unwrapKey treats unwrappingKey like unwrappedKey

[moritonal]

Hi everyone. I'm using webcrypto as a reference library between server & client for a very light project to do with performing a simple Diffie-Hellman exchange.

In this I've found that the unwrapKey function performs differently between this library and most browsers. When using the unwrap function with an RSA key to wrap a AES key the library reacts like the RSA key is the one being unwrapped and imported.

I investigated and discovered this was most likely due to this line within SubtleCrypto.js where both the normalizedAlgorithm and normalizedKeyAlgorithm are set to the unwrapAlgorithm.

I'm fairly sure the fix to this is swapping normalizedKeyAlgorithm to unwrappedKeyAlgorithm. I'll attach a pull-request for this fix along with a corresponding test.

Please fire away if this is my mistake, I am by no means even slightly an expert on these matters.
Tom

[thelunararmy]

Fixed in 0508e91