crypto: throw in setAuthTag on invalid length - android-node-v8.git

diff options

author	Tobias Nießen <tniessen@tnie.de>	2018-04-15 02:58:25 +0200
committer	Tobias Nießen <tniessen@tnie.de>	2018-06-01 09:52:27 +0200
commit	faf449ca0490f5371dc6cbbc94a87eb697b00fcc (patch)
tree	196300f9cf398f76c3cc6cd02db2638d10f55b77 /deps/v8/infra
parent	cb3d049badb772fc1ea7051540d50c89f73e36dd (diff)
download	android-node-v8-faf449ca0490f5371dc6cbbc94a87eb697b00fcc.tar.gz android-node-v8-faf449ca0490f5371dc6cbbc94a87eb697b00fcc.tar.bz2 android-node-v8-faf449ca0490f5371dc6cbbc94a87eb697b00fcc.zip

crypto: throw in setAuthTag on invalid length

The current implementation performs limited checks only and silently ignores superfluous bytes of the authentication tag. This change makes setAuthTag throw when - the user-specified authTagLength does not match the actual tag length, especially when the authentication tag is longer than 16 bytes, and when - the mode is GCM, no authTagLength option has been specified and the tag length is not a valid GCM tag length. This change makes the conditional assignment in SetAuthTag unnecessary, which is replaced with a CHECK. Refs: https://github.com/nodejs/node/pull/17825 PR-URL: https://github.com/nodejs/node/pull/20040 Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: Yihong Wang <yh.wang@ibm.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com>

Diffstat (limited to 'deps/v8/infra')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: