◐ Shell
clean mode source ↗

crypto: fix behavior of createCipher in wrap mode · nodejs/node@9981220

@@ -2611,10 +2611,14 @@ void CipherBase::Init(const char* cipher_type,

26112611

iv);

2612261226132613

ctx_.reset(EVP_CIPHER_CTX_new());

2614+2615+

const int mode = EVP_CIPHER_mode(cipher);

2616+

if (mode == EVP_CIPH_WRAP_MODE)

2617+

EVP_CIPHER_CTX_set_flags(ctx_.get(), EVP_CIPHER_CTX_FLAG_WRAP_ALLOW);

2618+26142619

const bool encrypt = (kind_ == kCipher);

26152620

EVP_CipherInit_ex(ctx_.get(), cipher, nullptr, nullptr, nullptr, encrypt);

261626212617-

int mode = EVP_CIPHER_CTX_mode(ctx_.get());

26182622

if (encrypt && (mode == EVP_CIPH_CTR_MODE || mode == EVP_CIPH_GCM_MODE ||

26192623

mode == EVP_CIPH_CCM_MODE)) {

26202624

// Ignore the return value (i.e. possible exception) because we are

@@ -2624,9 +2628,6 @@ void CipherBase::Init(const char* cipher_type,

26242628

cipher_type);

26252629

}

262626302627-

if (mode == EVP_CIPH_WRAP_MODE)

2628-

EVP_CIPHER_CTX_set_flags(ctx_.get(), EVP_CIPHER_CTX_FLAG_WRAP_ALLOW);

2629-26302631

if (IsAuthenticatedMode()) {

26312632

if (!InitAuthenticated(cipher_type, EVP_CIPHER_iv_length(cipher),

26322633

auth_tag_len))