crypto: deduplicate and canonicalize CryptoKey usages

panva · web-flow · commit fe7ebccd0ce8 · 2026-04-25T07:14:46.000Z
Fixes: #62899 Signed-off-by: Filip Skokan <panva.ip@gmail.com> PR-URL: #62902 Fixes: #62899 Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com> Reviewed-By: Сковорода Никита Андреевич <chalkerx@gmail.com> Reviewed-By: Daeyeon Jeong <daeyeon.dev@gmail.com>
diff --git a/lib/internal/crypto/aes.js b/lib/internal/crypto/aes.js
@@ -1,7 +1,6 @@
 'use strict';
 
 const {
-  ArrayFrom,
   ArrayPrototypePush,
   SafeSet,
 } = primordials;
@@ -210,7 +209,7 @@ async function aesGenerateKey(algorithm, extractable, keyUsages) {
   return new InternalCryptoKey(
     key,
     { name, length },
-    ArrayFrom(usagesSet),
+    usagesSet,
     extractable);
 }
 
@@ -285,7 +284,7 @@ function aesImportKey(
   return new InternalCryptoKey(
     keyObject,
     { name, length },
-    keyUsages,
+    usagesSet,
     extractable);
 }
 
diff --git a/lib/internal/crypto/cfrg.js b/lib/internal/crypto/cfrg.js
@@ -134,7 +134,7 @@ async function cfrgGenerateKey(algorithm, extractable, keyUsages) {
     case 'X25519':
       // Fall through
     case 'X448':
-      publicUsages = [];
+      publicUsages = new SafeSet();
       privateUsages = getUsagesUnion(usageSet, 'deriveKey', 'deriveBits');
       break;
   }
@@ -245,7 +245,7 @@ function cfrgImportKey(
   return new InternalCryptoKey(
     keyObject,
     { name },
-    keyUsages,
+    usagesSet,
     extractable);
 }
 
diff --git a/lib/internal/crypto/chacha20_poly1305.js b/lib/internal/crypto/chacha20_poly1305.js
@@ -1,7 +1,6 @@
 'use strict';
 
 const {
-  ArrayFrom,
   SafeSet,
 } = primordials;
 
@@ -81,7 +80,7 @@ async function c20pGenerateKey(algorithm, extractable, keyUsages) {
   return new InternalCryptoKey(
     createSecretKey(keyData),
     { name },
-    ArrayFrom(usagesSet),
+    usagesSet,
     extractable);
 }
 
@@ -140,7 +139,7 @@ function c20pImportKey(
   return new InternalCryptoKey(
     keyObject,
     { name },
-    keyUsages,
+    usagesSet,
     extractable);
 }
 
diff --git a/lib/internal/crypto/ec.js b/lib/internal/crypto/ec.js
@@ -119,7 +119,7 @@ async function ecGenerateKey(algorithm, extractable, keyUsages) {
       privateUsages = getUsagesUnion(usageSet, 'sign');
       break;
     case 'ECDH':
-      publicUsages = [];
+      publicUsages = new SafeSet();
       privateUsages = getUsagesUnion(usageSet, 'deriveKey', 'deriveBits');
       break;
   }
@@ -271,7 +271,7 @@ function ecImportKey(
   return new InternalCryptoKey(
     keyObject,
     { name, namedCurve },
-    keyUsages,
+    usagesSet,
     extractable);
 }
 
diff --git a/lib/internal/crypto/keys.js b/lib/internal/crypto/keys.js
@@ -61,6 +61,7 @@ const {
   bigIntArrayToUnsignedBigInt,
   normalizeAlgorithm,
   hasAnyNotIn,
+  getSortedUsages,
 } = require('internal/crypto/util');
 
 const {
@@ -901,7 +902,7 @@ class InternalCryptoKey {
         keyObject,
         algorithm,
         extractable,
-        keyUsages,
+        getSortedUsages(new SafeSet(keyUsages)),
       );
     }
   }
@@ -967,7 +968,7 @@ function importGenericSecretKey(
       return undefined;
   }
 
-  return new InternalCryptoKey(keyObject, { name }, keyUsages, false);
+  return new InternalCryptoKey(keyObject, { name }, usagesSet, false);
 }
 
 module.exports = {
diff --git a/lib/internal/crypto/mac.js b/lib/internal/crypto/mac.js
@@ -1,7 +1,6 @@
 'use strict';
 
 const {
-  ArrayFrom,
   SafeSet,
   StringPrototypeSubstring,
 } = primordials;
@@ -81,7 +80,7 @@ async function hmacGenerateKey(algorithm, extractable, keyUsages) {
   return new InternalCryptoKey(
     key,
     { name, length, hash },
-    ArrayFrom(usageSet),
+    usageSet,
     extractable);
 }
 
@@ -115,7 +114,7 @@ async function kmacGenerateKey(algorithm, extractable, keyUsages) {
   return new InternalCryptoKey(
     createSecretKey(keyData),
     { name, length },
-    ArrayFrom(usageSet),
+    usageSet,
     extractable);
 }
 
@@ -196,7 +195,7 @@ function macImportKey(
   return new InternalCryptoKey(
     keyObject,
     algorithmObject,
-    keyUsages,
+    usagesSet,
     extractable);
 }
 
diff --git a/lib/internal/crypto/ml_dsa.js b/lib/internal/crypto/ml_dsa.js
@@ -203,7 +203,7 @@ function mlDsaImportKey(
   return new InternalCryptoKey(
     keyObject,
     { name },
-    keyUsages,
+    usagesSet,
     extractable);
 }
 
diff --git a/lib/internal/crypto/ml_kem.js b/lib/internal/crypto/ml_kem.js
@@ -69,8 +69,8 @@ async function mlKemGenerateKey(algorithm, extractable, keyUsages) {
       { name: 'OperationError', cause: err });
   }
 
-  const publicUsages = getUsagesUnion(usageSet, 'encapsulateBits', 'encapsulateKey');
-  const privateUsages = getUsagesUnion(usageSet, 'decapsulateBits', 'decapsulateKey');
+  const publicUsages = getUsagesUnion(usageSet, 'encapsulateKey', 'encapsulateBits');
+  const privateUsages = getUsagesUnion(usageSet, 'decapsulateKey', 'decapsulateBits');
 
   const keyAlgorithm = { name };
 
@@ -202,7 +202,7 @@ function mlKemImportKey(
   return new InternalCryptoKey(
     keyObject,
     { name },
-    keyUsages,
+    usagesSet,
     extractable);
 }
 
diff --git a/lib/internal/crypto/rsa.js b/lib/internal/crypto/rsa.js
@@ -281,7 +281,7 @@ function rsaImportKey(
     modulusLength,
     publicExponent: new Uint8Array(publicExponent),
     hash: algorithm.hash,
-  }, keyUsages, extractable);
+  }, usagesSet, extractable);
 }
 
 async function rsaSignVerify(key, data, { saltLength }, signature) {
diff --git a/lib/internal/crypto/util.js b/lib/internal/crypto/util.js
@@ -3,6 +3,7 @@
 const {
   ArrayBufferIsView,
   ArrayBufferPrototypeGetByteLength,
+  ArrayFrom,
   ArrayPrototypeIncludes,
   ArrayPrototypePush,
   BigInt,
@@ -16,6 +17,7 @@ const {
   ObjectKeys,
   ObjectPrototypeHasOwnProperty,
   PromiseWithResolvers,
+  SafeSet,
   StringPrototypeToUpperCase,
   Symbol,
   TypedArrayPrototypeGetBuffer,
@@ -718,14 +720,40 @@ function getStringOption(options, key) {
 }
 
 function getUsagesUnion(usageSet, ...usages) {
-  const newset = [];
+  const newset = new SafeSet();
   for (let n = 0; n < usages.length; n++) {
     if (usageSet.has(usages[n]))
-      ArrayPrototypePush(newset, usages[n]);
+      newset.add(usages[n]);
   }
   return newset;
 }
 
+const kCanonicalUsageOrder = new SafeSet([
+  'encrypt', 'decrypt',
+  'sign', 'verify',
+  'deriveKey', 'deriveBits',
+  'wrapKey', 'unwrapKey',
+  'encapsulateKey', 'encapsulateBits',
+  'decapsulateKey', 'decapsulateBits',
+]);
+
+/**
+ * Returns the usages from `usageSet` as an array in the canonical order
+ * defined by {@link kCanonicalUsageOrder}.
+ * @param {SafeSet<string>} usageSet
+ * @returns {string[]}
+ */
+function getSortedUsages(usageSet) {
+  if (usageSet.size <= 1) {
+    return ArrayFrom(usageSet);
+  }
+  const result = [];
+  for (const usage of kCanonicalUsageOrder) {
+    if (usageSet.has(usage)) ArrayPrototypePush(result, usage);
+  }
+  return result;
+}
+
 function getBlockSize(name) {
   switch (name) {
     case 'SHA-1':
@@ -842,6 +870,7 @@ module.exports = {
   getDigestSizeInBytes,
   getStringOption,
   getUsagesUnion,
+  getSortedUsages,
   secureHeapUsed,
   getCachedHashId,
   getHashCache,
diff --git a/test/parallel/test-webcrypto-deduplicate-usages.js b/test/parallel/test-webcrypto-deduplicate-usages.js
diff --git a/test/parallel/test-webcrypto-keygen.js b/test/parallel/test-webcrypto-keygen.js

Original file line number	Diff line number	Diff line change
`@@ -61,6 +61,7 @@ const {`
`61`	`61`	`bigIntArrayToUnsignedBigInt,`
`62`	`62`	`normalizeAlgorithm,`
`63`	`63`	`hasAnyNotIn,`
	`64`	`+ getSortedUsages,`
`64`	`65`	`} = require('internal/crypto/util');`
`65`	`66`
`66`	`67`	`const {`
`@@ -901,7 +902,7 @@ class InternalCryptoKey {`
`901`	`902`	`keyObject,`
`902`	`903`	`algorithm,`
`903`	`904`	`extractable,`
`904`		`- keyUsages,`
	`905`	`+ getSortedUsages(new SafeSet(keyUsages)),`
`905`	`906`	`);`
`906`	`907`	`}`
`907`	`908`	`}`
`@@ -967,7 +968,7 @@ function importGenericSecretKey(`
`967`	`968`	`return undefined;`
`968`	`969`	`}`
`969`	`970`
`970`		`- return new InternalCryptoKey(keyObject, { name }, keyUsages, false);`
	`971`	`+ return new InternalCryptoKey(keyObject, { name }, usagesSet, false);`
`971`	`972`	`}`
`972`	`973`
`973`	`974`	`module.exports = {`
Original file line number	Diff line number	Diff line change
`@@ -203,7 +203,7 @@ function mlDsaImportKey(`
`203`	`203`	`return new InternalCryptoKey(`
`204`	`204`	`keyObject,`
`205`	`205`	`{ name },`
`206`		`- keyUsages,`
	`206`	`+ usagesSet,`
`207`	`207`	`extractable);`
`208`	`208`	`}`
`209`	`209`
Original file line number	Diff line number	Diff line change
`@@ -281,7 +281,7 @@ function rsaImportKey(`
`281`	`281`	`modulusLength,`
`282`	`282`	`publicExponent: new Uint8Array(publicExponent),`
`283`	`283`	`hash: algorithm.hash,`
`284`		`- }, keyUsages, extractable);`
	`284`	`+ }, usagesSet, extractable);`
`285`	`285`	`}`
`286`	`286`
`287`	`287`	`async function rsaSignVerify(key, data, { saltLength }, signature) {`