fix bug where usages could contain more than only sign or verify and …

…would be deemed valid

c-dependencies/js-compute-runtime/builtins/crypto-algorithm.cpp

@@ -533,10 +533,10 @@ JSObject *CryptoAlgorithmRSASSA_PKCS1_v1_5_Import::importKey(JSContext *cx, Cryp
     bool isUsagesAllowed = false;
     // public key
     if (jwk->d.has_value()) {
-      isUsagesAllowed = usages.canSign();
+      isUsagesAllowed = usages.canOnlySign();
     } else {
       // private key
-      isUsagesAllowed = usages.canVerify();
+      isUsagesAllowed = usages.canOnlyVerify();
     }
     if (!isUsagesAllowed) {
       // TODO Rename error to SyntaxError

c-dependencies/js-compute-runtime/builtins/crypto-key.h

@@ -46,6 +46,15 @@ class CryptoKeyUsages {
   bool canDeriveBits() { return this->mask & derive_bits_flag; };
   bool canWrapKey() { return this->mask & wrap_key_flag; };
   bool canUnwrapKey() { return this->mask & unwrap_key_flag; };
+
+  bool canOnlyEncrypt() { return this->mask == encrypt_flag; };
+  bool canOnlyDecrypt() { return this->mask == decrypt_flag; };
+  bool canOnlySign() { return this->mask == sign_flag; };
+  bool canOnlyVerify() { return this->mask == verify_flag; };
+  bool canOnlyDeriveKey() { return this->mask == derive_key_flag; };
+  bool canOnlyDeriveBits() { return this->mask == derive_bits_flag; };
+  bool canOnlyWrapKey() { return this->mask == wrap_key_flag; };
+  bool canOnlyUnwrapKey() { return this->mask == unwrap_key_flag; };
 };
 
 class CryptoKey : public BuiltinImpl<CryptoKey> {