-
Notifications
You must be signed in to change notification settings - Fork 29.8k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
crypto: make update(buf, enc) ignore encoding
Make the cipher/decipher/hash/hmac update() methods ignore the input encoding when the input is a buffer. This is the documented behavior but some inputs were rejected, notably when the specified encoding is 'hex' and the buffer has an odd length (because a _string_ with an odd length is never a valid hex string.) The sign/verify update() methods work okay because they use different validation logic. Fixes: #31751 PR-URL: #31766 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Tobias Nießen <[email protected]>
- Loading branch information
1 parent
83e9a3e
commit a727b13
Showing
3 changed files
with
30 additions
and
12 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
'use strict'; | ||
const common = require('../common'); | ||
|
||
if (!common.hasCrypto) | ||
common.skip('missing crypto'); | ||
|
||
const crypto = require('crypto'); | ||
|
||
const zeros = Buffer.alloc; | ||
const key = zeros(16); | ||
const iv = zeros(16); | ||
|
||
const cipher = () => crypto.createCipheriv('aes-128-cbc', key, iv); | ||
const decipher = () => crypto.createDecipheriv('aes-128-cbc', key, iv); | ||
const hash = () => crypto.createSign('sha256'); | ||
const hmac = () => crypto.createHmac('sha256', key); | ||
const sign = () => crypto.createSign('sha256'); | ||
const verify = () => crypto.createVerify('sha256'); | ||
|
||
for (const f of [cipher, decipher, hash, hmac, sign, verify]) | ||
for (const n of [15, 16]) | ||
f().update(zeros(n), 'hex'); // Should ignore inputEncoding. |