crypto: improve prime size argument validation

tniessen · web-flow · commit e8697cfe3864 · 2022-03-08T17:33:38.000Z
The current validation in JavaScript is insufficient and also produces an incorrect error message, restricting the size parameter to 32-bit values, whereas the C++ backend restricts the size parameter to the positive range of an int. This change tightens the validation in JavaScript and adapts the error message accordingly, making the validation in C++ superfluous. Refs: #42207 PR-URL: #42234 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Filip Skokan <panva.ip@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
diff --git a/lib/internal/crypto/random.js b/lib/internal/crypto/random.js
@@ -43,6 +43,7 @@ const {
   validateNumber,
   validateBoolean,
   validateFunction,
+  validateInt32,
   validateObject,
   validateUint32,
 } = require('internal/validators');
@@ -460,7 +461,7 @@ function createRandomPrimeJob(type, size, options) {
 }
 
 function generatePrime(size, options, callback) {
-  validateUint32(size, 'size', true);
+  validateInt32(size, 'size', 1);
   if (typeof options === 'function') {
     callback = options;
     options = {};
@@ -482,7 +483,7 @@ function generatePrime(size, options, callback) {
 }
 
 function generatePrimeSync(size, options = {}) {
-  validateUint32(size, 'size', true);
+  validateInt32(size, 'size', 1);
 
   const job = createRandomPrimeJob(kCryptoJobSync, size, options);
   const { 0: err, 1: prime } = job.run();
diff --git a/src/crypto/crypto_random.cc b/src/crypto/crypto_random.cc
@@ -122,11 +122,9 @@ Maybe<bool> RandomPrimeTraits::AdditionalConfig(
     }
   }
 
+  // The JS interface already ensures that the (positive) size fits into an int.
   int bits = static_cast<int>(size);
-  if (bits < 0) {
-    THROW_ERR_OUT_OF_RANGE(env, "invalid size");
-    return Nothing<bool>();
-  }
+  CHECK_GT(bits, 0);
 
   if (params->add) {
     if (BN_num_bits(params->add.get()) > bits) {
diff --git a/test/parallel/test-crypto-prime.js b/test/parallel/test-crypto-prime.js
@@ -41,12 +41,14 @@ const pCheckPrime = promisify(checkPrime);
   });
 });
 
-[-1, 0, 2 ** 31, 2 ** 31 + 1, 2 ** 32 - 1, 2 ** 32].forEach((i) => {
-  assert.throws(() => generatePrime(i, common.mustNotCall()), {
-    code: 'ERR_OUT_OF_RANGE'
+[-1, 0, 2 ** 31, 2 ** 31 + 1, 2 ** 32 - 1, 2 ** 32].forEach((size) => {
+  assert.throws(() => generatePrime(size, common.mustNotCall()), {
+    code: 'ERR_OUT_OF_RANGE',
+    message: />= 1 && <= 2147483647/
   });
-  assert.throws(() => generatePrimeSync(i), {
-    code: 'ERR_OUT_OF_RANGE'
+  assert.throws(() => generatePrimeSync(size), {
+    code: 'ERR_OUT_OF_RANGE',
+    message: />= 1 && <= 2147483647/
   });
 });
 

Original file line number	Diff line number	Diff line change
`@@ -122,11 +122,9 @@ Maybe<bool> RandomPrimeTraits::AdditionalConfig(`
`122`	`122`	`}`
`123`	`123`	`}`
`124`	`124`
	`125`	`+ // The JS interface already ensures that the (positive) size fits into an int.`
`125`	`126`	`int bits = static_cast<int>(size);`
`126`		`- if (bits < 0) {`
`127`		`- THROW_ERR_OUT_OF_RANGE(env, "invalid size");`
`128`		`- return Nothing<bool>();`
`129`		`- }`
	`127`	`+ CHECK_GT(bits, 0);`
`130`	`128`
`131`	`129`	`if (params->add) {`
`132`	`130`	`if (BN_num_bits(params->add.get()) > bits) {`