diff options
Diffstat (limited to 'ext')
| -rw-r--r-- | ext/node/ops/crypto/cipher.rs | 15 | ||||
| -rw-r--r-- | ext/node/ops/crypto/mod.rs | 20 |
2 files changed, 21 insertions, 14 deletions
diff --git a/ext/node/ops/crypto/cipher.rs b/ext/node/ops/crypto/cipher.rs index 94bd5780e..b80aa33fe 100644 --- a/ext/node/ops/crypto/cipher.rs +++ b/ext/node/ops/crypto/cipher.rs @@ -4,6 +4,7 @@ use aes::cipher::block_padding::Pkcs7; use aes::cipher::BlockDecryptMut; use aes::cipher::BlockEncryptMut; use aes::cipher::KeyIvInit; +use deno_core::error::range_error; use deno_core::error::type_error; use deno_core::error::AnyError; use deno_core::Resource; @@ -157,6 +158,13 @@ impl Cipher { Aes256Gcm(Box::new(cipher)) } "aes256" | "aes-256-cbc" => { + if key.len() != 32 { + return Err(range_error("Invalid key length")); + } + if iv.len() != 16 { + return Err(type_error("Invalid initialization vector")); + } + Aes256Cbc(Box::new(cbc::Encryptor::new(key.into(), iv.into()))) } _ => return Err(type_error(format!("Unknown cipher {algorithm_name}"))), @@ -346,6 +354,13 @@ impl Decipher { Aes256Gcm(Box::new(decipher)) } "aes256" | "aes-256-cbc" => { + if key.len() != 32 { + return Err(range_error("Invalid key length")); + } + if iv.len() != 16 { + return Err(type_error("Invalid initialization vector")); + } + Aes256Cbc(Box::new(cbc::Decryptor::new(key.into(), iv.into()))) } _ => return Err(type_error(format!("Unknown cipher {algorithm_name}"))), diff --git a/ext/node/ops/crypto/mod.rs b/ext/node/ops/crypto/mod.rs index 738437577..600d31558 100644 --- a/ext/node/ops/crypto/mod.rs +++ b/ext/node/ops/crypto/mod.rs @@ -220,13 +220,9 @@ pub fn op_node_create_cipheriv( #[string] algorithm: &str, #[buffer] key: &[u8], #[buffer] iv: &[u8], -) -> u32 { - state.resource_table.add( - match cipher::CipherContext::new(algorithm, key, iv) { - Ok(context) => context, - Err(_) => return 0, - }, - ) +) -> Result<u32, AnyError> { + let context = cipher::CipherContext::new(algorithm, key, iv)?; + Ok(state.resource_table.add(context)) } #[op2(fast)] @@ -292,13 +288,9 @@ pub fn op_node_create_decipheriv( #[string] algorithm: &str, #[buffer] key: &[u8], #[buffer] iv: &[u8], -) -> u32 { - state.resource_table.add( - match cipher::DecipherContext::new(algorithm, key, iv) { - Ok(context) => context, - Err(_) => return 0, - }, - ) +) -> Result<u32, AnyError> { + let context = cipher::DecipherContext::new(algorithm, key, iv)?; + Ok(state.resource_table.add(context)) } #[op2(fast)] |