crypto: fix crash of encrypted private key export without cipher
PR-URL: https://github.com/nodejs/node/pull/27041 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
This commit is contained in:
parent
6fb32ac255
commit
b2bb6c2b80
@ -186,14 +186,18 @@ function parseKeyEncoding(enc, keyType, isPublic, objName) {
|
||||
if (isPublic !== true) {
|
||||
({ cipher, passphrase } = enc);
|
||||
|
||||
if (!isInput && cipher != null) {
|
||||
if (typeof cipher !== 'string')
|
||||
if (!isInput) {
|
||||
if (cipher != null) {
|
||||
if (typeof cipher !== 'string')
|
||||
throw new ERR_INVALID_OPT_VALUE(option('cipher', objName), cipher);
|
||||
if (format === kKeyFormatDER &&
|
||||
(type === kKeyEncodingPKCS1 ||
|
||||
type === kKeyEncodingSEC1)) {
|
||||
throw new ERR_CRYPTO_INCOMPATIBLE_KEY_OPTIONS(
|
||||
encodingNames[type], 'does not support encryption');
|
||||
}
|
||||
} else if (passphrase !== undefined) {
|
||||
throw new ERR_INVALID_OPT_VALUE(option('cipher', objName), cipher);
|
||||
if (format === kKeyFormatDER &&
|
||||
(type === kKeyEncodingPKCS1 ||
|
||||
type === kKeyEncodingSEC1)) {
|
||||
throw new ERR_CRYPTO_INCOMPATIBLE_KEY_OPTIONS(
|
||||
encodingNames[type], 'does not support encryption');
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -244,3 +244,17 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
|
||||
assert.strictEqual(privateKey.asymmetricKeyType, 'dsa');
|
||||
assert.strictEqual(privateKey.symmetricKeySize, undefined);
|
||||
}
|
||||
|
||||
{
|
||||
// Exporting an encrypted private key requires a cipher
|
||||
const privateKey = createPrivateKey(privatePem);
|
||||
common.expectsError(() => {
|
||||
privateKey.export({
|
||||
format: 'pem', type: 'pkcs8', passphrase: 'super-secret'
|
||||
});
|
||||
}, {
|
||||
type: TypeError,
|
||||
code: 'ERR_INVALID_OPT_VALUE',
|
||||
message: 'The value "undefined" is invalid for option "cipher"'
|
||||
});
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user