Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit d11ee19

Browse filesBrowse files
codebytereBridgeAR
codebytere
authored and
BridgeAR
committed
crypto: don't expose openssl internals
PR-URL: #29325 Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
1 parent c75813a commit d11ee19
Copy full SHA for d11ee19

File tree

Expand file treeCollapse file tree

3 files changed

+13
-6
lines changed
Open diff view settings
Filter options
Expand file treeCollapse file tree

3 files changed

+13
-6
lines changed
Open diff view settings
Collapse file

‎src/node_crypto.cc‎

Copy file name to clipboardExpand all lines: src/node_crypto.cc
+10-5Lines changed: 10 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -5200,7 +5200,7 @@ template <PublicKeyCipher::Operation operation,
52005200
bool PublicKeyCipher::Cipher(Environment* env,
52015201
const ManagedEVPPKey& pkey,
52025202
int padding,
5203-
const char* oaep_hash,
5203+
const EVP_MD* digest,
52045204
const unsigned char* data,
52055205
int len,
52065206
AllocatedBuffer* out) {
@@ -5212,9 +5212,8 @@ bool PublicKeyCipher::Cipher(Environment* env,
52125212
if (EVP_PKEY_CTX_set_rsa_padding(ctx.get(), padding) <= 0)
52135213
return false;
52145214

5215-
if (oaep_hash != nullptr) {
5216-
if (!EVP_PKEY_CTX_md(ctx.get(), EVP_PKEY_OP_TYPE_CRYPT,
5217-
EVP_PKEY_CTRL_RSA_OAEP_MD, oaep_hash))
5215+
if (digest != nullptr) {
5216+
if (!EVP_PKEY_CTX_set_rsa_oaep_md(ctx.get(), digest))
52185217
return false;
52195218
}
52205219

@@ -5256,6 +5255,12 @@ void PublicKeyCipher::Cipher(const FunctionCallbackInfo<Value>& args) {
52565255

52575256
const node::Utf8Value oaep_str(env->isolate(), args[offset + 2]);
52585257
const char* oaep_hash = args[offset + 2]->IsString() ? *oaep_str : nullptr;
5258+
const EVP_MD* digest = nullptr;
5259+
if (oaep_hash != nullptr) {
5260+
digest = EVP_get_digestbyname(oaep_hash);
5261+
if (digest == nullptr)
5262+
return THROW_ERR_OSSL_EVP_INVALID_DIGEST(env);
5263+
}
52595264

52605265
AllocatedBuffer out;
52615266

@@ -5265,7 +5270,7 @@ void PublicKeyCipher::Cipher(const FunctionCallbackInfo<Value>& args) {
52655270
env,
52665271
pkey,
52675272
padding,
5268-
oaep_hash,
5273+
digest,
52695274
buf.data(),
52705275
buf.length(),
52715276
&out);
Collapse file

‎src/node_crypto.h‎

Copy file name to clipboardExpand all lines: src/node_crypto.h
+1-1Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -713,7 +713,7 @@ class PublicKeyCipher {
713713
static bool Cipher(Environment* env,
714714
const ManagedEVPPKey& pkey,
715715
int padding,
716-
const char* oaep_hash,
716+
const EVP_MD* digest,
717717
const unsigned char* data,
718718
int len,
719719
AllocatedBuffer* out);
Collapse file

‎src/node_errors.h‎

Copy file name to clipboardExpand all lines: src/node_errors.h
+2Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -42,6 +42,7 @@ void PrintErrorString(const char* format, ...);
4242
V(ERR_CONSTRUCT_CALL_REQUIRED, TypeError) \
4343
V(ERR_CONSTRUCT_CALL_INVALID, TypeError) \
4444
V(ERR_INVALID_ARG_VALUE, TypeError) \
45+
V(ERR_OSSL_EVP_INVALID_DIGEST, Error) \
4546
V(ERR_INVALID_ARG_TYPE, TypeError) \
4647
V(ERR_INVALID_MODULE_SPECIFIER, TypeError) \
4748
V(ERR_INVALID_PACKAGE_CONFIG, SyntaxError) \
@@ -89,6 +90,7 @@ void PrintErrorString(const char* format, ...);
8990
V(ERR_CONSTRUCT_CALL_REQUIRED, "Cannot call constructor without `new`") \
9091
V(ERR_INVALID_TRANSFER_OBJECT, "Found invalid object in transferList") \
9192
V(ERR_MEMORY_ALLOCATION_FAILED, "Failed to allocate memory") \
93+
V(ERR_OSSL_EVP_INVALID_DIGEST, "Invalid digest used") \
9294
V(ERR_MISSING_MESSAGE_PORT_IN_TRANSFER_LIST, \
9395
"MessagePort was found in message but not listed in transferList") \
9496
V(ERR_MISSING_PLATFORM_FOR_WORKER, \

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.