[DOM] WebCrypto: Check decoded key type before using it.

Just in case someone forces the wrong key type and misuses WebCrypto. It won't be usable anyway so better to throw.
author: Moonchild <moonchild@palemoon.org> 2023-02-21 21:07:04 +0100
committer: Moonchild <moonchild@palemoon.org> 2023-02-21 21:07:04 +0100
commit: 5b21c547de14f8d1cde62b9f247d8fd413bf8b83 (patch)
tree: 5f2ea2200a286728a930e8d812f0fe8cadf53f33 /dom/crypto
parent: ee7201bbb454985018f4ff3d4dc67d1cfd404687 (diff)
download: uxp-5b21c547de14f8d1cde62b9f247d8fd413bf8b83.tar.gz
1 files changed, 8 insertions, 0 deletions
diff --git a/dom/crypto/WebCryptoTask.cpp b/dom/crypto/WebCryptoTask.cpp
index ad81b6d4c6..ed47325f8d 100644
--- a/dom/crypto/WebCryptoTask.cpp
+++ b/dom/crypto/WebCryptoTask.cpp
@@ -1741,6 +1741,10 @@ private:
       return NS_ERROR_DOM_SYNTAX_ERR;
     }
 
+    if (pubKey->keyType != rsaKey) {
+      return NS_ERROR_DOM_DATA_ERR;
+    }
+
     // Extract relevant information from the public key
     mModulusLength = 8 * pubKey->u.rsa.modulus.len;
     if (!mPublicExponent.Assign(&pubKey->u.rsa.publicExponent)) {
@@ -1874,6 +1878,10 @@ private:
       }
 
       if (mFormat.EqualsLiteral(WEBCRYPTO_KEY_FORMAT_SPKI)) {
+        if (pubKey->keyType != ecKey) {
+          return NS_ERROR_DOM_DATA_ERR;
+        }
+
         if (!CheckEncodedECParameters(&pubKey->u.ec.DEREncodedParams)) {
           return NS_ERROR_DOM_OPERATION_ERR;
         }
author	Moonchild <moonchild@palemoon.org>	2023-02-21 21:07:04 +0100
committer	Moonchild <moonchild@palemoon.org>	2023-02-21 21:07:04 +0100
commit	5b21c547de14f8d1cde62b9f247d8fd413bf8b83 (patch)
tree	5f2ea2200a286728a930e8d812f0fe8cadf53f33 /dom/crypto
parent	ee7201bbb454985018f4ff3d4dc67d1cfd404687 (diff)
download	uxp-5b21c547de14f8d1cde62b9f247d8fd413bf8b83.tar.gz