language-servers/deno
1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2025-08-04 02:48:24 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

fix(ext/crypto): enforce 128bits tagLength for AES-GCM decryption (#13536)

Browse source
This commit is contained in:
Divy Srivastava 2022-01-30 18:42:29 +05:30 committed by GitHub
parent a2e4fa471b
commit efa02ffa2a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 38 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

29
cli/tests/unit/webcrypto_test.ts
View file

@ -1639,3 +1639,32 @@ Deno.test(async function testAESWrapKey() {
assertEquals(new Uint8Array(hmacKeyBytes), new Uint8Array(unwrappedKeyBytes));
});
// https://github.com/denoland/deno/issues/13534
Deno.test(async function testAesGcmTagLength() {
const key = await crypto.subtle.importKey(
"raw",
new Uint8Array(32),
"AES-GCM",
false,
["encrypt", "decrypt"],
);
const iv = crypto.getRandomValues(new Uint8Array(12));
// encrypt won't fail, it will simply truncate the tag
// as expected.
const encrypted = await crypto.subtle.encrypt(
{ name: "AES-GCM", iv, tagLength: 96, additionalData: new Uint8Array() },
key,
new Uint8Array(32),
);
await assertRejects(async () => {
await crypto.subtle.decrypt(
{ name: "AES-GCM", iv, tagLength: 96, additionalData: new Uint8Array() },
key,
encrypted,
);
});
});