crypto: throw on invalid authentication tag length

Refs: https://github.com/nodejs/node/issues/17523 PR-URL: https://github.com/nodejs/node/pull/17825 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
2017-12-22 18:51:33 +01:00 · 2017-12-22 18:51:33 +01:00 · d81a7b4baa
commit d81a7b4baa
parent 2b0825e77f
2 changed files with 16 additions and 17 deletions
--- a/src/node_crypto.cc
+++ b/src/node_crypto.cc
@ -2912,11 +2912,10 @@ void CipherBase::SetAuthTag(const FunctionCallbackInfo<Value>& args) {
  const int mode = EVP_CIPHER_CTX_mode(cipher->ctx_);
  if (mode == EVP_CIPH_GCM_MODE) {
    if (tag_len > 16 || (tag_len < 12 && tag_len != 8 && tag_len != 4)) {
-      char msg[125];
+      char msg[50];
      snprintf(msg, sizeof(msg),
-          "Permitting authentication tag lengths of %u bytes is deprecated. "
-          "Valid GCM tag lengths are 4, 8, 12, 13, 14, 15, 16.", tag_len);
-      ProcessEmitDeprecationWarning(cipher->env(), msg, "DEP0090");
+          "Invalid GCM authentication tag length: %u", tag_len);
+      return cipher->env()->ThrowError(msg);
    }
  }

--- a/test/parallel/test-crypto-authenticated.js
+++ b/test/parallel/test-crypto-authenticated.js
@ -534,13 +534,8 @@ const expectedWarnings = common.hasFipsCrypto ?
    ['Use Cipheriv for counter mode of aes-256-ccm', common.noWarnCode]
  ];

-const expectedDeprecationWarnings = [0, 1, 2, 6, 9, 10, 11, 17]
-  .map((i) => [`Permitting authentication tag lengths of ${i} bytes is ` +
-            'deprecated. Valid GCM tag lengths are 4, 8, 12, 13, 14, 15, 16.',
-               'DEP0090']);
-
-expectedDeprecationWarnings.push(['crypto.DEFAULT_ENCODING is deprecated.',
-                                  'DEP0091']);
+const expectedDeprecationWarnings = ['crypto.DEFAULT_ENCODING is deprecated.',
+                                     'DEP0091'];

 common.expectWarning({
  Warning: expectedWarnings,
@ -719,13 +714,18 @@ for (const test of TEST_CASES) {
 }

 // GCM only supports specific authentication tag lengths, invalid lengths should
-// produce warnings.
+// throw.
 {
-  for (const length of [0, 1, 2, 4, 6, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17]) {
-    const decrypt = crypto.createDecipheriv('aes-256-gcm',
-                                            'FxLKsqdmv0E9xrQhp0b1ZgI0K7JFZJM8',
-                                            'qkuZpJWCewa6Szih');
-    decrypt.setAuthTag(Buffer.from('1'.repeat(length)));
+  for (const length of [0, 1, 2, 6, 9, 10, 11, 17]) {
+    common.expectsError(() => {
+      const decrypt = crypto.createDecipheriv('aes-128-gcm',
+                                              'FxLKsqdmv0E9xrQh',
+                                              'qkuZpJWCewa6Szih');
+      decrypt.setAuthTag(Buffer.from('1'.repeat(length)));
+    }, {
+      type: Error,
+      message: `Invalid GCM authentication tag length: ${length}`
+    });
  }
 }