Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bug 27601 - Inconsistent enforcement of JWK's "use" versus "key_ops" during public key import #64

Closed
mwatson2 opened this issue May 24, 2016 · 3 comments

Comments

@mwatson2
Copy link
Collaborator

mwatson2 commented May 24, 2016

Bug 27601 :

Consider the case of importing an RSA-PSS public key using JWK.

WebCrypto callers can request usages of either ['verify'] or [] (no usages)

If empty usages are specified then it is possible to import the following JWK:

 {
   "kty": "RSA",
   "key_ops": ["encrypt", "decrypt", "wrapKey", "unwrapKey"],
   ...
 }

The above key is for an encryption algorithm, but it is allowed to be imported for a signing algorithm because the requested usages, [], were a subset of the usages granted to the key.

OK fine.

However, it is NOT possible to import the following:

 {
   "kty": "RSA",
   "use": "enc",
   ...
 }

Conceptually these represent the same kind of key, however WebCrypto enforces use differently from key_ops. use in this case is required to be an exact match of sig.

The same situation applies to ECDH keys.

I believe the key_ops behavior is the correct one, and use should work the same way. I feel this way because JWK allows pairing unrelated usages in key_ops (although discourages it) [1]. So it stands to reason that such a key should be importable into WebCrypto.

[1] Section 4.3 of JWK spec says: "Multiple unrelated key operations SHOULD NOT be specified" ..... SHOULD NOT != MUST NOT

@mwatson2
Copy link
Collaborator Author

This issue applies to all algorithms. It is always possible to import a key with empty usages. The only thing you can do with this is export it again. The question is, for a key with JWK use specified, do you need to use an algorithm of the appropriate type (signature, encryption etc.) or just one which supports the right kind of key. Since you are not able to actually perform an operation with this key, it seems sufficient that the algorithm you use support that kind of key.

So, I suggest that we ignore the use value when usages is empty.

@mwatson2
Copy link
Collaborator Author

Pull Request #100

@mwatson2
Copy link
Collaborator Author

Closed in 4a2df8c

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant