Skip to content
This repository has been archived by the owner on Jun 15, 2023. It is now read-only.

Commit

Permalink
fix: validate createKey params properly (#26)
Browse files Browse the repository at this point in the history
License: MIT
Signed-off-by: Alan Shaw <[email protected]>
  • Loading branch information
Alan Shaw authored and vasco-santos committed Sep 18, 2018
1 parent f95fef4 commit 8dfaab1
Show file tree
Hide file tree
Showing 2 changed files with 36 additions and 0 deletions.
12 changes: 12 additions & 0 deletions src/keychain.js
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@ const deepmerge = require('lodash/merge')
const crypto = require('libp2p-crypto')
const DS = require('interface-datastore')
const pull = require('pull-stream')
const isString = require('lodash/isString')
const isSafeInteger = require('lodash/isSafeInteger')
const CMS = require('./cms')

const keyPrefix = '/pkcs8/'
Expand All @@ -30,6 +32,7 @@ const defaultOptions = {

function validateKeyName (name) {
if (!name) return false
if (!isString(name)) return false
return name === sanitize(name.trim())
}

Expand Down Expand Up @@ -182,6 +185,15 @@ class Keychain {
if (!validateKeyName(name) || name === 'self') {
return _error(callback, `Invalid key name '${name}'`)
}

if (!isString(type)) {
return _error(callback, `Invalid key type '${type}'`)
}

if (!isSafeInteger(size)) {
return _error(callback, `Invalid key size '${size}'`)
}

const dsname = DsName(name)
self.store.has(dsname, (err, exists) => {
if (err) return _error(callback, err)
Expand Down
24 changes: 24 additions & 0 deletions test/keychain.spec.js
Original file line number Diff line number Diff line change
Expand Up @@ -117,6 +117,30 @@ module.exports = (datastore1, datastore2) => {
})
})

it('should validate name is string', (done) => {
ks.createKey(5, 'rsa', 2048, (err) => {
expect(err).to.exist()
expect(err.message).to.contain('Invalid key name')
done()
})
})

it('should validate type is string', (done) => {
ks.createKey('TEST' + Date.now(), null, 2048, (err) => {
expect(err).to.exist()
expect(err.message).to.contain('Invalid key type')
done()
})
})

it('should validate size is integer', (done) => {
ks.createKey('TEST' + Date.now(), 'rsa', 'string', (err) => {
expect(err).to.exist()
expect(err.message).to.contain('Invalid key size')
done()
})
})

describe('implements NIST SP 800-131A', () => {
it('disallows RSA length < 2048', (done) => {
ks.createKey('bad-nist-rsa', 'rsa', 1024, (err) => {
Expand Down

0 comments on commit 8dfaab1

Please sign in to comment.