diff options
author | Shigeki Ohtsu <ohtsu@ohtsu.org> | 2017-08-25 01:42:55 +0900 |
---|---|---|
committer | Shigeki Ohtsu <ohtsu@ohtsu.org> | 2017-08-30 01:20:10 +0900 |
commit | 4218f1974d3945cd4d675b5bc5292d88b993f9b8 (patch) | |
tree | 6b23a2e3b27a621f06563e36d23a76a420778551 /src/node_crypto.cc | |
parent | f3eb193a3019d79a82cec8b561e028e4e37a7b87 (diff) | |
download | android-node-v8-4218f1974d3945cd4d675b5bc5292d88b993f9b8.tar.gz android-node-v8-4218f1974d3945cd4d675b5bc5292d88b993f9b8.tar.bz2 android-node-v8-4218f1974d3945cd4d675b5bc5292d88b993f9b8.zip |
crypto: fix error of createCipher in wrap mode
EVP_CIPHER_CTX_FLAG_WRAP_ALLOW flag needs to be set in using wrap mode
ciphers. In `crypto.createCipher()`, AES key wrap mode does not use a
default IV defined in RFC3394 but a generated IV with
`EVP_BytesToKey()` to be consistent API behaviors with other ciphers.
The built-in AES wrap mode in OpenSSL is not supported in FIPS mode as
http://openssl.6102.n7.nabble.com/AES-Key-Wrap-in-FIPS-Mode-td50238.html
so its tests in FIPS mode are skipped.
Fixes: https://github.com/nodejs/node/issues/15009
PR-URL: https://github.com/nodejs/node/pull/15037
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
Diffstat (limited to 'src/node_crypto.cc')
-rw-r--r-- | src/node_crypto.cc | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/src/node_crypto.cc b/src/node_crypto.cc index 1fa522d521..e6acb565d6 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc @@ -3349,6 +3349,9 @@ void CipherBase::Init(const char* cipher_type, cipher_type); } + if (mode == EVP_CIPH_WRAP_MODE) + EVP_CIPHER_CTX_set_flags(&ctx_, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW); + if (!EVP_CIPHER_CTX_set_key_length(&ctx_, key_len)) { EVP_CIPHER_CTX_cleanup(&ctx_); return env()->ThrowError("Invalid key length"); @@ -3396,13 +3399,18 @@ void CipherBase::InitIv(const char* cipher_type, } const int expected_iv_len = EVP_CIPHER_iv_length(cipher); - const bool is_gcm_mode = (EVP_CIPH_GCM_MODE == EVP_CIPHER_mode(cipher)); + const int mode = EVP_CIPHER_mode(cipher); + const bool is_gcm_mode = (EVP_CIPH_GCM_MODE == mode); if (is_gcm_mode == false && iv_len != expected_iv_len) { return env()->ThrowError("Invalid IV length"); } EVP_CIPHER_CTX_init(&ctx_); + + if (mode == EVP_CIPH_WRAP_MODE) + EVP_CIPHER_CTX_set_flags(&ctx_, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW); + const bool encrypt = (kind_ == kCipher); EVP_CipherInit_ex(&ctx_, cipher, nullptr, nullptr, nullptr, encrypt); |