Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto: remove arbitrary UTF16 restriction #29795

Closed
wants to merge 2 commits into from
Closed
Show file tree
Hide file tree
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 12 additions & 8 deletions doc/api/errors.md
Original file line number Diff line number Diff line change
Expand Up @@ -765,14 +765,6 @@ to enable or disable FIPS mode in the `crypto` module.
An attempt was made to enable or disable FIPS mode, but FIPS mode was not
available.

<a id="ERR_CRYPTO_HASH_DIGEST_NO_UTF16"></a>
### ERR_CRYPTO_HASH_DIGEST_NO_UTF16

The UTF-16 encoding was used with [`hash.digest()`][]. While the
`hash.digest()` method does allow an `encoding` argument to be passed in,
causing the method to return a string rather than a `Buffer`, the UTF-16
encoding (e.g. `ucs` or `utf16le`) is not supported.

<a id="ERR_CRYPTO_HASH_FINALIZED"></a>
### ERR_CRYPTO_HASH_FINALIZED

Expand Down Expand Up @@ -2078,6 +2070,18 @@ removed: v11.12.0
There was an attempt to use a `MessagePort` instance in a closed
state, usually after `.close()` has been called.

<a id="ERR_CRYPTO_HASH_DIGEST_NO_UTF16"></a>
### ERR_CRYPTO_HASH_DIGEST_NO_UTF16
<!-- YAML
added: v9.0.0
removed: REPLACME
addaleax marked this conversation as resolved.
Show resolved Hide resolved
-->

The UTF-16 encoding was used with [`hash.digest()`][]. While the
`hash.digest()` method does allow an `encoding` argument to be passed in,
causing the method to return a string rather than a `Buffer`, the UTF-16
encoding (e.g. `ucs` or `utf16le`) is not supported.

<a id="ERR_HTTP2_FRAME_ERROR"></a>
### ERR_HTTP2_FRAME_ERROR
<!-- YAML
Expand Down
6 changes: 0 additions & 6 deletions lib/internal/crypto/hash.js
Original file line number Diff line number Diff line change
Expand Up @@ -20,14 +20,12 @@ const {
const { Buffer } = require('buffer');

const {
ERR_CRYPTO_HASH_DIGEST_NO_UTF16,
ERR_CRYPTO_HASH_FINALIZED,
ERR_CRYPTO_HASH_UPDATE_FAILED,
ERR_INVALID_ARG_TYPE
} = require('internal/errors').codes;
const { validateEncoding, validateString, validateUint32 } =
require('internal/validators');
const { normalizeEncoding } = require('internal/util');
const { isArrayBufferView } = require('internal/util/types');
const LazyTransform = require('internal/streams/lazy_transform');
const kState = Symbol('kState');
Expand Down Expand Up @@ -90,8 +88,6 @@ Hash.prototype.digest = function digest(outputEncoding) {
if (state[kFinalized])
throw new ERR_CRYPTO_HASH_FINALIZED();
outputEncoding = outputEncoding || getDefaultEncoding();
if (normalizeEncoding(outputEncoding) === 'utf16le')
throw new ERR_CRYPTO_HASH_DIGEST_NO_UTF16();

// Explicit conversion for backward compatibility.
const ret = this[kHandle].digest(`${outputEncoding}`);
Expand Down Expand Up @@ -121,8 +117,6 @@ Hmac.prototype.update = Hash.prototype.update;
Hmac.prototype.digest = function digest(outputEncoding) {
const state = this[kState];
outputEncoding = outputEncoding || getDefaultEncoding();
if (normalizeEncoding(outputEncoding) === 'utf16le')
throw new ERR_CRYPTO_HASH_DIGEST_NO_UTF16();

if (state[kFinalized]) {
const buf = Buffer.from('');
Expand Down
2 changes: 0 additions & 2 deletions lib/internal/errors.js
Original file line number Diff line number Diff line change
Expand Up @@ -739,8 +739,6 @@ E('ERR_CRYPTO_FIPS_FORCED',
'Cannot set FIPS mode, it was forced with --force-fips at startup.', Error);
E('ERR_CRYPTO_FIPS_UNAVAILABLE', 'Cannot set FIPS mode in a non-FIPS build.',
Error);
E('ERR_CRYPTO_HASH_DIGEST_NO_UTF16', 'hash.digest() does not support UTF-16',
Error);
E('ERR_CRYPTO_HASH_FINALIZED', 'Digest already called', Error);
E('ERR_CRYPTO_HASH_UPDATE_FAILED', 'Hash update failed', Error);
E('ERR_CRYPTO_INCOMPATIBLE_KEY_OPTIONS', 'The selected key encoding %s %s.',
Expand Down
1 change: 0 additions & 1 deletion src/node_crypto.cc
Original file line number Diff line number Diff line change
Expand Up @@ -4628,7 +4628,6 @@ void Hmac::HmacDigest(const FunctionCallbackInfo<Value>& args) {
if (args.Length() >= 1) {
encoding = ParseEncoding(env->isolate(), args[0], BUFFER);
}
CHECK_NE(encoding, UCS2); // Digest does not support UTF-16

unsigned char md_value[EVP_MAX_MD_SIZE];
unsigned int md_len = 0;
Expand Down
10 changes: 3 additions & 7 deletions test/parallel/test-crypto-hash.js
Original file line number Diff line number Diff line change
Expand Up @@ -161,13 +161,9 @@ common.expectsError(
type: Error
});

common.expectsError(
() => crypto.createHash('sha256').digest('ucs2'),
{
code: 'ERR_CRYPTO_HASH_DIGEST_NO_UTF16',
type: Error
}
);
assert.strictEqual(
crypto.createHash('sha256').update('test').digest('ucs2'),
crypto.createHash('sha256').update('test').digest().toString('ucs2'));

common.expectsError(
() => crypto.createHash(),
Expand Down
9 changes: 3 additions & 6 deletions test/parallel/test-crypto-hmac.js
Original file line number Diff line number Diff line change
Expand Up @@ -408,12 +408,9 @@ const rfc2202_sha1 = [
for (const { key, data, hmac } of rfc2202_sha1)
testHmac('sha1', key, data, hmac);

common.expectsError(
() => crypto.createHmac('sha256', 'w00t').digest('ucs2'),
{
code: 'ERR_CRYPTO_HASH_DIGEST_NO_UTF16',
type: Error
});
assert.strictEqual(
crypto.createHmac('sha256', 'w00t').digest('ucs2'),
crypto.createHmac('sha256', 'w00t').digest().toString('ucs2'));

// Check initialized -> uninitialized state transition after calling digest().
{
Expand Down