Skip to content
/ node Public
forked from nodejs/node

Commit

Permalink
crypto: fix webcrypto generateKey() AES key length validation error
Browse files Browse the repository at this point in the history
PR-URL: nodejs#44170
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Tobias Nießen <[email protected]>
Backport-PR-URL: nodejs#44872
  • Loading branch information
panva committed Oct 8, 2022
1 parent 6648459 commit 272503f
Show file tree
Hide file tree
Showing 3 changed files with 7 additions and 681 deletions.
12 changes: 5 additions & 7 deletions lib/internal/crypto/aes.js
Original file line number Diff line number Diff line change
Expand Up @@ -60,11 +60,6 @@ const {
generateKey,
} = require('internal/crypto/keygen');

const {
validateInteger,
validateOneOf,
} = require('internal/validators');

const kMaxCounterLength = 128;
const kTagLengths = [32, 64, 96, 104, 112, 120, 128];

Expand Down Expand Up @@ -227,8 +222,11 @@ function aesCipher(mode, key, data, algorithm) {

async function aesGenerateKey(algorithm, extractable, keyUsages) {
const { name, length } = algorithm;
validateInteger(length, 'algorithm.length');
validateOneOf(length, 'algorithm.length', kAesKeyLengths);
if (!ArrayPrototypeIncludes(kAesKeyLengths, length)) {
throw lazyDOMException(
'AES key length must be 128, 192, or 256 bits',
'OperationError');
}

const checkUsages = ['wrapKey', 'unwrapKey'];
if (name !== 'AES-KW')
Expand Down
4 changes: 2 additions & 2 deletions test/parallel/test-webcrypto-keygen.js
Original file line number Diff line number Diff line change
Expand Up @@ -512,14 +512,14 @@ const vectors = {
[1, 100, 257].forEach(async (length) => {
await assert.rejects(
subtle.generateKey({ name, length }, true, usages), {
code: 'ERR_INVALID_ARG_VALUE'
name: 'OperationError'
});
});

['', {}, [], false, null, undefined].forEach(async (length) => {
await assert.rejects(
subtle.generateKey({ name, length }, true, usages), {
code: 'ERR_INVALID_ARG_TYPE'
name: 'OperationError',
});
});
}
Expand Down
Loading

0 comments on commit 272503f

Please sign in to comment.