crypto: fix DiffieHellman argument validation

Fixes: #37808 PR-URL: #37810 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Filip Skokan <panva.ip@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
nodejs · May 1, 2021 · 46ece20 · 46ece20
1 parent d89d55a
commit 46ece20
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 3 deletions.
diff --git a/lib/internal/crypto/diffiehellman.js b/lib/internal/crypto/diffiehellman.js
@@ -75,12 +75,20 @@ function DiffieHellman(sizeOrKey, keyEncoding, generator, genEncoding) {
   if (typeof sizeOrKey !== 'number')
     sizeOrKey = toBuf(sizeOrKey, keyEncoding);
 
-  if (!generator)
+  if (!generator) {
     generator = DH_GENERATOR;
-  else if (typeof generator === 'number')
+  } else if (typeof generator === 'number') {
     validateInt32(generator, 'generator');
-  else
+  } else if (generator !== true) {
     generator = toBuf(generator, genEncoding);
+  } else {
+    throw new ERR_INVALID_ARG_TYPE(
+      'generator',
+      ['number', 'string', 'ArrayBuffer', 'Buffer', 'TypedArray', 'DataView'],
+      generator
+    );
+  }
+
 
   this[kHandle] = new _DiffieHellman(sizeOrKey, generator);
   ObjectDefineProperty(this, 'verifyError', {

diff --git a/test/parallel/test-crypto-dh.js b/test/parallel/test-crypto-dh.js
@@ -471,3 +471,9 @@ assert.throws(
   'crypto.getDiffieHellman(\'modp1\').setPublicKey(\'\') ' +
   'failed to throw the expected error.'
 );
+assert.throws(
+  () => crypto.createDiffieHellman('', true),
+  {
+    code: 'ERR_INVALID_ARG_TYPE'
+  }
+);