crypto: throw errors in SignTraits::DeriveBits

tniessen · danielleadams · commit e60841b598ed · 2022-01-31T22:53:49.000-05:00
Fixes: #40794 PR-URL: #40796 Reviewed-By: Filip Skokan <panva.ip@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
diff --git a/src/crypto/crypto_sig.cc b/src/crypto/crypto_sig.cc
@@ -738,19 +738,25 @@ bool SignTraits::DeriveBits(
       size_t len;
       unsigned char* data = nullptr;
       if (IsOneShot(params.key)) {
-        EVP_DigestSign(
+        if (!EVP_DigestSign(
             context.get(),
             nullptr,
             &len,
             params.data.data<unsigned char>(),
-            params.data.size());
+            params.data.size())) {
+          crypto::CheckThrow(env, SignBase::Error::kSignPrivateKey);
+          return false;
+        }
         data = MallocOpenSSL<unsigned char>(len);
-        EVP_DigestSign(
+        if (!EVP_DigestSign(
             context.get(),
             data,
             &len,
             params.data.data<unsigned char>(),
-            params.data.size());
+            params.data.size())) {
+              crypto::CheckThrow(env, SignBase::Error::kSignPrivateKey);
+              return false;
+            }
         ByteSource buf =
             ByteSource::Allocated(reinterpret_cast<char*>(data), len);
         *out = std::move(buf);
@@ -760,13 +766,16 @@ bool SignTraits::DeriveBits(
                 params.data.data<unsigned char>(),
                 params.data.size()) ||
             !EVP_DigestSignFinal(context.get(), nullptr, &len)) {
+          crypto::CheckThrow(env, SignBase::Error::kSignPrivateKey);
           return false;
         }
         data = MallocOpenSSL<unsigned char>(len);
         ByteSource buf =
             ByteSource::Allocated(reinterpret_cast<char*>(data), len);
-        if (!EVP_DigestSignFinal(context.get(), data, &len))
+        if (!EVP_DigestSignFinal(context.get(), data, &len)) {
+          crypto::CheckThrow(env, SignBase::Error::kSignPrivateKey);
           return false;
+        }
 
         if (UseP1363Encoding(params.key, params.dsa_encoding)) {
           *out = ConvertSignatureToP1363(env, params.key, buf);
diff --git a/test/parallel/test-crypto-sign-verify.js b/test/parallel/test-crypto-sign-verify.js
@@ -742,3 +742,17 @@ assert.throws(
     }
   }
 }
+
+// The sign function should not swallow OpenSSL errors.
+// Regression test for https://github.com/nodejs/node/issues/40794.
+{
+  assert.throws(() => {
+    const { privateKey } = crypto.generateKeyPairSync('rsa', {
+      modulusLength: 512
+    });
+    crypto.sign('sha512', 'message', privateKey);
+  }, {
+    code: 'ERR_OSSL_RSA_DIGEST_TOO_BIG_FOR_RSA_KEY',
+    message: /digest too big for rsa key/
+  });
+}

Original file line number	Diff line number	Diff line change
`@@ -742,3 +742,17 @@ assert.throws(`
`742`	`742`	`}`
`743`	`743`	`}`
`744`	`744`	`}`
	`745`	`+`
	`746`	`+// The sign function should not swallow OpenSSL errors.`
	`747`	`+// Regression test for https://github.com/nodejs/node/issues/40794.`
	`748`	`+{`
	`749`	`+ assert.throws(() => {`
	`750`	`+ const { privateKey } = crypto.generateKeyPairSync('rsa', {`
	`751`	`+ modulusLength: 512`
	`752`	`+ });`
	`753`	`+ crypto.sign('sha512', 'message', privateKey);`
	`754`	`+ }, {`
	`755`	`+ code: 'ERR_OSSL_RSA_DIGEST_TOO_BIG_FOR_RSA_KEY',`
	`756`	`+ message: /digest too big for rsa key/`
	`757`	`+ });`
	`758`	`+}`