using jwk and RSA-OAEP",
+        "Can unwrap AES-GCM non-extractable keys using jwk and RSA-OAEP",
+        "Can wrap and unwrap AES-KW keys as non-extractable using raw and RSA-OAEP",
+        "Can wrap and unwrap AES-KW keys as non-extractable using jwk and RSA-OAEP",
+        "Can unwrap AES-KW non-extractable keys using jwk and RSA-OAEP"
+      ]
     }
   },
   "console": {