nodejs · nodejs-github-bot · Nov 27, 2021 · Nov 20, 2021
diff --git a/src/crypto/crypto_sig.cc b/src/crypto/crypto_sig.cc
@@ -12,6 +12,8 @@
 
 namespace node {
 
+using v8::ArrayBuffer;
+using v8::BackingStore;
 using v8::FunctionCallbackInfo;
 using v8::FunctionTemplate;
 using v8::HandleScope;
@@ -69,34 +71,41 @@ bool ApplyRSAOptions(const ManagedEVPPKey& pkey,
   return true;
 }
 
-AllocatedBuffer Node_SignFinal(Environment* env,
-                               EVPMDPointer&& mdctx,
-                               const ManagedEVPPKey& pkey,
-                               int padding,
-                               Maybe<int> pss_salt_len) {
+std::unique_ptr<BackingStore> Node_SignFinal(Environment* env,
+                                             EVPMDPointer&& mdctx,
+                                             const ManagedEVPPKey& pkey,
+                                             int padding,
+                                             Maybe<int> pss_salt_len) {
   unsigned char m[EVP_MAX_MD_SIZE];
   unsigned int m_len;
 
   if (!EVP_DigestFinal_ex(mdctx.get(), m, &m_len))
-    return AllocatedBuffer();
+    return nullptr;
 
   int signed_sig_len = EVP_PKEY_size(pkey.get());
   CHECK_GE(signed_sig_len, 0);
   size_t sig_len = static_cast<size_t>(signed_sig_len);
-  AllocatedBuffer sig = AllocatedBuffer::AllocateManaged(env, sig_len);
-  unsigned char* ptr = reinterpret_cast<unsigned char*>(sig.data());
-
+  std::unique_ptr<BackingStore> sig;
+  {
+    NoArrayBufferZeroFillScope no_zero_fill_scope(env->isolate_data());
+    sig = ArrayBuffer::NewBackingStore(env->isolate(), sig_len);
+  }
   EVPKeyCtxPointer pkctx(EVP_PKEY_CTX_new(pkey.get(), nullptr));
   if (pkctx &&
       EVP_PKEY_sign_init(pkctx.get()) &&
       ApplyRSAOptions(pkey, pkctx.get(), padding, pss_salt_len) &&
       EVP_PKEY_CTX_set_signature_md(pkctx.get(), EVP_MD_CTX_md(mdctx.get())) &&
-      EVP_PKEY_sign(pkctx.get(), ptr, &sig_len, m, m_len)) {
-    sig.Resize(sig_len);
+      EVP_PKEY_sign(pkctx.get(), static_cast<unsigned char*>(sig->Data()),
+                    &sig_len, m, m_len)) {
+    CHECK_LE(sig_len, sig->ByteLength());
+    if (sig_len == 0)
+      sig = ArrayBuffer::NewBackingStore(env->isolate(), 0);
+    else
+      sig = BackingStore::Reallocate(env->isolate(), std::move(sig), sig_len);
     return sig;
   }
 
-  return AllocatedBuffer();
+  return nullptr;
 }
 
 int GetDefaultSignPadding(const ManagedEVPPKey& m_pkey) {
@@ -138,20 +147,20 @@ bool ExtractP1363(
 }
 
 // Returns the maximum size of each of the integers (r, s) of the DSA signature.
-AllocatedBuffer ConvertSignatureToP1363(Environment* env,
-                                        const ManagedEVPPKey& pkey,
-                                        AllocatedBuffer&& signature) {
+std::unique_ptr<BackingStore> ConvertSignatureToP1363(Environment* env,
+    const ManagedEVPPKey& pkey, std::unique_ptr<BackingStore>&& signature) {
   unsigned int n = GetBytesOfRS(pkey);
   if (n == kNoDsaSignature)
     return std::move(signature);
 
-  const unsigned char* sig_data =
-      reinterpret_cast<unsigned char*>(signature.data());
-
-  AllocatedBuffer buf = AllocatedBuffer::AllocateManaged(env, 2 * n);
-  unsigned char* data = reinterpret_cast<unsigned char*>(buf.data());
-
-  if (!ExtractP1363(sig_data, data, signature.size(), n))
+  std::unique_ptr<BackingStore> buf;
+  {
+    NoArrayBufferZeroFillScope no_zero_fill_scope(env->isolate_data());
+    buf = ArrayBuffer::NewBackingStore(env->isolate(), 2 * n);
+  }
+  if (!ExtractP1363(static_cast<unsigned char*>(signature->Data()),
+                    static_cast<unsigned char*>(buf->Data()),
+                    signature->ByteLength(), n))
     return std::move(signature);
 
   return buf;
@@ -391,12 +400,12 @@ Sign::SignResult Sign::SignFinal(
   if (!ValidateDSAParameters(pkey.get()))
     return SignResult(kSignPrivateKey);
 
-  AllocatedBuffer buffer =
+  std::unique_ptr<BackingStore> buffer =
       Node_SignFinal(env(), std::move(mdctx), pkey, padding, salt_len);
-  Error error = buffer.data() == nullptr ? kSignPrivateKey : kSignOk;
+  Error error = buffer ? kSignOk : kSignPrivateKey;
   if (error == kSignOk && dsa_sig_enc == kSigEncP1363) {
     buffer = ConvertSignatureToP1363(env(), pkey, std::move(buffer));
-    CHECK_NOT_NULL(buffer.data());
+    CHECK_NOT_NULL(buffer->Data());
   }
   return SignResult(error, std::move(buffer));
 }
@@ -438,7 +447,10 @@ void Sign::SignFinal(const FunctionCallbackInfo<Value>& args) {
   if (ret.error != kSignOk)
     return crypto::CheckThrow(env, ret.error);
 
-  args.GetReturnValue().Set(ret.signature.ToBuffer().FromMaybe(Local<Value>()));
+  Local<ArrayBuffer> ab =
+      ArrayBuffer::New(env->isolate(), std::move(ret.signature));
+  args.GetReturnValue().Set(
+      Buffer::New(env, ab, 0, ab->ByteLength()).FromMaybe(Local<Value>()));
 }
 
 Verify::Verify(Environment* env, Local<Object> wrap)

diff --git a/src/crypto/crypto_sig.h b/src/crypto/crypto_sig.h
@@ -53,11 +53,11 @@ class Sign : public SignBase {
 
   struct SignResult {
     Error error;
-    AllocatedBuffer signature;
+    std::unique_ptr<v8::BackingStore> signature;
 
     explicit SignResult(
         Error err,
-        AllocatedBuffer&& sig = AllocatedBuffer())
+        std::unique_ptr<v8::BackingStore>&& sig = nullptr)
       : error(err), signature(std::move(sig)) {}
   };