diff options
author | Shigeki Ohtsu <ohtsu@ohtsu.org> | 2017-06-20 23:44:53 +0900 |
---|---|---|
committer | Shigeki Ohtsu <ohtsu@ohtsu.org> | 2017-08-22 21:23:38 +0900 |
commit | 9dfb2d14cb315ed841658195347095aa879dae8b (patch) | |
tree | d85dfca2151ad662eb1748422543e554e287fcd0 /test/parallel/test-crypto-cipher-decipher.js | |
parent | 70664bf5a1914e74726cd3d17659cbba8f553f94 (diff) | |
download | android-node-v8-9dfb2d14cb315ed841658195347095aa879dae8b.tar.gz android-node-v8-9dfb2d14cb315ed841658195347095aa879dae8b.tar.bz2 android-node-v8-9dfb2d14cb315ed841658195347095aa879dae8b.zip |
crypto: warn if counter mode used in createCipher
`crypto.createCipher()` sets the fixed IV derived from password and it
leads to a security risk of nonce reuse when counter mode is used.
A warning is emitted when CTR, GCM or CCM is used in
`crypto.createCipher()` to notify users to avoid nonce reuse.
Fixes: https://github.com/nodejs/node/issues/13801
PR-URL: https://github.com/nodejs/node/pull/13821
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Diffstat (limited to 'test/parallel/test-crypto-cipher-decipher.js')
-rw-r--r-- | test/parallel/test-crypto-cipher-decipher.js | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/test/parallel/test-crypto-cipher-decipher.js b/test/parallel/test-crypto-cipher-decipher.js index 0104341653..336ab3a07b 100644 --- a/test/parallel/test-crypto-cipher-decipher.js +++ b/test/parallel/test-crypto-cipher-decipher.js @@ -155,6 +155,9 @@ testCipher2(Buffer.from('0123456789abcdef')); const aadbuf = Buffer.from('aadbuf'); const data = Buffer.from('test-crypto-cipher-decipher'); + common.expectWarning('Warning', + 'Use Cipheriv for counter mode of aes-256-gcm'); + const cipher = crypto.createCipher('aes-256-gcm', key); cipher.setAAD(aadbuf); cipher.setAutoPadding(); |