crypto: handle more webcrypto errors with OperationError

PR-URL: nodejs#45320
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Backport-PR-URL: nodejs#47336

Author: panva

lib/internal/crypto/aes.js

@@ -124,7 +124,7 @@ function asyncAesCtrCipher(mode, key, data, { counter, length }) {
       'OperationError');
   }
 
-  return jobPromise(new AESCipherJob(
+  return jobPromise(() => new AESCipherJob(
     kCryptoJobAsync,
     mode,
     key[kKeyObject][kHandle],
@@ -137,7 +137,7 @@ function asyncAesCtrCipher(mode, key, data, { counter, length }) {
 function asyncAesCbcCipher(mode, key, data, { iv }) {
   iv = getArrayBufferOrView(iv, 'algorithm.iv');
   validateByteLength(iv, 'algorithm.iv', 16);
-  return jobPromise(new AESCipherJob(
+  return jobPromise(() => new AESCipherJob(
     kCryptoJobAsync,
     mode,
     key[kKeyObject][kHandle],
@@ -147,7 +147,7 @@ function asyncAesCbcCipher(mode, key, data, { iv }) {
 }
 
 function asyncAesKwCipher(mode, key, data) {
-  return jobPromise(new AESCipherJob(
+  return jobPromise(() => new AESCipherJob(
     kCryptoJobAsync,
     mode,
     key[kKeyObject][kHandle],
@@ -201,7 +201,7 @@ function asyncAesGcmCipher(
       break;
   }
 
-  return jobPromise(new AESCipherJob(
+  return jobPromise(() => new AESCipherJob(
     kCryptoJobAsync,
     mode,
     key[kKeyObject][kHandle],

lib/internal/crypto/cfrg.js

@@ -194,7 +194,7 @@ async function cfrgGenerateKey(algorithm, extractable, keyUsages) {
 
 function cfrgExportKey(key, format) {
   emitExperimentalWarning(`The ${key.algorithm.name} Web Crypto API algorithm`);
-  return jobPromise(new ECKeyExportJob(
+  return jobPromise(() => new ECKeyExportJob(
     kCryptoJobAsync,
     format,
     key[kKeyObject][kHandle]));
@@ -323,7 +323,7 @@ function eddsaSignVerify(key, data, { name, context }, signature) {
     }
   }
 
-  return jobPromise(new SignJob(
+  return jobPromise(() => new SignJob(
     kCryptoJobAsync,
     mode,
     key[kKeyObject][kHandle],

lib/internal/crypto/diffiehellman.js

@@ -377,7 +377,11 @@ async function asyncDeriveBitsECDH(algorithm, baseKey, length) {
       key.algorithm.name === 'ECDH' ? baseKey.algorithm.namedCurve : baseKey.algorithm.name,
       key[kKeyObject][kHandle],
       baseKey[kKeyObject][kHandle], (err, bits) => {
-        if (err) return reject(err);
+        if (err) {
+          return reject(lazyDOMException(
+            'The operation failed for an operation-specific reason',
+            'OperationError'));
+        }
         resolve(bits);
       });
   });

lib/internal/crypto/ec.js

@@ -151,7 +151,7 @@ async function ecGenerateKey(algorithm, extractable, keyUsages) {
 }
 
 function ecExportKey(key, format) {
-  return jobPromise(new ECKeyExportJob(
+  return jobPromise(() => new ECKeyExportJob(
     kCryptoJobAsync,
     format,
     key[kKeyObject][kHandle]));
@@ -286,7 +286,7 @@ function ecdsaSignVerify(key, data, { name, hash }, signature) {
     throw new ERR_MISSING_OPTION('algorithm.hash');
   const hashname = normalizeHashName(hash.name);
 
-  return jobPromise(new SignJob(
+  return jobPromise(() => new SignJob(
     kCryptoJobAsync,
     mode,
     key[kKeyObject][kHandle],

lib/internal/crypto/hash.js

@@ -183,7 +183,7 @@ async function asyncDigest(algorithm, data) {
     case 'SHA-384':
       // Fall through
     case 'SHA-512':
-      return jobPromise(new HashJob(
+      return jobPromise(() => new HashJob(
         kCryptoJobAsync,
         normalizeHashName(algorithm.name),
         data,

lib/internal/crypto/mac.js

@@ -184,7 +184,7 @@ async function hmacImportKey(
 
 function hmacSignVerify(key, data, algorithm, signature) {
   const mode = signature === undefined ? kSignJobModeSign : kSignJobModeVerify;
-  return jobPromise(new HmacJob(
+  return jobPromise(() => new HmacJob(
     kCryptoJobAsync,
     mode,
     normalizeHashName(key.algorithm.hash.name),

lib/internal/crypto/rsa.js

@@ -116,7 +116,7 @@ function rsaOaepCipher(mode, key, data, { label }) {
     validateMaxBufferLength(label, 'algorithm.label');
   }
 
-  return jobPromise(new RSACipherJob(
+  return jobPromise(() => new RSACipherJob(
     kCryptoJobAsync,
     mode,
     key[kKeyObject][kHandle],
@@ -224,7 +224,7 @@ async function rsaKeyGenerate(
 }
 
 function rsaExportKey(key, format) {
-  return jobPromise(new RSAKeyExportJob(
+  return jobPromise(() => new RSAKeyExportJob(
     kCryptoJobAsync,
     format,
     key[kKeyObject][kHandle],
@@ -347,7 +347,7 @@ function rsaSignVerify(key, data, { saltLength }, signature) {
   if (key.type !== type)
     throw lazyDOMException(`Key must be a ${type} key`, 'InvalidAccessError');
 
-  return jobPromise(new SignJob(
+  return jobPromise(() => new SignJob(
     kCryptoJobAsync,
     signature === undefined ? kSignJobModeSign : kSignJobModeVerify,
     key[kKeyObject][kHandle],

lib/internal/crypto/util.js

@@ -287,10 +287,15 @@ function onDone(resolve, reject, err, result) {
   resolve(result);
 }
 
-function jobPromise(job) {
+function jobPromise(getJob) {
   return new Promise((resolve, reject) => {
-    job.ondone = FunctionPrototypeBind(onDone, job, resolve, reject);
-    job.run();
+    try {
+      const job = getJob();
+      job.ondone = FunctionPrototypeBind(onDone, job, resolve, reject);
+      job.run();
+    } catch (err) {
+      onDone(resolve, reject, err);
+    }
   });
 }
 

test/parallel/test-webcrypto-digest.js

@@ -83,7 +83,7 @@ Promise.all([1, [], {}, null, undefined].map((i) =>
 // addition to the API, and is added as a support for future additional
 // hash algorithms that support variable digest output lengths.
 assert.rejects(subtle.digest({ name: 'SHA-512', length: 510 }, kData), {
-  message: /Digest method not supported/
+  name: 'OperationError',
 }).then(common.mustCall());
 
 const kSourceData = {