From 680718ccd711b2858aa2bebca51c3b805f7f56d4 Mon Sep 17 00:00:00 2001
From: Filip Skokan <panva.ip@gmail.com>
Date: Mon, 8 Aug 2022 12:06:45 +0200
Subject: [PATCH] crypto: fix webcrypto generateKey() AES key length validation
 error
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR-URL: https://github.com/nodejs/node/pull/44170
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Backport-PR-URL: https://github.com/nodejs/node/pull/44835
---
 lib/internal/crypto/aes.js             | 12 +++++-------
 test/parallel/test-webcrypto-keygen.js |  4 ++--
 2 files changed, 7 insertions(+), 9 deletions(-)

diff --git a/lib/internal/crypto/aes.js b/lib/internal/crypto/aes.js
index 324662e1f8b1b4..48cde6b31972e0 100644
--- a/lib/internal/crypto/aes.js
+++ b/lib/internal/crypto/aes.js
@@ -60,11 +60,6 @@ const {
   generateKey,
 } = require('internal/crypto/keygen');
 
-const {
-  validateInteger,
-  validateOneOf,
-} = require('internal/validators');
-
 const kMaxCounterLength = 128;
 const kTagLengths = [32, 64, 96, 104, 112, 120, 128];
 
@@ -227,8 +222,11 @@ function aesCipher(mode, key, data, algorithm) {
 
 async function aesGenerateKey(algorithm, extractable, keyUsages) {
   const { name, length } = algorithm;
-  validateInteger(length, 'algorithm.length');
-  validateOneOf(length, 'algorithm.length', kAesKeyLengths);
+  if (!ArrayPrototypeIncludes(kAesKeyLengths, length)) {
+    throw lazyDOMException(
+      'AES key length must be 128, 192, or 256 bits',
+      'OperationError');
+  }
 
   const checkUsages = ['wrapKey', 'unwrapKey'];
   if (name !== 'AES-KW')
diff --git a/test/parallel/test-webcrypto-keygen.js b/test/parallel/test-webcrypto-keygen.js
index e61d7c9b913abf..9c79e1517c07a8 100644
--- a/test/parallel/test-webcrypto-keygen.js
+++ b/test/parallel/test-webcrypto-keygen.js
@@ -512,14 +512,14 @@ const vectors = {
     [1, 100, 257].forEach(async (length) => {
       await assert.rejects(
         subtle.generateKey({ name, length }, true, usages), {
-          code: 'ERR_INVALID_ARG_VALUE'
+          name: 'OperationError'
         });
     });
 
     ['', {}, [], false, null, undefined].forEach(async (length) => {
       await assert.rejects(
         subtle.generateKey({ name, length }, true, usages), {
-          code: 'ERR_INVALID_ARG_TYPE'
+          name: 'OperationError',
         });
     });
   }