tls: validate ticket keys buffer

Fixes: #38305

PR-URL: #38308
Reviewed-By: Darshan Sen <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: James M Snell <[email protected]>

Author: aduh95

doc/api/tls.md

@@ -730,7 +730,8 @@ existing server. Existing connections to the server are not interrupted.
 added: v3.0.0
 -->
 
-* `keys` {Buffer} A 48-byte buffer containing the session ticket keys.
+* `keys` {Buffer|TypedArray|DataView} A 48-byte buffer containing the session
+  ticket keys.
 
 Sets the session ticket keys.
 

lib/_tls_wrap.js

@@ -1396,6 +1396,9 @@ Server.prototype.getTicketKeys = function getTicketKeys() {
 
 
 Server.prototype.setTicketKeys = function setTicketKeys(keys) {
+  validateBuffer(keys);
+  assert(keys.byteLength === 48,
+         'Session ticket keys must be a 48-byte buffer');
   this._sharedCreds.context.setTicketKeys(keys);
 };
 

test/parallel/test-tls-ticket-invalid-arg.js

@@ -0,0 +1,24 @@
+'use strict';
+const common = require('../common');
+if (!common.hasCrypto) {
+  common.skip('missing crypto');
+}
+
+const assert = require('assert');
+const tls = require('tls');
+
+const server = new tls.Server();
+
+[null, undefined, 0, 1, 1n, Symbol(), {}, [], true, false, '', () => {}]
+  .forEach((arg) =>
+    assert.throws(
+      () => server.setTicketKeys(arg),
+      { code: 'ERR_INVALID_ARG_TYPE' }
+    ));
+
+[new Uint8Array(1), Buffer.from([1]), new DataView(new ArrayBuffer(2))].forEach(
+  (arg) =>
+    assert.throws(() => {
+      server.setTicketKeys(arg);
+    }, /Session ticket keys must be a 48-byte buffer/)
+);