src: refactor SubtleCrypto algorithm and length validations · nodejs/node@bf788d9

@@ -4,9 +4,7 @@ const {

44 ArrayBufferIsView,55 ArrayBufferPrototypeSlice,66 ArrayFrom,7- ArrayPrototypeIncludes,87 ArrayPrototypePush,9- MathFloor,108 PromiseReject,119 SafeSet,1210 TypedArrayPrototypeSlice,

@@ -35,10 +33,7 @@ const {

3533const {3634 hasAnyNotIn,3735 jobPromise,38- validateByteLength,3936 validateKeyOps,40- validateMaxBufferLength,41- kAesKeyLengths,4237 kHandle,4338 kKeyObject,4439} = require('internal/crypto/util');

@@ -58,7 +53,6 @@ const {

5853generateKey: _generateKey,5954} = require('internal/crypto/keygen');605561-const kTagLengths = [32, 64, 96, 104, 112, 120, 128];6256const generateKey = promisify(_generateKey);63576458function getAlgorithmName(name, length) {

@@ -108,20 +102,7 @@ function getVariant(name, length) {

108102}109103}110104111-function validateAesCtrAlgorithm(algorithm) {112-validateByteLength(algorithm.counter, 'algorithm.counter', 16);113-// The length must specify an integer between 1 and 128. While114-// there is no default, this should typically be 64.115-if (algorithm.length === 0 || algorithm.length > 128) {116-throw lazyDOMException(117-'AES-CTR algorithm.length must be between 1 and 128',118-'OperationError');119-}120-}121-122105function asyncAesCtrCipher(mode, key, data, algorithm) {123-validateAesCtrAlgorithm(algorithm);124-125106return jobPromise(() => new AESCipherJob(126107kCryptoJobAsync,127108mode,

@@ -132,12 +113,7 @@ function asyncAesCtrCipher(mode, key, data, algorithm) {

132113algorithm.length));133114}134115135-function validateAesCbcAlgorithm(algorithm) {136-validateByteLength(algorithm.iv, 'algorithm.iv', 16);137-}138-139116function asyncAesCbcCipher(mode, key, data, algorithm) {140-validateAesCbcAlgorithm(algorithm);141117return jobPromise(() => new AESCipherJob(142118kCryptoJobAsync,143119mode,

@@ -156,25 +132,10 @@ function asyncAesKwCipher(mode, key, data) {

156132getVariant('AES-KW', key.algorithm.length)));157133}158134159-function validateAesGcmAlgorithm(algorithm) {160-if (!ArrayPrototypeIncludes(kTagLengths, algorithm.tagLength)) {161-throw lazyDOMException(162-`${algorithm.tagLength} is not a valid AES-GCM tag length`,163-'OperationError');164-}165-166-validateMaxBufferLength(algorithm.iv, 'algorithm.iv');167-168-if (algorithm.additionalData !== undefined) {169-validateMaxBufferLength(algorithm.additionalData, 'algorithm.additionalData');170-}171-}172-173135function asyncAesGcmCipher(mode, key, data, algorithm) {174-algorithm.tagLength ??= 128;175-validateAesGcmAlgorithm(algorithm);136+const { tagLength = 128 } = algorithm;176137177-const tagByteLength = MathFloor(algorithm.tagLength / 8);138+const tagByteLength = tagLength / 8;178139let tag;179140switch (mode) {180141case kWebCryptoCipherDecrypt: {

@@ -220,16 +181,7 @@ function aesCipher(mode, key, data, algorithm) {

220181}221182}222183223-function validateAesGenerateKeyAlgorithm(algorithm) {224-if (!ArrayPrototypeIncludes(kAesKeyLengths, algorithm.length)) {225-throw lazyDOMException(226-'AES key length must be 128, 192, or 256 bits',227-'OperationError');228-}229-}230-231184async function aesGenerateKey(algorithm, extractable, keyUsages) {232-validateAesGenerateKeyAlgorithm(algorithm);233185const { name, length } = algorithm;234186235187const checkUsages = ['wrapKey', 'unwrapKey'];