-
Notifications
You must be signed in to change notification settings - Fork 14
Enforce or remove algorithm Params classes #33
Comments
I agree that this needs to be considered. Regarding a way that we can easily use the dictionaries to help us validate input is to use I was thinking something like this could help?: 'use strict'
/**
* Dependencies
* @ignore
*/
const { JSONSchema, JSONDocument } = require('@trust/json-document')
/**
* Dictionary
*/
class Dictionary extends JSONDocument {
static get schema () {
return new JSONSchema({
type: 'object',
properties: {
name: { type: 'string' },
}
required: ['name']
})
}
}
class ExtendedDictionary extends Dictionary {
static get schema () {
return super.schema.extend({
properties: {
counter: { type: 'object' },
length: { type: 'number' },
},
required: ['name', 'counter', 'length']
})
}
constructor (alg, options) {
super(alg, options)
// Extra checks go here
}
}
class Other {
doSomething () {
let alg = new ExtendedDictionary(data)
let validation = alg.validate()
if (!validation.valid) {
let error = new Error('AesCtrParams validation failed')
error.validation = validation
throw error
}
if (!alg instanceof MyParamClass) {
throw new Error('alg parameter is not an instance of AesCtrParams')
}
}
} |
👍 to using json-document to check the parameters; was thinking the same thing. |
@thelunararmy and @EternalDeiwos, the dictionaries that are stubbed out are intended to be used for type checking. @dmitrizagidulin and I discussed using JSON Document for this back at the very beginning of sketching out this code and decided against it. It's very heavy for this purpose. The intention was initially to try and have the implemented algorithms match the control flow expressed in the W3C spec. But those algorithm descriptions make no reference of the dictionaries defined in IDL. So we haven't glued them together. What we need to do is refactor the specific algorithm classes to use the dictionaries for type checking, which will satisfy some of the same steps explicitly in the specs, but it makes the control flow less explicit in comparison. I avoided this refactoring for a while to see if we were going the right direction. Perhaps now is the right time to follow through. Let's sort it out in a pairing session. |
@dmitrizagidulin – still thinking we should use these dictionary classes, but for further consideration and record of what's transpired in conversation, what was the library you mentioned that compiles WebIDL into js "types"? |
@christiansmith I was thinking of this one - https://github.com/jsdom/webidl2js |
Every instance of an algorithm class uses an imported 'algorithm parameter' class object for use in various functions as a parameter.
For example in
RSASSA_PKCS1_v1_5
'sgenerateKey
uses aRsaHashedKeyGenParams
.And...
In
AES_CBC
'sdecrypt
uses aAesKeyAlgorithm
.The problem is that there is absolutely no type checking within these function calls and it is perfectly acceptable to pass in a new object with any attributes. This causes an intrinsic need for type checking and validation at the start of every one of these function calls since there is surety of these Param objects.
At some point we should investigate writing some supported system to ensure that these param objects are indeed created and passed in correctly; or go back to all the existing algorithms and ensure there are parameter type checks present at every function call. Currently only newer algorithms (
AES-CTR
onward) have these checks in place.Take a look at
AES_CBC
's decrypt call:This would require either:
algorithm
parameter be ensured to be anAesKeyAlgorithm
object with correct fields present, orif
statement to havealgorithm.iv instanceof ArrayBuffer
before doing thebyteLength
check, with corresponding check with every first time use of an algorithm parameter@christiansmith Your input would be greatly appreciated
The text was updated successfully, but these errors were encountered: