From bf72a5e52e2b31386fa39e79fe7e7ee011cb3d0d Mon Sep 17 00:00:00 2001 From: Filip Skokan Date: Sun, 27 Jan 2019 20:47:05 +0100 Subject: [PATCH] refactor: dry and fix key.algorithms when key has alg --- lib/jwk/key/ec.js | 36 +++++++++--------------------------- lib/jwk/key/oct.js | 35 +++++++---------------------------- lib/jwk/key/rsa.js | 30 +++++++++--------------------- 3 files changed, 25 insertions(+), 76 deletions(-) diff --git a/lib/jwk/key/ec.js b/lib/jwk/key/ec.js index e52c16f6..fb626bf4 100644 --- a/lib/jwk/key/ec.js +++ b/lib/jwk/key/ec.js @@ -3,12 +3,6 @@ const generateKeyPair = promisify(require('crypto').generateKeyPair) const Key = require('./base') -const SIG_ALGS = new Set([ - 'ES256', - 'ES384', - 'ES512' -]) - const WRAP_ALGS = new Set([ 'ECDH-ES', 'ECDH-ES+A128KW', @@ -38,50 +32,38 @@ class ECKey extends Key { return { crv: this.crv, kty: 'EC', x: this.x, y: this.y } } - algorithms (operation) { + algorithms (operation, { use = this.use, alg = this.alg } = {}) { + if (alg) { + return new Set(this.algorithms(operation, { alg: null, use }).has(alg) ? [alg] : undefined) + } + switch (operation) { case 'encrypt': case 'decrypt': return new Set() case 'sign': - if (this.public || this.use === 'enc') { + if (this.public || use === 'enc') { return new Set() } - if (this.alg) { - return new Set(SIG_ALGS.has(this.alg) ? [this.alg] : undefined) - } - return new Set([`ES${this.length === 521 ? 512 : this.length}`]) case 'verify': - if (this.use === 'enc') { + if (use === 'enc') { return new Set() } - if (this.alg) { - return new Set(SIG_ALGS.has(this.alg) ? [this.alg] : undefined) - } - return new Set([`ES${this.length === 521 ? 512 : this.length}`]) case 'wrapKey': - if (this.use === 'sig') { + if (use === 'sig') { return new Set() } - if (this.alg) { - return new Set(WRAP_ALGS.has(this.alg) ? [this.alg] : undefined) - } - return new Set(WRAP_ALGS) case 'unwrapKey': - if (this.public || this.use === 'sig') { + if (this.public || use === 'sig') { return new Set() } - if (this.alg) { - return new Set(WRAP_ALGS.has(this.alg) ? [this.alg] : undefined) - } - return new Set(WRAP_ALGS) case undefined: return new Set([ diff --git a/lib/jwk/key/oct.js b/lib/jwk/key/oct.js index 354e4856..db5d96cb 100644 --- a/lib/jwk/key/oct.js +++ b/lib/jwk/key/oct.js @@ -32,19 +32,6 @@ const WRAP_LEN = new Set([ 256 ]) -const WRAP_ALGS = new Set([ - 'A128KW', - 'A192KW', - 'A256KW', - 'A128GCMKW', - 'A192GCMKW', - 'A256GCMKW', - 'PBES2-HS256+A128KW', - 'PBES2-HS384+A192KW', - 'PBES2-HS512+A256KW', - 'dir' -]) - class OctKey extends Key { constructor (...args) { super(...args) @@ -71,7 +58,11 @@ class OctKey extends Key { return { k: this.k, kty: 'oct' } } - algorithms (operation) { + algorithms (operation, { use = this.use, alg = this.alg } = {}) { + if (alg) { + return new Set(this.algorithms(operation, { alg: null, use }).has(alg) ? [alg] : undefined) + } + switch (operation) { case 'encrypt': case 'decrypt': @@ -79,32 +70,20 @@ class OctKey extends Key { return new Set() } - if (this.alg) { - return new Set(ENC_ALGS.has(this.alg) ? [this.alg] : undefined) - } - return new Set([`A${this.length / 2}CBC-HS${this.length}`, `A${this.length}GCM`].filter(a => ENC_ALGS.has(a))) case 'sign': case 'verify': - if (this.use === 'enc') { + if (use === 'enc') { return new Set() } - if (this.alg) { - return new Set(SIG_ALGS.has(this.alg) ? [this.alg] : undefined) - } - return new Set(SIG_ALGS) case 'wrapKey': case 'unwrapKey': - if (this.use === 'sig') { + if (use === 'sig') { return new Set() } - if (this.alg) { - return new Set(WRAP_ALGS.has(this.alg) ? [this.alg] : undefined) - } - const algs = new Set(['dir', 'PBES2-HS256+A128KW', 'PBES2-HS384+A192KW', 'PBES2-HS512+A256KW']) if (WRAP_LEN.has(this.length)) { diff --git a/lib/jwk/key/rsa.js b/lib/jwk/key/rsa.js index 85569e91..be0153e9 100644 --- a/lib/jwk/key/rsa.js +++ b/lib/jwk/key/rsa.js @@ -39,50 +39,38 @@ class RSAKey extends Key { return { e: this.e, kty: 'RSA', n: this.n } } - algorithms (operation) { + algorithms (operation, { use = this.use, alg = this.alg } = {}) { + if (alg) { + return new Set(this.algorithms(operation, { alg: null, use }).has(alg) ? [alg] : undefined) + } + switch (operation) { case 'encrypt': case 'decrypt': return new Set() case 'sign': - if (this.public || this.use === 'enc') { + if (this.public || use === 'enc') { return new Set() } - if (this.alg) { - return new Set(SIG_ALGS.has(this.alg) ? [this.alg] : undefined) - } - return new Set(SIG_ALGS) case 'verify': - if (this.use === 'enc') { + if (use === 'enc') { return new Set() } - if (this.alg) { - return new Set(SIG_ALGS.has(this.alg) ? [this.alg] : undefined) - } - return new Set(SIG_ALGS) case 'wrapKey': - if (this.use === 'sig') { + if (use === 'sig') { return new Set() } - if (this.alg) { - return new Set(WRAP_ALGS.has(this.alg) ? [this.alg] : undefined) - } - return new Set(WRAP_ALGS) case 'unwrapKey': - if (this.public || this.use === 'sig') { + if (this.public || use === 'sig') { return new Set() } - if (this.alg) { - return new Set(WRAP_ALGS.has(this.alg) ? [this.alg] : undefined) - } - return new Set(WRAP_ALGS) case undefined: return new Set([