crypto: adjust types for getRandomValues

prevents Web Crypto API's getRandomValues from accepting DataView Fixes: https://github.com/nodejs/node/issues/41480 Refs: https://www.w3.org/TR/WebCryptoAPI/#Crypto-method-getRandomValues PR-URL: https://github.com/nodejs/node/pull/41481 Reviewed-By: Derek Lewis <DerekNonGeneric@inf.is> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Zeyu Yang <himself65@outlook.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: James M Snell <jasnell@gmail.com>
2026-01-15 12:15:26 +00:00 · 2022-01-12 00:49:56 +08:00
parent 2f1700463b
commit b8de7aa4c2
3 changed files with 10 additions and 4 deletions
--- a/doc/api/webcrypto.md
+++ b/doc/api/webcrypto.md
@@ -357,12 +357,15 @@ Provides access to the `SubtleCrypto` API.
 added: v15.0.0
 -->

-* `typedArray` {Buffer|TypedArray|DataView|ArrayBuffer}
-* Returns: {Buffer|TypedArray|DataView|ArrayBuffer} Returns `typedArray`.
+* `typedArray` {Buffer|TypedArray}
+* Returns: {Buffer|TypedArray}

 Generates cryptographically strong random values. The given `typedArray` is
 filled with random values, and a reference to `typedArray` is returned.

+The given `typedArray` must be an integer-based instance of {TypedArray},
+i.e. `Float32Array` and `Float64Array` are not accepted.
+
 An error will be thrown if the given `typedArray` is larger than 65,536 bytes.

 ### `crypto.randomUUID()`
--- a/lib/internal/crypto/random.js
+++ b/lib/internal/crypto/random.js
@@ -50,6 +50,7 @@ const {
 const {
  isArrayBufferView,
  isAnyArrayBuffer,
+  isTypedArray,
  isFloat32Array,
  isFloat64Array,
 } = require('internal/util/types');
@@ -307,7 +308,7 @@ function onJobDone(buf, callback, error) {
 // not allowed to exceed 65536 bytes, and can only
 // be an integer-type TypedArray.
 function getRandomValues(data) {
-  if (!isArrayBufferView(data) ||
+  if (!isTypedArray(data) ||
      isFloat32Array(data) ||
      isFloat64Array(data)) {
    // Ordinarily this would be an ERR_INVALID_ARG_TYPE. However,
--- a/test/parallel/test-webcrypto-random.js
+++ b/test/parallel/test-webcrypto-random.js
@@ -13,6 +13,7 @@ const { getRandomValues } = require('crypto').webcrypto;
  undefined, null, '', 1, {}, [],
  new Float32Array(1),
  new Float64Array(1),
+  new DataView(new ArrayBuffer(1)),
 ].forEach((i) => {
  assert.throws(
    () => getRandomValues(i),
@@ -32,6 +33,7 @@ const intTypedConstructors = [
  Uint8Array,
  Uint16Array,
  Uint32Array,
+  Uint8ClampedArray,
  BigInt64Array,
  BigUint64Array,
 ];
@@ -47,7 +49,7 @@ for (const ctor of intTypedConstructors) {
 {
  const buf = new Uint16Array(10);
  const before = Buffer.from(buf).toString('hex');
-  getRandomValues(new DataView(buf.buffer));
+  getRandomValues(buf);
  const after = Buffer.from(buf).toString('hex');
  assert.notStrictEqual(before, after);
 }