From 680718ccd711b2858aa2bebca51c3b805f7f56d4 Mon Sep 17 00:00:00 2001 From: Filip Skokan Date: Mon, 8 Aug 2022 12:06:45 +0200 Subject: [PATCH] crypto: fix webcrypto generateKey() AES key length validation error MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit PR-URL: /~https://github.com/nodejs/node/pull/44170 Reviewed-By: James M Snell Reviewed-By: Tobias Nießen Backport-PR-URL: /~https://github.com/nodejs/node/pull/44835 --- lib/internal/crypto/aes.js | 12 +++++------- test/parallel/test-webcrypto-keygen.js | 4 ++-- 2 files changed, 7 insertions(+), 9 deletions(-) diff --git a/lib/internal/crypto/aes.js b/lib/internal/crypto/aes.js index 324662e1f8b1b4..48cde6b31972e0 100644 --- a/lib/internal/crypto/aes.js +++ b/lib/internal/crypto/aes.js @@ -60,11 +60,6 @@ const { generateKey, } = require('internal/crypto/keygen'); -const { - validateInteger, - validateOneOf, -} = require('internal/validators'); - const kMaxCounterLength = 128; const kTagLengths = [32, 64, 96, 104, 112, 120, 128]; @@ -227,8 +222,11 @@ function aesCipher(mode, key, data, algorithm) { async function aesGenerateKey(algorithm, extractable, keyUsages) { const { name, length } = algorithm; - validateInteger(length, 'algorithm.length'); - validateOneOf(length, 'algorithm.length', kAesKeyLengths); + if (!ArrayPrototypeIncludes(kAesKeyLengths, length)) { + throw lazyDOMException( + 'AES key length must be 128, 192, or 256 bits', + 'OperationError'); + } const checkUsages = ['wrapKey', 'unwrapKey']; if (name !== 'AES-KW') diff --git a/test/parallel/test-webcrypto-keygen.js b/test/parallel/test-webcrypto-keygen.js index e61d7c9b913abf..9c79e1517c07a8 100644 --- a/test/parallel/test-webcrypto-keygen.js +++ b/test/parallel/test-webcrypto-keygen.js @@ -512,14 +512,14 @@ const vectors = { [1, 100, 257].forEach(async (length) => { await assert.rejects( subtle.generateKey({ name, length }, true, usages), { - code: 'ERR_INVALID_ARG_VALUE' + name: 'OperationError' }); }); ['', {}, [], false, null, undefined].forEach(async (length) => { await assert.rejects( subtle.generateKey({ name, length }, true, usages), { - code: 'ERR_INVALID_ARG_TYPE' + name: 'OperationError', }); }); }