1berry/nodejs
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

crypto: adjust minimum length in generateKey('hmac', ...)

Browse Source 
Also affects generateKeySync('hmac', ...)

PR-URL: https://github.com/nodejs/node/pull/42944
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
This commit is contained in:
Livia Medeiros 2022-05-05 03:31:23 +08:00 committed by GitHub
parent 2454aa0f1f
commit a5b8730525
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 19 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
doc/api/crypto.md
View File

@ -3630,7 +3630,7 @@ changes:
* `options`: {Object}
* `length`: {number} The bit length of the key to generate. This must be a
value greater than 0.
* If `type` is `'hmac'`, the minimum is 1, and the maximum length is
* If `type` is `'hmac'`, the minimum is 8, and the maximum length is
2<sup>31</sup>-1. If the value is not a multiple of 8, the generated
key will be truncated to `Math.floor(length / 8)`.
* If `type` is `'aes'`, the length must be one of `128`, `192`, or `256`.
@ -3902,7 +3902,7 @@ added: v15.0.0
accepted values are `'hmac'` and `'aes'`.
* `options`: {Object}
* `length`: {number} The bit length of the key to generate.
* If `type` is `'hmac'`, the minimum is 1, and the maximum length is
* If `type` is `'hmac'`, the minimum is 8, and the maximum length is
2<sup>31</sup>-1. If the value is not a multiple of 8, the generated
key will be truncated to `Math.floor(length / 8)`.
* If `type` is `'aes'`, the length must be one of `128`, `192`, or `256`.

2
lib/internal/crypto/keygen.js
View File

@ -349,7 +349,7 @@ function generateKeyJob(mode, keyType, options) {
const { length } = options;
switch (keyType) {
case 'hmac':
validateInteger(length, 'options.length', 1, 2 ** 31 - 1);
validateInteger(length, 'options.length', 8, 2 ** 31 - 1);
break;
case 'aes':
validateOneOf(length, 'options.length', kAesKeyLengths);

16
test/parallel/test-crypto-secret-keygen.js
View File

@ -51,6 +51,14 @@ assert.throws(() => generateKey('hmac', { length: -1 }, common.mustNotCall()), {
code: 'ERR_OUT_OF_RANGE'
});
assert.throws(() => generateKey('hmac', { length: 4 }, common.mustNotCall()), {
code: 'ERR_OUT_OF_RANGE'
});
assert.throws(() => generateKey('hmac', { length: 7 }, common.mustNotCall()), {
code: 'ERR_OUT_OF_RANGE'
});
assert.throws(
() => generateKey('hmac', { length: 2 ** 31 }, common.mustNotCall()), {
code: 'ERR_OUT_OF_RANGE'
@ -60,6 +68,14 @@ assert.throws(() => generateKeySync('hmac', { length: -1 }), {
code: 'ERR_OUT_OF_RANGE'
});
assert.throws(() => generateKeySync('hmac', { length: 4 }), {
code: 'ERR_OUT_OF_RANGE'
});
assert.throws(() => generateKeySync('hmac', { length: 7 }), {
code: 'ERR_OUT_OF_RANGE'
});
assert.throws(
() => generateKeySync('hmac', { length: 2 ** 31 }), {
code: 'ERR_OUT_OF_RANGE'