Skip to content

Commit

Permalink
src: replace impossible THROW with CHECK
Browse files Browse the repository at this point in the history
The JS layer already verifies that divisor_bits is either a non-negative
32-bit signed integer or null/undefined, in which case it passes -1 to
the C++ layer. In either case, the C++ layer receives a 32-bit signed
integer greater than or equal to -1.
  • Loading branch information
tniessen committed Mar 20, 2023
1 parent fbd526b commit c71e779
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 5 deletions.
5 changes: 1 addition & 4 deletions src/crypto/crypto_dsa.cc
Original file line number Diff line number Diff line change
Expand Up @@ -89,10 +89,7 @@ Maybe<bool> DsaKeyGenTraits::AdditionalConfig(

params->params.modulus_bits = args[*offset].As<Uint32>()->Value();
params->params.divisor_bits = args[*offset + 1].As<Int32>()->Value();
if (params->params.divisor_bits < -1) {
THROW_ERR_OUT_OF_RANGE(env, "invalid value for divisor_bits");
return Nothing<bool>();
}
CHECK_GE(params->params.divisor_bits, -1);

*offset += 2;

Expand Down
2 changes: 1 addition & 1 deletion test/parallel/test-crypto-keygen.js
Original file line number Diff line number Diff line change
Expand Up @@ -1278,7 +1278,7 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
}

// Test invalid divisor lengths. (out of range)
for (const divisorLength of [-6, -9, 2147483648]) {
for (const divisorLength of [-1, -6, -9, 2147483648]) {
assert.throws(() => generateKeyPair('dsa', {
modulusLength: 2048,
divisorLength
Expand Down

0 comments on commit c71e779

Please sign in to comment.