@@ -58,7 +58,6 @@ const {
58
58
generateKey : _generateKey ,
59
59
} = require ( 'internal/crypto/keygen' ) ;
60
60
61
- const kMaxCounterLength = 128 ;
62
61
const kTagLengths = [ 32 , 64 , 96 , 104 , 112 , 120 , 128 ] ;
63
62
const generateKey = promisify ( _generateKey ) ;
64
63
@@ -109,35 +108,43 @@ function getVariant(name, length) {
109
108
}
110
109
}
111
110
112
- function asyncAesCtrCipher ( mode , key , data , { counter , length } ) {
113
- validateByteLength ( counter , 'algorithm.counter' , 16 ) ;
111
+ function validateAesCtrAlgorithm ( algorithm ) {
112
+ validateByteLength ( algorithm . counter , 'algorithm.counter' , 16 ) ;
114
113
// The length must specify an integer between 1 and 128. While
115
114
// there is no default, this should typically be 64.
116
- if ( length === 0 || length > kMaxCounterLength ) {
115
+ if ( algorithm . length === 0 || algorithm . length > 128 ) {
117
116
throw lazyDOMException (
118
117
'AES-CTR algorithm.length must be between 1 and 128' ,
119
118
'OperationError' ) ;
120
119
}
120
+ }
121
+
122
+ function asyncAesCtrCipher ( mode , key , data , algorithm ) {
123
+ validateAesCtrAlgorithm ( algorithm ) ;
121
124
122
125
return jobPromise ( ( ) => new AESCipherJob (
123
126
kCryptoJobAsync ,
124
127
mode ,
125
128
key [ kKeyObject ] [ kHandle ] ,
126
129
data ,
127
130
getVariant ( 'AES-CTR' , key . algorithm . length ) ,
128
- counter ,
129
- length ) ) ;
131
+ algorithm . counter ,
132
+ algorithm . length ) ) ;
133
+ }
134
+
135
+ function validateAesCbcAlgorithm ( algorithm ) {
136
+ validateByteLength ( algorithm . iv , 'algorithm.iv' , 16 ) ;
130
137
}
131
138
132
- function asyncAesCbcCipher ( mode , key , data , { iv } ) {
133
- validateByteLength ( iv , ' algorithm.iv' , 16 ) ;
139
+ function asyncAesCbcCipher ( mode , key , data , algorithm ) {
140
+ validateAesCbcAlgorithm ( algorithm ) ;
134
141
return jobPromise ( ( ) => new AESCipherJob (
135
142
kCryptoJobAsync ,
136
143
mode ,
137
144
key [ kKeyObject ] [ kHandle ] ,
138
145
data ,
139
146
getVariant ( 'AES-CBC' , key . algorithm . length ) ,
140
- iv ) ) ;
147
+ algorithm . iv ) ) ;
141
148
}
142
149
143
150
function asyncAesKwCipher ( mode , key , data ) {
@@ -149,24 +156,25 @@ function asyncAesKwCipher(mode, key, data) {
149
156
getVariant ( 'AES-KW' , key . algorithm . length ) ) ) ;
150
157
}
151
158
152
- function asyncAesGcmCipher (
153
- mode ,
154
- key ,
155
- data ,
156
- { iv, additionalData, tagLength = 128 } ) {
157
- if ( ! ArrayPrototypeIncludes ( kTagLengths , tagLength ) ) {
158
- return PromiseReject ( lazyDOMException (
159
- `${ tagLength } is not a valid AES-GCM tag length` ,
160
- 'OperationError' ) ) ;
159
+ function validateAesGcmAlgorithm ( algorithm ) {
160
+ if ( ! ArrayPrototypeIncludes ( kTagLengths , algorithm . tagLength ) ) {
161
+ throw lazyDOMException (
162
+ `${ algorithm . tagLength } is not a valid AES-GCM tag length` ,
163
+ 'OperationError' ) ;
161
164
}
162
165
163
- validateMaxBufferLength ( iv , 'algorithm.iv' ) ;
166
+ validateMaxBufferLength ( algorithm . iv , 'algorithm.iv' ) ;
164
167
165
- if ( additionalData !== undefined ) {
166
- validateMaxBufferLength ( additionalData , 'algorithm.additionalData' ) ;
168
+ if ( algorithm . additionalData !== undefined ) {
169
+ validateMaxBufferLength ( algorithm . additionalData , 'algorithm.additionalData' ) ;
167
170
}
171
+ }
168
172
169
- const tagByteLength = MathFloor ( tagLength / 8 ) ;
173
+ function asyncAesGcmCipher ( mode , key , data , algorithm ) {
174
+ algorithm . tagLength ??= 128 ;
175
+ validateAesGcmAlgorithm ( algorithm ) ;
176
+
177
+ const tagByteLength = MathFloor ( algorithm . tagLength / 8 ) ;
170
178
let tag ;
171
179
switch ( mode ) {
172
180
case kWebCryptoCipherDecrypt : {
@@ -198,9 +206,9 @@ function asyncAesGcmCipher(
198
206
key [ kKeyObject ] [ kHandle ] ,
199
207
data ,
200
208
getVariant ( 'AES-GCM' , key . algorithm . length ) ,
201
- iv ,
209
+ algorithm . iv ,
202
210
tag ,
203
- additionalData ) ) ;
211
+ algorithm . additionalData ) ) ;
204
212
}
205
213
206
214
function aesCipher ( mode , key , data , algorithm ) {
@@ -212,13 +220,17 @@ function aesCipher(mode, key, data, algorithm) {
212
220
}
213
221
}
214
222
215
- async function aesGenerateKey ( algorithm , extractable , keyUsages ) {
216
- const { name, length } = algorithm ;
217
- if ( ! ArrayPrototypeIncludes ( kAesKeyLengths , length ) ) {
223
+ function validateAesGenerateKeyAlgorithm ( algorithm ) {
224
+ if ( ! ArrayPrototypeIncludes ( kAesKeyLengths , algorithm . length ) ) {
218
225
throw lazyDOMException (
219
226
'AES key length must be 128, 192, or 256 bits' ,
220
227
'OperationError' ) ;
221
228
}
229
+ }
230
+
231
+ async function aesGenerateKey ( algorithm , extractable , keyUsages ) {
232
+ validateAesGenerateKeyAlgorithm ( algorithm ) ;
233
+ const { name, length } = algorithm ;
222
234
223
235
const checkUsages = [ 'wrapKey' , 'unwrapKey' ] ;
224
236
if ( name !== 'AES-KW' )
0 commit comments