crypto: improve RSA-PSS digest error messages

tniessen · RafaelGSS · commit 28781a1f7eaa · 2022-09-05T11:32:53.000-03:00
md and mgf1_md are internal variable names and should not appear in JS error messages. Also include the invalid digest name in the error message. PR-URL: #44307 Reviewed-By: Filip Skokan <panva.ip@gmail.com> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
diff --git a/src/crypto/crypto_rsa.cc b/src/crypto/crypto_rsa.cc
@@ -153,7 +153,7 @@ Maybe<bool> RsaKeyGenTraits::AdditionalConfig(
       Utf8Value digest(env->isolate(), args[*offset]);
       params->params.md = EVP_get_digestbyname(*digest);
       if (params->params.md == nullptr) {
-        THROW_ERR_CRYPTO_INVALID_DIGEST(env, "md specifies an invalid digest");
+        THROW_ERR_CRYPTO_INVALID_DIGEST(env, "Invalid digest: %s", *digest);
         return Nothing<bool>();
       }
     }
@@ -163,8 +163,8 @@ Maybe<bool> RsaKeyGenTraits::AdditionalConfig(
       Utf8Value digest(env->isolate(), args[*offset + 1]);
       params->params.mgf1_md = EVP_get_digestbyname(*digest);
       if (params->params.mgf1_md == nullptr) {
-        THROW_ERR_CRYPTO_INVALID_DIGEST(env,
-          "mgf1_md specifies an invalid digest");
+        THROW_ERR_CRYPTO_INVALID_DIGEST(
+            env, "Invalid MGF1 digest: %s", *digest);
         return Nothing<bool>();
       }
     }
diff --git a/test/parallel/test-crypto-keygen.js b/test/parallel/test-crypto-keygen.js
@@ -1661,7 +1661,7 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
   }, common.mustNotCall()), {
     name: 'TypeError',
     code: 'ERR_CRYPTO_INVALID_DIGEST',
-    message: 'md specifies an invalid digest'
+    message: 'Invalid digest: sha2'
   });
 
   assert.throws(() => generateKeyPair('rsa-pss', {
@@ -1670,7 +1670,7 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
   }, common.mustNotCall()), {
     name: 'TypeError',
     code: 'ERR_CRYPTO_INVALID_DIGEST',
-    message: 'mgf1_md specifies an invalid digest'
+    message: 'Invalid MGF1 digest: sha2'
   });
 }
 

Original file line number	Diff line number	Diff line change
`@@ -153,7 +153,7 @@ Maybe<bool> RsaKeyGenTraits::AdditionalConfig(`
`153`	`153`	`Utf8Value digest(env->isolate(), args[*offset]);`
`154`	`154`	`params->params.md = EVP_get_digestbyname(*digest);`
`155`	`155`	`if (params->params.md == nullptr) {`
`156`		`- THROW_ERR_CRYPTO_INVALID_DIGEST(env, "md specifies an invalid digest");`
	`156`	`+ THROW_ERR_CRYPTO_INVALID_DIGEST(env, "Invalid digest: %s", *digest);`
`157`	`157`	`return Nothing<bool>();`
`158`	`158`	`}`
`159`	`159`	`}`
`@@ -163,8 +163,8 @@ Maybe<bool> RsaKeyGenTraits::AdditionalConfig(`
`163`	`163`	`Utf8Value digest(env->isolate(), args[*offset + 1]);`
`164`	`164`	`params->params.mgf1_md = EVP_get_digestbyname(*digest);`
`165`	`165`	`if (params->params.mgf1_md == nullptr) {`
`166`		`- THROW_ERR_CRYPTO_INVALID_DIGEST(env,`
`167`		`- "mgf1_md specifies an invalid digest");`
	`166`	`+ THROW_ERR_CRYPTO_INVALID_DIGEST(`
	`167`	`+ env, "Invalid MGF1 digest: %s", *digest);`
`168`	`168`	`return Nothing<bool>();`
`169`	`169`	`}`
`170`	`170`	`}`