From 98ff5ac1859785ac41bfb05655f9ea4673a24263 Mon Sep 17 00:00:00 2001 From: Antoine du Hamel Date: Fri, 19 Mar 2021 12:06:50 +0100 Subject: [PATCH] crypto: fix DiffieHellman argument validation Fixes: https://github.com/nodejs/node/issues/37808 PR-URL: https://github.com/nodejs/node/pull/37810 Reviewed-By: James M Snell Reviewed-By: Filip Skokan Reviewed-By: Darshan Sen Reviewed-By: Benjamin Gruenbaum --- lib/internal/crypto/diffiehellman.js | 14 +++++++++++--- test/parallel/test-crypto-dh.js | 6 ++++++ 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/lib/internal/crypto/diffiehellman.js b/lib/internal/crypto/diffiehellman.js index 1132b090d36d16..e2106b211ba01b 100644 --- a/lib/internal/crypto/diffiehellman.js +++ b/lib/internal/crypto/diffiehellman.js @@ -118,12 +118,20 @@ function DiffieHellman(sizeOrKey, keyEncoding, generator, genEncoding) { if (typeof sizeOrKey !== 'number') sizeOrKey = toBuf(sizeOrKey, keyEncoding); - if (!generator) + if (!generator) { generator = DH_GENERATOR; - else if (typeof generator === 'number') + } else if (typeof generator === 'number') { validateInt32(generator, 'generator'); - else + } else if (generator !== true) { generator = toBuf(generator, genEncoding); + } else { + throw new ERR_INVALID_ARG_TYPE( + 'generator', + ['number', 'string', 'ArrayBuffer', 'Buffer', 'TypedArray', 'DataView'], + generator + ); + } + this[kHandle] = new _DiffieHellman(sizeOrKey, generator); ObjectDefineProperty(this, 'verifyError', { diff --git a/test/parallel/test-crypto-dh.js b/test/parallel/test-crypto-dh.js index d08d07de4f8063..92687b448c4ea1 100644 --- a/test/parallel/test-crypto-dh.js +++ b/test/parallel/test-crypto-dh.js @@ -489,3 +489,9 @@ assert.throws( 'crypto.getDiffieHellman(\'modp1\').setPublicKey(\'\') ' + 'failed to throw the expected error.' ); +assert.throws( + () => crypto.createDiffieHellman('', true), + { + code: 'ERR_INVALID_ARG_TYPE' + } +);