From cf1e907bba549a875f690de748e81f2f4b509ff8 Mon Sep 17 00:00:00 2001
From: Filip Skokan <panva.ip@gmail.com>
Date: Mon, 21 Nov 2022 23:30:21 +0100
Subject: [PATCH] crypto: validate CFRG webcrypto JWK import "d" and "x" are a
 pair
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR-URL: https://github.com/nodejs/node/pull/45569
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Backport-PR-URL: https://github.com/nodejs/node/pull/47336
---
 lib/internal/crypto/cfrg.js | 22 +++++++++++++++++-----
 1 file changed, 17 insertions(+), 5 deletions(-)

diff --git a/lib/internal/crypto/cfrg.js b/lib/internal/crypto/cfrg.js
index 8264142128848d..13e819d82c66ae 100644
--- a/lib/internal/crypto/cfrg.js
+++ b/lib/internal/crypto/cfrg.js
@@ -301,12 +301,24 @@ async function cfrgImportKey(
         name,
         isPublic ? 'public' : 'private',
         usagesSet);
-      keyObject = createCFRGRawKey(
+
+      const publicKeyObject = createCFRGRawKey(
         name,
-        Buffer.from(
-          isPublic ? keyData.x : keyData.d,
-          'base64'),
-        isPublic);
+        Buffer.from(keyData.x, 'base64'),
+        true);
+
+      if (isPublic) {
+        keyObject = publicKeyObject;
+      } else {
+        keyObject = createCFRGRawKey(
+          name,
+          Buffer.from(keyData.d, 'base64'),
+          false);
+
+        if (!createPublicKey(keyObject).equals(publicKeyObject)) {
+          throw lazyDOMException('Invalid JWK keyData', 'DataError');
+        }
+      }
       break;
     }
     case 'raw': {