Skip to content

Commit

Permalink
crypto: throw on invalid authentication tag length
Browse files Browse the repository at this point in the history
Refs: #17523

PR-URL: #17825
Reviewed-By: Ben Noordhuis <[email protected]>
Reviewed-By: Joyee Cheung <[email protected]>
Reviewed-By: James M Snell <[email protected]>
  • Loading branch information
tniessen authored and jasnell committed Apr 14, 2018
1 parent 2b0825e commit d81a7b4
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 17 deletions.
7 changes: 3 additions & 4 deletions src/node_crypto.cc
Original file line number Diff line number Diff line change
Expand Up @@ -2912,11 +2912,10 @@ void CipherBase::SetAuthTag(const FunctionCallbackInfo<Value>& args) {
const int mode = EVP_CIPHER_CTX_mode(cipher->ctx_);
if (mode == EVP_CIPH_GCM_MODE) {
if (tag_len > 16 || (tag_len < 12 && tag_len != 8 && tag_len != 4)) {
char msg[125];
char msg[50];
snprintf(msg, sizeof(msg),
"Permitting authentication tag lengths of %u bytes is deprecated. "
"Valid GCM tag lengths are 4, 8, 12, 13, 14, 15, 16.", tag_len);
ProcessEmitDeprecationWarning(cipher->env(), msg, "DEP0090");
"Invalid GCM authentication tag length: %u", tag_len);
return cipher->env()->ThrowError(msg);
}
}

Expand Down
26 changes: 13 additions & 13 deletions test/parallel/test-crypto-authenticated.js
Original file line number Diff line number Diff line change
Expand Up @@ -534,13 +534,8 @@ const expectedWarnings = common.hasFipsCrypto ?
['Use Cipheriv for counter mode of aes-256-ccm', common.noWarnCode]
];

const expectedDeprecationWarnings = [0, 1, 2, 6, 9, 10, 11, 17]
.map((i) => [`Permitting authentication tag lengths of ${i} bytes is ` +
'deprecated. Valid GCM tag lengths are 4, 8, 12, 13, 14, 15, 16.',
'DEP0090']);

expectedDeprecationWarnings.push(['crypto.DEFAULT_ENCODING is deprecated.',
'DEP0091']);
const expectedDeprecationWarnings = ['crypto.DEFAULT_ENCODING is deprecated.',
'DEP0091'];

common.expectWarning({
Warning: expectedWarnings,
Expand Down Expand Up @@ -719,13 +714,18 @@ for (const test of TEST_CASES) {
}

// GCM only supports specific authentication tag lengths, invalid lengths should
// produce warnings.
// throw.
{
for (const length of [0, 1, 2, 4, 6, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17]) {
const decrypt = crypto.createDecipheriv('aes-256-gcm',
'FxLKsqdmv0E9xrQhp0b1ZgI0K7JFZJM8',
'qkuZpJWCewa6Szih');
decrypt.setAuthTag(Buffer.from('1'.repeat(length)));
for (const length of [0, 1, 2, 6, 9, 10, 11, 17]) {
common.expectsError(() => {
const decrypt = crypto.createDecipheriv('aes-128-gcm',
'FxLKsqdmv0E9xrQh',
'qkuZpJWCewa6Szih');
decrypt.setAuthTag(Buffer.from('1'.repeat(length)));
}, {
type: Error,
message: `Invalid GCM authentication tag length: ${length}`
});
}
}

Expand Down

0 comments on commit d81a7b4

Please sign in to comment.