fix(subtle): tighten WebCrypto JWK import validation across all importers

Address review feedback on PQC JWK import/export PR (#996):

- Centralize JWK structural validation in `validateJwkStructure`:
  - `ext`: existing
  - `use`: new — must match algorithm's expected use ('sig' or 'enc')
    when usages are non-empty (mirrors Node's `validateJwk`)
  - `key_ops`: new duplicate detection per Node's `validateKeyOps`
- Reorder validation in all 8 importers (kmac, rsa, hmac, aes, ec, ed,
  mldsa, mlkem) so JWK structure (kty/use/key_ops/ext/alg) is checked
  before key-usage validation — matches Node and the WebCrypto spec.
- Wrap every `handle.initJwk()` call site in try/catch so C++ errors
  surface as `DataError` DOMExceptions, not generic `Error`s.
- Add type guard in `pqcIsPublicImport` so a non-object passed at
  `format === 'jwk'` is not silently treated as a public key.
- Fix `lazyDOMException` to format the object-form domName correctly
  (was producing `[object Object]` in the message).

Author: boorad

packages/react-native-quick-crypto/cpp/keys/HybridKeyObjectHandle.cpp

@@ -365,7 +365,7 @@ JWK HybridKeyObjectHandle::exportJwk(const JWK& key, bool handleRsaPss) {
   }
 
 #if OPENSSL_VERSION_NUMBER >= 0x30500000L
-  // Export AKP keys (ML-DSA, ML-KEM) per draft-ietf-cose-dilithium and RFC 9269
+  // Export AKP keys (ML-DSA, ML-KEM)
   {
     const char* typeName = EVP_PKEY_get0_type_name(pkey.get());
     if (typeName != nullptr) {

packages/react-native-quick-crypto/src/ec.ts

@@ -27,6 +27,7 @@ import {
   kNamedCurveAliases,
   lazyDOMException,
   normalizeHashName,
+  validateJwkStructure,
   HashContext,
   KeyEncoding,
   KFormatType,
@@ -93,36 +94,27 @@ export function ecImportKey(
     throw lazyDOMException('Unrecognized namedCurve', 'NotSupportedError');
   }
 
-  // Handle JWK format
   if (format === 'jwk') {
     const jwk = keyData as JWK;
 
-    // Validate JWK
+    if (!jwk || typeof jwk !== 'object') {
+      throw lazyDOMException('Invalid keyData', 'DataError');
+    }
     if (jwk.kty !== 'EC') {
       throw lazyDOMException('Invalid JWK "kty" Parameter', 'DataError');
     }
-
     if (jwk.crv !== namedCurve) {
       throw lazyDOMException(
         'JWK "crv" does not match the requested algorithm',
         'DataError',
       );
     }
+    const expectedUse = name === 'ECDH' ? 'enc' : 'sig';
+    validateJwkStructure(jwk, extractable, keyUsages, expectedUse);
 
-    // Check use parameter if present
-    if (jwk.use !== undefined) {
-      const expectedUse = name === 'ECDH' ? 'enc' : 'sig';
-      if (jwk.use !== expectedUse) {
-        throw lazyDOMException('Invalid JWK "use" Parameter', 'DataError');
-      }
-    }
-
-    // Check alg parameter if present
     if (jwk.alg !== undefined) {
       let expectedAlg: string | undefined;
-
       if (name === 'ECDSA') {
-        // Map namedCurve to expected ECDSA algorithm
         expectedAlg =
           namedCurve === 'P-256'
             ? 'ES256'
@@ -132,56 +124,69 @@ export function ecImportKey(
                 ? 'ES512'
                 : undefined;
       } else if (name === 'ECDH') {
-        // ECDH uses ECDH-ES algorithm
         expectedAlg = 'ECDH-ES';
       }
-
-      if (expectedAlg && jwk.alg !== undefined && jwk.alg !== expectedAlg) {
+      if (expectedAlg && jwk.alg !== expectedAlg) {
         throw lazyDOMException(
           'JWK "alg" does not match the requested algorithm',
           'DataError',
         );
       }
     }
 
-    // Import using C++ layer
+    const isPublicJwk = jwk.d === undefined;
+    const validUsagesJwk: KeyUsage[] =
+      name === 'ECDSA'
+        ? isPublicJwk
+          ? ['verify']
+          : ['sign']
+        : isPublicJwk
+          ? []
+          : ['deriveKey', 'deriveBits'];
+    if (hasAnyNotIn(keyUsages, validUsagesJwk)) {
+      throw lazyDOMException(
+        `Unsupported key usage for a ${name} key`,
+        'SyntaxError',
+      );
+    }
+
     const handle =
       NitroModules.createHybridObject<KeyObjectHandle>('KeyObjectHandle');
-    const keyType = handle.initJwk(jwk, namedCurve as NamedCurve);
-
+    let keyType: number | undefined;
+    try {
+      keyType = handle.initJwk(jwk, namedCurve as NamedCurve);
+    } catch (err) {
+      throw lazyDOMException('Invalid keyData', {
+        name: 'DataError',
+        cause: err,
+      });
+    }
     if (keyType === undefined) {
-      throw lazyDOMException('Invalid JWK', 'DataError');
+      throw lazyDOMException('Invalid keyData', 'DataError');
     }
 
-    // Create the appropriate KeyObject based on type
     let keyObject: KeyObject;
     if (keyType === 1) {
       keyObject = new PublicKeyObject(handle);
     } else if (keyType === 2) {
       keyObject = new PrivateKeyObject(handle);
     } else {
-      throw lazyDOMException(
-        'Unexpected key type from JWK import',
-        'DataError',
-      );
+      throw lazyDOMException('Invalid keyData', 'DataError');
     }
 
     return new CryptoKey(keyObject, algorithm, keyUsages, extractable);
   }
 
-  // Handle binary formats (spki, pkcs8, raw)
   if (format !== 'spki' && format !== 'pkcs8' && format !== 'raw') {
     throw lazyDOMException(
       `Unsupported format: ${format}`,
       'NotSupportedError',
     );
   }
 
-  // Determine expected key type based on format
   const expectedKeyType =
     format === 'spki' || format === 'raw' ? 'public' : 'private';
 
-  // Validate usages for the key type
   const isPublicKey = expectedKeyType === 'public';
   let validUsages: KeyUsage[];