diff options
author | Jose M. Palacios Diaz <jmpd1988@gmail.com> | 2017-11-06 17:22:42 -0500 |
---|---|---|
committer | Anna Henningsen <anna@addaleax.net> | 2017-12-01 21:18:11 +0100 |
commit | 845633a7c62ad9ffd33880a43e05a49382bb76bb (patch) | |
tree | aaa2e2e15a13b207e8db74f1011e00870c16cb22 /lib | |
parent | 31e0dbc0c700e7bb8fa453258ba0233975ece575 (diff) | |
download | android-node-v8-845633a7c62ad9ffd33880a43e05a49382bb76bb.tar.gz android-node-v8-845633a7c62ad9ffd33880a43e05a49382bb76bb.tar.bz2 android-node-v8-845633a7c62ad9ffd33880a43e05a49382bb76bb.zip |
crypto: better docs for cases where peer's public key is invalid
changes in c++ are in the computeSecret function, but the thrown
exception that was moved to JS land was in BufferToPoint
function, here i let the allocation error be thrown so the only value
returned is the nullptr that i use later to catch the error in
computeSecret, to then construct the exception in JS land.
an ERR_CRYPTO_ECDH_INVALID_PUBLIC_KEY error was added to errors.js
and with that, subsequent changes to docs and tests were made.
PR-URL: https://github.com/nodejs/node/pull/16849
Refs: https://www.iacr.org/archive/pkc2003/25670211/25670211.pdf
Fixes: https://github.com/nodejs/node/issues/16625
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Diffstat (limited to 'lib')
-rw-r--r-- | lib/internal/crypto/diffiehellman.js | 2 | ||||
-rw-r--r-- | lib/internal/errors.js | 2 |
2 files changed, 4 insertions, 0 deletions
diff --git a/lib/internal/crypto/diffiehellman.js b/lib/internal/crypto/diffiehellman.js index 95b689df94..687bae83fd 100644 --- a/lib/internal/crypto/diffiehellman.js +++ b/lib/internal/crypto/diffiehellman.js @@ -96,6 +96,8 @@ function dhComputeSecret(key, inEnc, outEnc) { inEnc = inEnc || encoding; outEnc = outEnc || encoding; var ret = this._handle.computeSecret(toBuf(key, inEnc)); + if (typeof ret === 'string') + throw new errors.Error('ERR_CRYPTO_ECDH_INVALID_PUBLIC_KEY'); if (outEnc && outEnc !== 'buffer') ret = ret.toString(outEnc); return ret; diff --git a/lib/internal/errors.js b/lib/internal/errors.js index 7fa567739e..dadba400b5 100644 --- a/lib/internal/errors.js +++ b/lib/internal/errors.js @@ -281,6 +281,8 @@ E('ERR_CPU_USAGE', 'Unable to obtain cpu usage %s'); E('ERR_CRYPTO_CUSTOM_ENGINE_NOT_SUPPORTED', 'Custom engines not supported by this OpenSSL'); E('ERR_CRYPTO_ECDH_INVALID_FORMAT', 'Invalid ECDH format: %s'); +E('ERR_CRYPTO_ECDH_INVALID_PUBLIC_KEY', + 'Public key is not valid for specified curve'); E('ERR_CRYPTO_ENGINE_UNKNOWN', 'Engine "%s" was not found'); E('ERR_CRYPTO_FIPS_FORCED', 'Cannot set FIPS mode, it was forced with --force-fips at startup.'); |