fluencelabs/js-libp2p
1
0
Fork 0
mirror of https://github.com/fluencelabs/js-libp2p synced 2025-05-03 14:32:18 +00:00
Code Issues Projects Releases Wiki Activity

fix: validate createKey params properly (#26)

Browse Source 
License: MIT
Signed-off-by: Alan Shaw <alan.shaw@protocol.ai>
This commit is contained in:
Alan Shaw 2018-09-18 12:48:58 +01:00 committed by Vasco Santos
parent f95fef4ad2
commit 8dfaab1af0
2 changed files with 36 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/keychain.js
View File

@ -6,6 +6,8 @@ const deepmerge = require('lodash/merge')
const crypto = require('libp2p-crypto')
const DS = require('interface-datastore')
const pull = require('pull-stream')
const isString = require('lodash/isString')
const isSafeInteger = require('lodash/isSafeInteger')
const CMS = require('./cms')
const keyPrefix = '/pkcs8/'
@ -30,6 +32,7 @@ const defaultOptions = {
function validateKeyName (name) {
if (!name) return false
if (!isString(name)) return false
return name === sanitize(name.trim())
}
@ -182,6 +185,15 @@ class Keychain {
if (!validateKeyName(name) || name === 'self') {
return _error(callback, `Invalid key name '${name}'`)
}
if (!isString(type)) {
return _error(callback, `Invalid key type '${type}'`)
}
if (!isSafeInteger(size)) {
return _error(callback, `Invalid key size '${size}'`)
}
const dsname = DsName(name)
self.store.has(dsname, (err, exists) => {
if (err) return _error(callback, err)

24
test/keychain.spec.js
View File

@ -117,6 +117,30 @@ module.exports = (datastore1, datastore2) => {
})
})
it('should validate name is string', (done) => {
ks.createKey(5, 'rsa', 2048, (err) => {
expect(err).to.exist()
expect(err.message).to.contain('Invalid key name')
done()
})
})
it('should validate type is string', (done) => {
ks.createKey('TEST' + Date.now(), null, 2048, (err) => {
expect(err).to.exist()
expect(err.message).to.contain('Invalid key type')
done()
})
})
it('should validate size is integer', (done) => {
ks.createKey('TEST' + Date.now(), 'rsa', 'string', (err) => {
expect(err).to.exist()
expect(err.message).to.contain('Invalid key size')
done()
})
})
describe('implements NIST SP 800-131A', () => {
it('disallows RSA length < 2048', (done) => {
ks.createKey('bad-nist-rsa', 'rsa', 1024, (err) => {