From a558774a40f93daef71c03c872ff66576c54a80e Mon Sep 17 00:00:00 2001 From: vitpavlenko Date: Tue, 17 Jan 2023 19:39:14 +0200 Subject: [PATCH] crypto: add cipher update/final methods encoding validation Refs #45189 PR-URL: https://github.com/nodejs/node/pull/45990 Refs: https://github.com/nodejs/node/issues/45189 Reviewed-By: James M Snell Reviewed-By: Filip Skokan --- lib/internal/crypto/cipher.js | 10 +++- .../test-crypto-encoding-validation-error.js | 52 +++++++++++++++++++ 2 files changed, 60 insertions(+), 2 deletions(-) create mode 100644 test/parallel/test-crypto-encoding-validation-error.js diff --git a/lib/internal/crypto/cipher.js b/lib/internal/crypto/cipher.js index d85606ba52b5ac..fe2cc0f5258d7d 100644 --- a/lib/internal/crypto/cipher.js +++ b/lib/internal/crypto/cipher.js @@ -27,6 +27,7 @@ const { ERR_CRYPTO_INVALID_STATE, ERR_INVALID_ARG_TYPE, ERR_INVALID_ARG_VALUE, + ERR_UNKNOWN_ENCODING, } } = require('internal/errors'); @@ -91,9 +92,14 @@ const privateDecrypt = rsaFunctionFor(_privateDecrypt, RSA_PKCS1_OAEP_PADDING, 'private'); function getDecoder(decoder, encoding) { - encoding = normalizeEncoding(encoding); + const normalizedEncoding = normalizeEncoding(encoding); decoder = decoder || new StringDecoder(encoding); - assert(decoder.encoding === encoding, 'Cannot change encoding'); + if (decoder.encoding !== normalizedEncoding) { + if (normalizedEncoding === undefined) { + throw new ERR_UNKNOWN_ENCODING(encoding); + } + assert(false, 'Cannot change encoding'); + } return decoder; } diff --git a/test/parallel/test-crypto-encoding-validation-error.js b/test/parallel/test-crypto-encoding-validation-error.js new file mode 100644 index 00000000000000..0e921ac2862f49 --- /dev/null +++ b/test/parallel/test-crypto-encoding-validation-error.js @@ -0,0 +1,52 @@ +'use strict'; +const common = require('../common'); +if (!common.hasCrypto) + common.skip('missing crypto'); + +// This test checks if error is thrown in case of wrong encoding provided into cipher. + +const assert = require('assert'); +const { createCipheriv, randomBytes } = require('crypto'); + +const createCipher = () => { + return createCipheriv('aes-256-cbc', randomBytes(32), randomBytes(16)); +}; + +{ + const cipher = createCipher(); + cipher.update('test', 'utf-8', 'utf-8'); + + assert.throws( + () => cipher.update('666f6f', 'hex', 'hex'), + { message: /Cannot change encoding/ } + ); +} + +{ + const cipher = createCipher(); + cipher.update('test', 'utf-8', 'utf-8'); + + assert.throws( + () => cipher.final('hex'), + { message: /Cannot change encoding/ } + ); +} + +{ + const cipher = createCipher(); + cipher.update('test', 'utf-8', 'utf-8'); + + assert.throws( + () => cipher.final('bad2'), + { message: /^Unknown encoding: bad2$/, code: 'ERR_UNKNOWN_ENCODING' } + ); +} + +{ + const cipher = createCipher(); + + assert.throws( + () => cipher.update('test', 'utf-8', 'bad3'), + { message: /^Unknown encoding: bad3$/, code: 'ERR_UNKNOWN_ENCODING' } + ); +}