Skip to content

Commit

Permalink
crypto: throw proper errors if out enc is UTF-16
Browse files Browse the repository at this point in the history
Throw `Error`s instead of hard crashing when the `.digest()` output
encoding is UTF-16.

Fixes: #9817
PR-URL: #12752
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
  • Loading branch information
addaleax authored and gibfahn committed Jun 18, 2017
1 parent 8c891a2 commit faf237e
Show file tree
Hide file tree
Showing 3 changed files with 18 additions and 4 deletions.
8 changes: 8 additions & 0 deletions src/node_crypto.cc
Original file line number Diff line number Diff line change
Expand Up @@ -3792,6 +3792,10 @@ void Hmac::HmacDigest(const FunctionCallbackInfo<Value>& args) {
encoding = ParseEncoding(env->isolate(), args[0], BUFFER);
}

if (encoding == UCS2) {
return env->ThrowError("hmac.digest() does not support UTF-16");
}

unsigned char* md_value = nullptr;
unsigned int md_len = 0;

Expand Down Expand Up @@ -3915,6 +3919,10 @@ void Hash::HashDigest(const FunctionCallbackInfo<Value>& args) {
encoding = ParseEncoding(env->isolate(), args[0], BUFFER);
}

if (encoding == UCS2) {
return env->ThrowError("hash.digest() does not support UTF-16");
}

unsigned char md_value[EVP_MAX_MD_SIZE];
unsigned int md_len;

Expand Down
10 changes: 6 additions & 4 deletions test/parallel/test-crypto-hash.js
Original file line number Diff line number Diff line change
Expand Up @@ -108,10 +108,12 @@ const h3 = crypto.createHash('sha256');
h3.digest();
assert.throws(function() {
h3.digest();
},
/Digest already called/);
}, /Digest already called/);

assert.throws(function() {
h3.update('foo');
},
/Digest already called/);
}, /Digest already called/);

assert.throws(function() {
crypto.createHash('sha256').digest('ucs2');
}, /^Error: hash\.digest\(\) does not support UTF-16$/);
4 changes: 4 additions & 0 deletions test/parallel/test-crypto-hmac.js
Original file line number Diff line number Diff line change
Expand Up @@ -377,3 +377,7 @@ for (let i = 0, l = rfc2202_sha1.length; i < l; i++) {
`Test HMAC-SHA1 : Test case ${i + 1} rfc 2202`
);
}

assert.throws(function() {
crypto.createHmac('sha256', 'w00t').digest('ucs2');
}, /^Error: hmac\.digest\(\) does not support UTF-16$/);

0 comments on commit faf237e

Please sign in to comment.