From 71ceca0ffc4239b62431550b4d9952d909d342ec Mon Sep 17 00:00:00 2001
From: Luca Casonato <hello@lcas.dev>
Date: Mon, 22 Nov 2021 23:58:21 +0100
Subject: fix(ext/crypto): don't panic on decryption failure (#12840)

---
 cli/tests/unit/webcrypto_test.ts | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

(limited to 'cli/tests')

diff --git a/cli/tests/unit/webcrypto_test.ts b/cli/tests/unit/webcrypto_test.ts
index 0828f0716..b1d4e9637 100644
--- a/cli/tests/unit/webcrypto_test.ts
+++ b/cli/tests/unit/webcrypto_test.ts
@@ -690,3 +690,26 @@ unitTest(async function testAesKeyGen() {
   assertEquals(algorithm.name, "AES-GCM");
   assertEquals(algorithm.length, 256);
 });
+
+unitTest(async function testDecryptWithInvalidIntializationVector() {
+  const data = new Uint8Array([42, 42, 42, 42]);
+  const key = await crypto.subtle.generateKey(
+    { name: "AES-CBC", length: 256 },
+    true,
+    ["encrypt", "decrypt"],
+  );
+  const initVector = crypto.getRandomValues(new Uint8Array(16));
+  const encrypted = await crypto.subtle.encrypt(
+    { name: "AES-CBC", iv: initVector },
+    key,
+    data,
+  );
+  const initVector2 = crypto.getRandomValues(new Uint8Array(16));
+  assertRejects(async () => {
+    await crypto.subtle.decrypt(
+      { name: "AES-CBC", iv: initVector2 },
+      key,
+      encrypted,
+    );
+  }, DOMException);
+});
-- 
cgit v1.2.3