From 76dfa54e5df7f8cee7501cc6d598cf647c2b8564 Mon Sep 17 00:00:00 2001
From: Javier Fernandez Garcia-Boente <jfernandez@igalia.com>
Date: Sat, 30 Nov 2024 18:07:32 +0100
Subject: [PATCH] [WebCryptoAPI] Additional invalid cases for the JWK import
 tests (#49383)

---
 .../ec_importKey_failures_fixtures.js         | 22 +++++++
 .../import_export/importKey_failures.js       | 60 +++++++++++++++++++
 .../okp_importKey_failures_fixtures.js        | 24 ++++++++
 3 files changed, 106 insertions(+)

diff --git a/WebCryptoAPI/import_export/ec_importKey_failures_fixtures.js b/WebCryptoAPI/import_export/ec_importKey_failures_fixtures.js
index 796db364c2e2dc..a2d25e816cbd73 100644
--- a/WebCryptoAPI/import_export/ec_importKey_failures_fixtures.js
+++ b/WebCryptoAPI/import_export/ec_importKey_failures_fixtures.js
@@ -19,6 +19,14 @@ function getMismatchedJWKKeyData(algorithm) {
     return [];
 }
 
+function getMismatchedKtyField(algorithm) {
+    return mismatchedKtyField[algorithm.name];
+}
+
+function getMismatchedCrvField(algorithm) {
+    return mismatchedCrvField[algorithm.name];
+}
+
 var validKeyData = {
     "P-521": [
         {
@@ -201,3 +209,17 @@ var missingJWKFieldKeyData = {
         }
     ]
 };
+
+// The 'kty' field doesn't match the key algorithm.
+var mismatchedKtyField =  {
+    "P-521": "OKP",
+    "P-256": "OKP",
+    "P-384": "OKP",
+}
+
+// The 'kty' field doesn't match the key algorithm.
+var mismatchedCrvField =  {
+    "P-521": "P-256",
+    "P-256": "P-384",
+    "P-384": "P-521",
+}
diff --git a/WebCryptoAPI/import_export/importKey_failures.js b/WebCryptoAPI/import_export/importKey_failures.js
index 077ae076c648b0..453461a8771f51 100644
--- a/WebCryptoAPI/import_export/importKey_failures.js
+++ b/WebCryptoAPI/import_export/importKey_failures.js
@@ -207,4 +207,64 @@ function run_test(algorithmNames) {
         });
     });
 
+    // The 'kty' field is not correct.
+    testVectors.forEach(function(vector) {
+        var name = vector.name;
+        allAlgorithmSpecifiersFor(name).forEach(function(algorithm) {
+            getValidKeyData(algorithm).forEach(function(test) {
+                if (test.format === "jwk") {
+                    var data = {crv: test.data.crv, kty: test.data.kty, d: test.data.d, x: test.data.x, d: test.data.d};
+                    data.kty = getMismatchedKtyField(algorithm);
+                    var usages =  validUsages(vector, 'jwk', test.data);
+                    testError('jwk', algorithm, data, name, usages, true, "DataError", "Invalid 'kty' field");
+                }
+            });
+        });
+    });
+
+    // The 'ext' field is not correct.
+    testVectors.forEach(function(vector) {
+        var name = vector.name;
+        allAlgorithmSpecifiersFor(name).forEach(function(algorithm) {
+            getValidKeyData(algorithm).forEach(function(test) {
+                if (test.format === "jwk") {
+                    var data = {crv: test.data.crv, kty: test.data.kty, d: test.data.d, x: test.data.x, d: test.data.d};
+                    data.ext = false;
+                    var usages =  validUsages(vector, 'jwk', test.data);
+                    testError('jwk', algorithm, data, name, usages, true, "DataError", "Import from a non-extractable");
+                }
+            });
+        });
+    });
+
+    // The 'use' field is incorrect.
+    testVectors.forEach(function(vector) {
+        var name = vector.name;
+        allAlgorithmSpecifiersFor(name).forEach(function(algorithm) {
+            getValidKeyData(algorithm).forEach(function(test) {
+                if (test.format === "jwk") {
+                    var data = {crv: test.data.crv, kty: test.data.kty, d: test.data.d, x: test.data.x, d: test.data.d};
+                    data.use = "invalid";
+                    var usages =  validUsages(vector, 'jwk', test.data);
+                    if (usages.length !== 0)
+                        testError('jwk', algorithm, data, name, usages, true, "DataError", "Invalid 'use' field");
+                }
+            });
+        });
+    });
+
+    // The 'crv' field is incorrect.
+    testVectors.forEach(function(vector) {
+        var name = vector.name;
+        allAlgorithmSpecifiersFor(name).forEach(function(algorithm) {
+            getValidKeyData(algorithm).forEach(function(test) {
+                if (test.format === "jwk") {
+                    var data = {crv: test.data.crv, kty: test.data.kty, d: test.data.d, x: test.data.x, d: test.data.d};
+                    data.crv = getMismatchedCrvField(algorithm)
+                    var usages =  validUsages(vector, 'jwk', test.data);
+                    testError('jwk', algorithm, data, name, usages, true, "DataError", "Invalid 'crv' field");
+                }
+            });
+        });
+    });
 }
diff --git a/WebCryptoAPI/import_export/okp_importKey_failures_fixtures.js b/WebCryptoAPI/import_export/okp_importKey_failures_fixtures.js
index 88f552291cdf6b..9bedddc5c5944a 100644
--- a/WebCryptoAPI/import_export/okp_importKey_failures_fixtures.js
+++ b/WebCryptoAPI/import_export/okp_importKey_failures_fixtures.js
@@ -17,6 +17,14 @@ function getMismatchedJWKKeyData(algorithm) {
     return mismatchedJWKKeyData[algorithm.name];
 }
 
+function getMismatchedKtyField(algorithm) {
+    return mismatchedKtyField[algorithm.name];
+}
+
+function getMismatchedCrvField(algorithm) {
+    return mismatchedCrvField[algorithm.name];
+}
+
 var validKeyData = {
     "Ed25519": [
         {
@@ -412,3 +420,19 @@ var mismatchedJWKKeyData =  {
         },
     ],
 }
+
+// The 'kty' field doesn't match the key algorithm.
+var mismatchedKtyField =  {
+    "Ed25519": "EC",
+    "X25519": "EC",
+    "Ed448": "EC",
+    "X448": "EC",
+}
+
+// The 'kty' field doesn't match the key algorithm.
+var mismatchedCrvField =  {
+    "Ed25519": "X25519",
+    "X25519": "Ed448",
+    "Ed448": "X25519",
+    "X448": "Ed25519",
+}