Skip to content

Commit 6416bcb

Browse files
mspornymsporny
committed
Remove unnecessary usages from public and private keys.
1 parent 1fcc98a commit 6416bcb

1 file changed

Lines changed: 4 additions & 13 deletions

File tree

lib/mldsa.js

Lines changed: 4 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -21,13 +21,11 @@ export function generateKey({algorithm} = {}) {
2121
publicKey: {
2222
type: 'public',
2323
algorithm,
24-
usages: ['verify'],
2524
_keyBytes: pubBytes,
2625
},
2726
secretKey: {
2827
type: 'private',
2928
algorithm,
30-
usages: ['sign'],
3129
_keyBytes: secBytes,
3230
_seedBytes: seed,
3331
}
@@ -36,7 +34,7 @@ export function generateKey({algorithm} = {}) {
3634

3735
// Signs data using ML-DSA.
3836
export function sign({secretKey, data} = {}) {
39-
_assertKey(secretKey, 'private', 'sign');
37+
_assertKey(secretKey, 'private');
4038
const {impl} = _getImpl(secretKey.algorithm);
4139
const msg = _toUint8Array(data);
4240
const sig = impl.sign(msg, secretKey._keyBytes);
@@ -45,7 +43,7 @@ export function sign({secretKey, data} = {}) {
4543

4644
// Verifies a signature over data using ML-DSA.
4745
export function verify({publicKey, signature, data} = {}) {
48-
_assertKey(publicKey, 'public', 'verify');
46+
_assertKey(publicKey, 'public');
4947
const {impl} = _getImpl(publicKey.algorithm);
5048
const msg = _toUint8Array(data);
5149
const sig = _toUint8Array(signature);
@@ -64,7 +62,6 @@ export function importKey({format, keyData, algorithm} = {}) {
6462
return {
6563
type: 'public',
6664
algorithm,
67-
usages: ['verify'],
6865
_keyBytes: _toUint8Array(keyData),
6966
};
7067
}
@@ -75,7 +72,6 @@ export function importKey({format, keyData, algorithm} = {}) {
7572
return {
7673
type: 'private',
7774
algorithm,
78-
usages: ['sign'],
7975
_keyBytes: secBytes,
8076
_seedBytes: seedBytes,
8177
};
@@ -93,7 +89,7 @@ export function exportKeyAsJwk({key} = {}) {
9389
const jwk = {
9490
kty: 'AKP',
9591
alg: key.algorithm,
96-
key_ops: key.usages,
92+
key_ops: key.type === 'public' ? ['verify'] : ['sign'],
9793
ext: true,
9894
};
9995
if(key.type === 'public') {
@@ -112,16 +108,13 @@ function _getImpl(algorithm) {
112108
return entry;
113109
}
114110

115-
function _assertKey(key, expectedType, expectedUsage) {
111+
function _assertKey(key, expectedType) {
116112
if(!key || typeof key !== 'object') {
117113
throw new TypeError('Invalid key.');
118114
}
119115
if(key.type !== expectedType) {
120116
throw new TypeError(`Expected a ${expectedType} key.`);
121117
}
122-
if(!key.usages.includes(expectedUsage)) {
123-
throw new TypeError(`Key does not have "${expectedUsage}" usage.`);
124-
}
125118
}
126119

127120
function _toUint8Array(data) {
@@ -157,7 +150,6 @@ function _importJwk({jwk, algorithm, impl}) {
157150
return {
158151
type: 'private',
159152
algorithm,
160-
usages: ['sign'],
161153
_keyBytes: secBytes,
162154
_seedBytes: seedBytes,
163155
};
@@ -169,7 +161,6 @@ function _importJwk({jwk, algorithm, impl}) {
169161
return {
170162
type: 'public',
171163
algorithm,
172-
usages: ['verify'],
173164
_keyBytes: base64url.decode(jwk.pub),
174165
};
175166
}

0 commit comments

Comments
 (0)