foster/denoland-deno
1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2024-12-21 23:04:45 -05:00
Code Issues Packages 1 Wiki Activity

fix(ext/node): don't panic on invalid utf-8 in pem (#24303)

Browse source
This commit is contained in:
Luca Casonato 2024-06-21 12:25:07 +02:00 committed by GitHub
parent 5683ca4070
commit e6756c3e66
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 38 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
ext/node/ops/crypto/mod.rs
View file

@ -1493,8 +1493,13 @@ fn parse_private_key(
) -> Result<pkcs8::SecretDocument, AnyError> { ) -> Result<pkcs8::SecretDocument, AnyError> {
match format { match format {
"pem" => { "pem" => {
let (_, doc) = let pem = std::str::from_utf8(key).map_err(|err| {
pkcs8::SecretDocument::from_pem(std::str::from_utf8(key).unwrap())?; type_error(format!(
"Invalid PEM private key: not valid utf8 starting at byte {}",
err.valid_up_to()
))
})?;
let (_, doc) = pkcs8::SecretDocument::from_pem(pem)?;
Ok(doc) Ok(doc)
} }
"der" => { "der" => {
@ -1600,8 +1605,13 @@ fn parse_public_key(
) -> Result<pkcs8::Document, AnyError> { ) -> Result<pkcs8::Document, AnyError> {
match format { match format {
"pem" => { "pem" => {
let (label, doc) = let pem = std::str::from_utf8(key).map_err(|err| {
pkcs8::Document::from_pem(std::str::from_utf8(key).unwrap())?; type_error(format!(
"Invalid PEM private key: not valid utf8 starting at byte {}",
err.valid_up_to()
))
})?;
let (label, doc) = pkcs8::Document::from_pem(pem)?;
if label != "PUBLIC KEY" { if label != "PUBLIC KEY" {
return Err(type_error("Invalid PEM label")); return Err(type_error("Invalid PEM label"));
} }

24
tests/unit_node/crypto/crypto_key_test.ts
View file

@ -415,3 +415,27 @@ Deno.test("generate rsa export public key", async function () {
const der = publicKey.export({ format: "der", type: "spki" }); const der = publicKey.export({ format: "der", type: "spki" });
assert(der instanceof Uint8Array); assert(der instanceof Uint8Array);
}); });
Deno.test("create public key with invalid utf-8 string", function () {
// This is an invalid UTF-8 string because it contains a lone utf-16 surrogate.
const invalidPem = Buffer.from(new Uint8Array([0xE2, 0x28, 0xA1]));
assertThrows(
() => {
createPublicKey(invalidPem);
},
Error,
"not valid utf8",
);
});
Deno.test("create private key with invalid utf-8 string", function () {
// This is an invalid UTF-8 string because it contains a lone utf-16 surrogate.
const invalidPem = Buffer.from(new Uint8Array([0xE2, 0x28, 0xA1]));
assertThrows(
() => {
createPrivateKey(invalidPem);
},
Error,
"not valid utf8",
);
});