refactor: dry and fix key.algorithms when key has alg

2026-05-24 20:41:46 +00:00 · 2019-01-27 20:47:05 +01:00 · 2019-01-27 20:47:05 +01:00 · bf72a5e52e
commit bf72a5e52e
parent f3265330c8
3 changed files with 25 additions and 76 deletions
--- a/lib/jwk/key/ec.js
+++ b/lib/jwk/key/ec.js
@ -3,12 +3,6 @@ const generateKeyPair = promisify(require('crypto').generateKeyPair)

 const Key = require('./base')

-const SIG_ALGS = new Set([
-  'ES256',
-  'ES384',
-  'ES512'
-])
-
 const WRAP_ALGS = new Set([
  'ECDH-ES',
  'ECDH-ES+A128KW',
@ -38,50 +32,38 @@ class ECKey extends Key {
    return { crv: this.crv, kty: 'EC', x: this.x, y: this.y }
  }

-  algorithms (operation) {
+  algorithms (operation, { use = this.use, alg = this.alg } = {}) {
+    if (alg) {
+      return new Set(this.algorithms(operation, { alg: null, use }).has(alg) ? [alg] : undefined)
+    }
+
    switch (operation) {
      case 'encrypt':
      case 'decrypt':
        return new Set()
      case 'sign':
-        if (this.public || this.use === 'enc') {
+        if (this.public || use === 'enc') {
          return new Set()
        }

-        if (this.alg) {
-          return new Set(SIG_ALGS.has(this.alg) ? [this.alg] : undefined)
-        }
-
        return new Set([`ES${this.length === 521 ? 512 : this.length}`])
      case 'verify':
-        if (this.use === 'enc') {
+        if (use === 'enc') {
          return new Set()
        }

-        if (this.alg) {
-          return new Set(SIG_ALGS.has(this.alg) ? [this.alg] : undefined)
-        }
-
        return new Set([`ES${this.length === 521 ? 512 : this.length}`])
      case 'wrapKey':
-        if (this.use === 'sig') {
+        if (use === 'sig') {
          return new Set()
        }

-        if (this.alg) {
-          return new Set(WRAP_ALGS.has(this.alg) ? [this.alg] : undefined)
-        }
-
        return new Set(WRAP_ALGS)
      case 'unwrapKey':
-        if (this.public || this.use === 'sig') {
+        if (this.public || use === 'sig') {
          return new Set()
        }

-        if (this.alg) {
-          return new Set(WRAP_ALGS.has(this.alg) ? [this.alg] : undefined)
-        }
-
        return new Set(WRAP_ALGS)
      case undefined:
        return new Set([
--- a/lib/jwk/key/oct.js
+++ b/lib/jwk/key/oct.js
@ -32,19 +32,6 @@ const WRAP_LEN = new Set([
  256
 ])

-const WRAP_ALGS = new Set([
-  'A128KW',
-  'A192KW',
-  'A256KW',
-  'A128GCMKW',
-  'A192GCMKW',
-  'A256GCMKW',
-  'PBES2-HS256+A128KW',
-  'PBES2-HS384+A192KW',
-  'PBES2-HS512+A256KW',
-  'dir'
-])
-
 class OctKey extends Key {
  constructor (...args) {
    super(...args)
@ -71,7 +58,11 @@ class OctKey extends Key {
    return { k: this.k, kty: 'oct' }
  }

-  algorithms (operation) {
+  algorithms (operation, { use = this.use, alg = this.alg } = {}) {
+    if (alg) {
+      return new Set(this.algorithms(operation, { alg: null, use }).has(alg) ? [alg] : undefined)
+    }
+
    switch (operation) {
      case 'encrypt':
      case 'decrypt':
@ -79,32 +70,20 @@ class OctKey extends Key {
          return new Set()
        }

-        if (this.alg) {
-          return new Set(ENC_ALGS.has(this.alg) ? [this.alg] : undefined)
-        }
-
        return new Set([`A${this.length / 2}CBC-HS${this.length}`, `A${this.length}GCM`].filter(a => ENC_ALGS.has(a)))
      case 'sign':
      case 'verify':
-        if (this.use === 'enc') {
+        if (use === 'enc') {
          return new Set()
        }

-        if (this.alg) {
-          return new Set(SIG_ALGS.has(this.alg) ? [this.alg] : undefined)
-        }
-
        return new Set(SIG_ALGS)
      case 'wrapKey':
      case 'unwrapKey':
-        if (this.use === 'sig') {
+        if (use === 'sig') {
          return new Set()
        }

-        if (this.alg) {
-          return new Set(WRAP_ALGS.has(this.alg) ? [this.alg] : undefined)
-        }
-
        const algs = new Set(['dir', 'PBES2-HS256+A128KW', 'PBES2-HS384+A192KW', 'PBES2-HS512+A256KW'])

        if (WRAP_LEN.has(this.length)) {
--- a/lib/jwk/key/rsa.js
+++ b/lib/jwk/key/rsa.js
@ -39,50 +39,38 @@ class RSAKey extends Key {
    return { e: this.e, kty: 'RSA', n: this.n }
  }

-  algorithms (operation) {
+  algorithms (operation, { use = this.use, alg = this.alg } = {}) {
+    if (alg) {
+      return new Set(this.algorithms(operation, { alg: null, use }).has(alg) ? [alg] : undefined)
+    }
+
    switch (operation) {
      case 'encrypt':
      case 'decrypt':
        return new Set()
      case 'sign':
-        if (this.public || this.use === 'enc') {
+        if (this.public || use === 'enc') {
          return new Set()
        }

-        if (this.alg) {
-          return new Set(SIG_ALGS.has(this.alg) ? [this.alg] : undefined)
-        }
-
        return new Set(SIG_ALGS)
      case 'verify':
-        if (this.use === 'enc') {
+        if (use === 'enc') {
          return new Set()
        }

-        if (this.alg) {
-          return new Set(SIG_ALGS.has(this.alg) ? [this.alg] : undefined)
-        }
-
        return new Set(SIG_ALGS)
      case 'wrapKey':
-        if (this.use === 'sig') {
+        if (use === 'sig') {
          return new Set()
        }

-        if (this.alg) {
-          return new Set(WRAP_ALGS.has(this.alg) ? [this.alg] : undefined)
-        }
-
        return new Set(WRAP_ALGS)
      case 'unwrapKey':
-        if (this.public || this.use === 'sig') {
+        if (this.public || use === 'sig') {
          return new Set()
        }

-        if (this.alg) {
-          return new Set(WRAP_ALGS.has(this.alg) ? [this.alg] : undefined)
-        }
-
        return new Set(WRAP_ALGS)
      case undefined:
        return new Set([