diff options
author | Tobias Nießen <tniessen@tnie.de> | 2017-12-18 13:22:08 +0100 |
---|---|---|
committer | Tobias Nießen <tniessen@tnie.de> | 2018-04-06 13:02:43 +0200 |
commit | 1e07acd476309e7ddc4981160b89731b61a31179 (patch) | |
tree | d9217adeb698cbe3cefae962d89b16c655a822c2 /lib | |
parent | 38a692963f000e3bd0f8413617d3b5774039dff8 (diff) | |
download | android-node-v8-1e07acd476309e7ddc4981160b89731b61a31179.tar.gz android-node-v8-1e07acd476309e7ddc4981160b89731b61a31179.tar.bz2 android-node-v8-1e07acd476309e7ddc4981160b89731b61a31179.zip |
crypto: add support for AES-CCM
This commit adds support for another AEAD algorithm and introduces
required API changes and extensions. Due to the design of CCM itself and
the way OpenSSL implements it, there are some restrictions when using
this mode as outlined in the updated documentation.
PR-URL: https://github.com/nodejs/node/pull/18138
Fixes: https://github.com/nodejs/node/issues/2383
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org>
Reviewed-By: Rod Vagg <rod@vagg.org>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Diffstat (limited to 'lib')
-rw-r--r-- | lib/internal/crypto/cipher.js | 35 |
1 files changed, 28 insertions, 7 deletions
diff --git a/lib/internal/crypto/cipher.js b/lib/internal/crypto/cipher.js index cd8297245f..d33a970148 100644 --- a/lib/internal/crypto/cipher.js +++ b/lib/internal/crypto/cipher.js @@ -7,7 +7,8 @@ const { const { ERR_CRYPTO_INVALID_STATE, - ERR_INVALID_ARG_TYPE + ERR_INVALID_ARG_TYPE, + ERR_INVALID_OPT_VALUE } = require('internal/errors').codes; const { @@ -62,6 +63,16 @@ function getDecoder(decoder, encoding) { return decoder; } +function getUIntOption(options, key) { + let value; + if (options && (value = options[key]) != null) { + if (value >>> 0 !== value) + throw new ERR_INVALID_OPT_VALUE(key, value); + return value; + } + return -1; +} + function Cipher(cipher, password, options) { if (!(this instanceof Cipher)) return new Cipher(cipher, password, options); @@ -78,9 +89,11 @@ function Cipher(cipher, password, options) { ); } + const authTagLength = getUIntOption(options, 'authTagLength'); + this._handle = new CipherBase(true); - this._handle.init(cipher, password); + this._handle.init(cipher, password, authTagLength); this._decoder = null; LazyTransform.call(this, options); @@ -168,13 +181,15 @@ Cipher.prototype.setAuthTag = function setAuthTag(tagbuf) { return this; }; -Cipher.prototype.setAAD = function setAAD(aadbuf) { +Cipher.prototype.setAAD = function setAAD(aadbuf, options) { if (!isArrayBufferView(aadbuf)) { throw new ERR_INVALID_ARG_TYPE('buffer', ['Buffer', 'TypedArray', 'DataView'], aadbuf); } - if (this._handle.setAAD(aadbuf) === false) + + const plaintextLength = getUIntOption(options, 'plaintextLength'); + if (this._handle.setAAD(aadbuf, plaintextLength) === false) throw new ERR_CRYPTO_INVALID_STATE('setAAD'); return this; }; @@ -204,8 +219,10 @@ function Cipheriv(cipher, key, iv, options) { ); } + const authTagLength = getUIntOption(options, 'authTagLength'); + this._handle = new CipherBase(true); - this._handle.initiv(cipher, key, iv); + this._handle.initiv(cipher, key, iv, authTagLength); this._decoder = null; LazyTransform.call(this, options); @@ -243,8 +260,10 @@ function Decipher(cipher, password, options) { ); } + const authTagLength = getUIntOption(options, 'authTagLength'); + this._handle = new CipherBase(false); - this._handle.init(cipher, password); + this._handle.init(cipher, password, authTagLength); this._decoder = null; LazyTransform.call(this, options); @@ -288,8 +307,10 @@ function Decipheriv(cipher, key, iv, options) { ); } + const authTagLength = getUIntOption(options, 'authTagLength'); + this._handle = new CipherBase(false); - this._handle.initiv(cipher, key, iv); + this._handle.initiv(cipher, key, iv, authTagLength); this._decoder = null; LazyTransform.call(this, options); |