Skip to content

Commit

Permalink
crypto: adjust types for getRandomValues
Browse files Browse the repository at this point in the history
prevents Web Crypto API's getRandomValues from accepting DataView

- Fixes: nodejs#41480
- Refs: https://www.w3.org/TR/WebCryptoAPI/#Crypto-method-getRandomValues
  • Loading branch information
LiviaMedeiros committed Jan 16, 2022
1 parent 986cf3b commit 4790ce2
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 2 deletions.
3 changes: 2 additions & 1 deletion lib/internal/crypto/random.js
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,7 @@ const {
const {
isArrayBufferView,
isAnyArrayBuffer,
isTypedArray,
isFloat32Array,
isFloat64Array,
} = require('internal/util/types');
Expand Down Expand Up @@ -307,7 +308,7 @@ function onJobDone(buf, callback, error) {
// not allowed to exceed 65536 bytes, and can only
// be an integer-type TypedArray.
function getRandomValues(data) {
if (!isArrayBufferView(data) ||
if (!isTypedArray(data) ||
isFloat32Array(data) ||
isFloat64Array(data)) {
// Ordinarily this would be an ERR_INVALID_ARG_TYPE. However,
Expand Down
4 changes: 3 additions & 1 deletion test/parallel/test-webcrypto-random.js
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ const { getRandomValues } = require('crypto').webcrypto;
undefined, null, '', 1, {}, [],
new Float32Array(1),
new Float64Array(1),
new DataView(new ArrayBuffer(1)),
].forEach((i) => {
assert.throws(
() => getRandomValues(i),
Expand All @@ -32,6 +33,7 @@ const intTypedConstructors = [
Uint8Array,
Uint16Array,
Uint32Array,
Uint8ClampedArray,
BigInt64Array,
BigUint64Array,
];
Expand All @@ -47,7 +49,7 @@ for (const ctor of intTypedConstructors) {
{
const buf = new Uint16Array(10);
const before = Buffer.from(buf).toString('hex');
getRandomValues(new DataView(buf.buffer));
getRandomValues(buf);
const after = Buffer.from(buf).toString('hex');
assert.notStrictEqual(before, after);
}
Expand Down

0 comments on commit 4790ce2

Please sign in to comment.