From 88bc8645e733ee3f9b86272b6c1ae9c1da7790c9 Mon Sep 17 00:00:00 2001
From: eladkeyshawn <elad.keyshawn@gmail.com>
Date: Tue, 20 Apr 2021 14:28:20 +0300
Subject: [PATCH] crypto: fix DiffieHellman `generator` validation

PR-URL: https://github.com/nodejs/node/pull/38311
Fixes: https://github.com/nodejs/node/issues/38302
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Minwoo Jung <nodecorelab@gmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
---
 lib/internal/crypto/diffiehellman.js | 4 ++--
 test/parallel/test-crypto-dh.js      | 4 ++++
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/lib/internal/crypto/diffiehellman.js b/lib/internal/crypto/diffiehellman.js
index e2106b211ba01b..2e38e95ea1d774 100644
--- a/lib/internal/crypto/diffiehellman.js
+++ b/lib/internal/crypto/diffiehellman.js
@@ -122,9 +122,9 @@ function DiffieHellman(sizeOrKey, keyEncoding, generator, genEncoding) {
     generator = DH_GENERATOR;
   } else if (typeof generator === 'number') {
     validateInt32(generator, 'generator');
-  } else if (generator !== true) {
+  } else if (typeof generator === 'string') {
     generator = toBuf(generator, genEncoding);
-  } else {
+  } else if (!isArrayBufferView(generator) && !isAnyArrayBuffer(generator)) {
     throw new ERR_INVALID_ARG_TYPE(
       'generator',
       ['number', 'string', 'ArrayBuffer', 'Buffer', 'TypedArray', 'DataView'],
diff --git a/test/parallel/test-crypto-dh.js b/test/parallel/test-crypto-dh.js
index e35585e8eb19d1..cae9301517c37c 100644
--- a/test/parallel/test-crypto-dh.js
+++ b/test/parallel/test-crypto-dh.js
@@ -495,3 +495,7 @@ assert.throws(
     code: 'ERR_INVALID_ARG_TYPE'
   }
 );
+[true, Symbol(), {}, () => {}, []].forEach((generator) => assert.throws(
+  () => crypto.createDiffieHellman('', 'base64', generator),
+  { code: 'ERR_INVALID_ARG_TYPE' }
+));