Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit a12107f

Browse filesBrowse files
RafaelGSSpanvatniessenaddaleax
committed
src: fix error handling on async crypto operations
Fixes: https://hackerone.com/reports/2817648 Co-Authored-By: Filip Skokan <panva.ip@gmail.com> Co-Authored-By: Tobias Nießen <tniessen@tnie.de> Co-Authored-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> CVE-ID: CVE-2025-23166 PR-URL: nodejs-private/node-private#688
1 parent a271810 commit a12107f
Copy full SHA for a12107f
Expand file treeCollapse file tree

20 files changed

+120
-89
lines changed
Open diff view settings
Collapse file

‎src/crypto/crypto_dh.cc‎

Copy file name to clipboardExpand all lines: src/crypto/crypto_dh.cc
+6-6Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -512,15 +512,15 @@ MaybeLocal<Value> DHBitsTraits::EncodeOutput(Environment* env,
512512
return out->ToArrayBuffer(env);
513513
}
514514

515-
bool DHBitsTraits::DeriveBits(
516-
Environment* env,
517-
const DHBitsConfig& params,
518-
ByteSource* out) {
515+
bool DHBitsTraits::DeriveBits(Environment* env,
516+
const DHBitsConfig& params,
517+
ByteSource* out,
518+
CryptoJobMode mode) {
519519
auto dp = DHPointer::stateless(params.private_key.GetAsymmetricKey(),
520520
params.public_key.GetAsymmetricKey());
521521
if (!dp) {
522-
bool can_throw =
523-
per_process::v8_initialized && Isolate::TryGetCurrent() != nullptr;
522+
bool can_throw = mode == CryptoJobMode::kCryptoJobSync;
523+
524524
if (can_throw) {
525525
unsigned long err = ERR_get_error(); // NOLINT(runtime/int)
526526
if (err) ThrowCryptoError(env, err, "diffieHellman failed");
Collapse file

‎src/crypto/crypto_dh.h‎

Copy file name to clipboardExpand all lines: src/crypto/crypto_dh.h
+4-4Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -103,10 +103,10 @@ struct DHBitsTraits final {
103103
unsigned int offset,
104104
DHBitsConfig* params);
105105

106-
static bool DeriveBits(
107-
Environment* env,
108-
const DHBitsConfig& params,
109-
ByteSource* out_);
106+
static bool DeriveBits(Environment* env,
107+
const DHBitsConfig& params,
108+
ByteSource* out_,
109+
CryptoJobMode mode);
110110

111111
static v8::MaybeLocal<v8::Value> EncodeOutput(Environment* env,
112112
const DHBitsConfig& params,
Collapse file

‎src/crypto/crypto_ec.cc‎

Copy file name to clipboardExpand all lines: src/crypto/crypto_ec.cc
+2-1Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -434,7 +434,8 @@ Maybe<void> ECDHBitsTraits::AdditionalConfig(
434434

435435
bool ECDHBitsTraits::DeriveBits(Environment* env,
436436
const ECDHBitsConfig& params,
437-
ByteSource* out) {
437+
ByteSource* out,
438+
CryptoJobMode mode) {
438439
size_t len = 0;
439440
const auto& m_privkey = params.private_.GetAsymmetricKey();
440441
const auto& m_pubkey = params.public_.GetAsymmetricKey();
Collapse file

‎src/crypto/crypto_ec.h‎

Copy file name to clipboardExpand all lines: src/crypto/crypto_ec.h
+4-4Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -77,10 +77,10 @@ struct ECDHBitsTraits final {
7777
unsigned int offset,
7878
ECDHBitsConfig* params);
7979

80-
static bool DeriveBits(
81-
Environment* env,
82-
const ECDHBitsConfig& params,
83-
ByteSource* out_);
80+
static bool DeriveBits(Environment* env,
81+
const ECDHBitsConfig& params,
82+
ByteSource* out_,
83+
CryptoJobMode mode);
8484

8585
static v8::MaybeLocal<v8::Value> EncodeOutput(Environment* env,
8686
const ECDHBitsConfig& params,
Collapse file

‎src/crypto/crypto_hash.cc‎

Copy file name to clipboardExpand all lines: src/crypto/crypto_hash.cc
+4-4Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -489,10 +489,10 @@ Maybe<void> HashTraits::AdditionalConfig(
489489
return JustVoid();
490490
}
491491

492-
bool HashTraits::DeriveBits(
493-
Environment* env,
494-
const HashConfig& params,
495-
ByteSource* out) {
492+
bool HashTraits::DeriveBits(Environment* env,
493+
const HashConfig& params,
494+
ByteSource* out,
495+
CryptoJobMode mode) {
496496
auto ctx = EVPMDCtxPointer::New();
497497

498498
if (!ctx.digestInit(params.digest) || !ctx.digestUpdate(params.in))
Collapse file

‎src/crypto/crypto_hash.h‎

Copy file name to clipboardExpand all lines: src/crypto/crypto_hash.h
+4-4Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -70,10 +70,10 @@ struct HashTraits final {
7070
unsigned int offset,
7171
HashConfig* params);
7272

73-
static bool DeriveBits(
74-
Environment* env,
75-
const HashConfig& params,
76-
ByteSource* out);
73+
static bool DeriveBits(Environment* env,
74+
const HashConfig& params,
75+
ByteSource* out,
76+
CryptoJobMode mode);
7777

7878
static v8::MaybeLocal<v8::Value> EncodeOutput(Environment* env,
7979
const HashConfig& params,
Collapse file

‎src/crypto/crypto_hkdf.cc‎

Copy file name to clipboardExpand all lines: src/crypto/crypto_hkdf.cc
+4-4Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -97,10 +97,10 @@ Maybe<void> HKDFTraits::AdditionalConfig(
9797
return JustVoid();
9898
}
9999

100-
bool HKDFTraits::DeriveBits(
101-
Environment* env,
102-
const HKDFConfig& params,
103-
ByteSource* out) {
100+
bool HKDFTraits::DeriveBits(Environment* env,
101+
const HKDFConfig& params,
102+
ByteSource* out,
103+
CryptoJobMode mode) {
104104
auto dp = ncrypto::hkdf(params.digest,
105105
ncrypto::Buffer<const unsigned char>{
106106
.data = reinterpret_cast<const unsigned char*>(
Collapse file

‎src/crypto/crypto_hkdf.h‎

Copy file name to clipboardExpand all lines: src/crypto/crypto_hkdf.h
+4-4Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -42,10 +42,10 @@ struct HKDFTraits final {
4242
unsigned int offset,
4343
HKDFConfig* params);
4444

45-
static bool DeriveBits(
46-
Environment* env,
47-
const HKDFConfig& params,
48-
ByteSource* out);
45+
static bool DeriveBits(Environment* env,
46+
const HKDFConfig& params,
47+
ByteSource* out,
48+
CryptoJobMode mode);
4949

5050
static v8::MaybeLocal<v8::Value> EncodeOutput(Environment* env,
5151
const HKDFConfig& params,
Collapse file

‎src/crypto/crypto_hmac.cc‎

Copy file name to clipboardExpand all lines: src/crypto/crypto_hmac.cc
+4-4Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -233,10 +233,10 @@ Maybe<void> HmacTraits::AdditionalConfig(
233233
return JustVoid();
234234
}
235235

236-
bool HmacTraits::DeriveBits(
237-
Environment* env,
238-
const HmacConfig& params,
239-
ByteSource* out) {
236+
bool HmacTraits::DeriveBits(Environment* env,
237+
const HmacConfig& params,
238+
ByteSource* out,
239+
CryptoJobMode mode) {
240240
auto ctx = HMACCtxPointer::New();
241241

242242
ncrypto::Buffer<const void> key_buf{
Collapse file

‎src/crypto/crypto_hmac.h‎

Copy file name to clipboardExpand all lines: src/crypto/crypto_hmac.h
+4-4Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -73,10 +73,10 @@ struct HmacTraits final {
7373
unsigned int offset,
7474
HmacConfig* params);
7575

76-
static bool DeriveBits(
77-
Environment* env,
78-
const HmacConfig& params,
79-
ByteSource* out);
76+
static bool DeriveBits(Environment* env,
77+
const HmacConfig& params,
78+
ByteSource* out,
79+
CryptoJobMode mode);
8080

8181
static v8::MaybeLocal<v8::Value> EncodeOutput(Environment* env,
8282
const HmacConfig& params,

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.