Webcrypto getRandomValues accepts DataView

[LiviaMedeiros]

Version

v16.13.1

Platform

No response

Subsystem

crypto

What steps will reproduce the bug?

const crypto = require('crypto').webcrypto;

const good = crypto.getRandomValues(new Uint16Array(8));
console.log(good);

const shouldBeBad = crypto.getRandomValues(new DataView(new ArrayBuffer(8)));
console.log(shouldBeBad);

const bad = crypto.getRandomValues(new Float32Array(8));
console.log(bad);

How often does it reproduce? Is there a required condition?

No response

What is the expected behavior?

This line:

const shouldBeBad = crypto.getRandomValues(new DataView(new ArrayBuffer(8)));

should throw TypeMismatchError, since DataView instance is not an integer-type TypedArray (in fact, it's not a TypedArray at all).

What do you see instead?

$ node /tmp/node-test.js
Uint16Array(8) [
  11975, 18072,
   7401, 42679,
  61734,  5588,
  62920, 30080
]
DataView {
  byteLength: 8,
  byteOffset: 0,
  buffer: ArrayBuffer {
    [Uint8Contents]: <c6 25 d6 26 46 e0 4d 7a>,
    byteLength: 8
  }
}
node:internal/crypto/random:316
    throw lazyDOMException(
    ^

DOMException [TypeMismatchError]: The data argument must be an integer-type TypedArray
    at Crypto.getRandomValues (node:internal/crypto/random:316:11)
    at Object.<anonymous> (/tmp/node-test.js:9:20)
    at Module._compile (node:internal/modules/cjs/loader:1101:14)
    at Object.Module._extensions..js (node:internal/modules/cjs/loader:1153:10)
    at Module.load (node:internal/modules/cjs/loader:981:32)
    at Function.Module._load (node:internal/modules/cjs/loader:822:12)
    at Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:81:12)
    at node:internal/main/run_main_module:17:47

Additional information

Note: the issue is about webcrypto, it doesn't affect crypto.randomFill

W3C specs states that getRandomValues method must throw TypeMismatchError if its argument is not of an integer type.
Within current standard, allowed types may be described in the following ways:

• Int8Array or Uint8Array or Uint8ClampedArray or Int16Array or Uint16Array or Int32Array or Uint32Array or BigInt64Array or BigUint64Array
• TypedArray, except for Float32Array and Float64Array
• ArrayBufferView, except for Float32Array, Float64Array and DataView

Float##Array are prohibited to avoid potential misinterpretation of equivalent of what *(float*) in C does as generating some sane float numbers with uniform distribution.
As explained in w3c/webcrypto#284 (comment), DataView is advisedly prohibited for the same reason.

Fixing this issue would also allow linters and typecheckers to easily assume that any value returned by getRandomValues is guaranteed to be an instance of TypedArray.

[LiviaMedeiros]

Draft PR: #41481

Behaviour in patched version:

$ out/Release/node /tmp/node-test.js
Uint16Array(8) [
  56131, 30854,
  59315, 57587,
  50096, 65211,
  62975, 35455
]
node:internal/crypto/random:317
    throw lazyDOMException(
    ^

DOMException [TypeMismatchError]: The data argument must be an integer-type TypedArray
    at Crypto.getRandomValues (node:internal/crypto/random:317:11)
    at Object.<anonymous> (/tmp/node-test.js:6:28)
    at Module._compile (node:internal/modules/cjs/loader:1097:14)
    at Object.Module._extensions..js (node:internal/modules/cjs/loader:1149:10)
    at Module.load (node:internal/modules/cjs/loader:975:32)
    at Function.Module._load (node:internal/modules/cjs/loader:822:12)
    at Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:81:12)
    at node:internal/main/run_main_module:17:47

Node.js v18.0.0-pre