Nodejs/node
1
0
Fork 0
mirror of https://github.com/nodejs/node.git synced 2024-11-21 10:59:27 +00:00
Code Issues Actions 25 Packages Projects Releases Wiki Activity
5ba3b540d4
node/lib/crypto.js

377 lines
8.3 KiB
JavaScript
Raw Normal View History

meta: restore original copyright header A prior io.js era commit inappropriately removed the original copyright statements from the source. This restores those in any files still remaining from that edit. Ref: https://github.com/nodejs/TSC/issues/174 Ref: https://github.com/nodejs/node/pull/10599 PR-URL: https://github.com/nodejs/node/pull/10155 Note: This PR was required, reviewed-by and approved by the Node.js Foundation Legal Committee and the TSC. There is no `Approved-By:` meta data.
2017-01-03 21:16:48 +00:00
// Copyright Joyent, Inc. and other Node contributors.
//
// Permission is hereby granted, free of charge, to any person obtaining a
// copy of this software and associated documentation files (the
// "Software"), to deal in the Software without restriction, including
// without limitation the rights to use, copy, modify, merge, publish,
// distribute, sublicense, and/or sell copies of the Software, and to permit
// persons to whom the Software is furnished to do so, subject to the
// following conditions:
//
// The above copyright notice and this permission notice shall be included
// in all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
crypto: Add crypto.DEFAULT_ENCODING (defaults to 'buffer') This is a flag to make it easier for users to upgrade through the breaking crypto change, and easier for us to switch it back if it's a problem. Explicitly set default encoding to 'buffer' in other tests, in case it ever changes back.
2012-10-22 17:37:20 +00:00
// Note: In 0.8 and before, crypto functions all defaulted to using
// binary-encoded strings rather than buffers.
lib: turn on strict mode Turn on strict mode for the files in the lib/ directory. It helps catch bugs and can have a positive effect on performance. PR-URL: https://github.com/node-forward/node/pull/64 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Fedor Indutny <fedor@indutny.com>
2014-11-22 15:59:48 +00:00
'use strict';
lib: flatten access to primordials Store all primordials as properties of the primordials object. Static functions are prefixed by the constructor's name and prototype methods are prefixed by the constructor's name followed by "Prototype". For example: primordials.Object.keys becomes primordials.ObjectKeys. PR-URL: https://github.com/nodejs/node/pull/30610 Refs: https://github.com/nodejs/node/issues/29766 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
2019-11-22 17:04:46 +00:00
const {
ObjectDefineProperties,
tools: add lint rule to keep primordials in ASCII order PR-URL: https://github.com/nodejs/node/pull/52592 Reviewed-By: Yagiz Nizipli <yagiz.nizipli@sentry.io> Reviewed-By: Jacob Smith <jacob@frende.me> Reviewed-By: Moshe Atlow <moshe@atlow.co.il>
2024-04-21 16:53:08 +00:00
ObjectDefineProperty,
lib: flatten access to primordials Store all primordials as properties of the primordials object. Static functions are prefixed by the constructor's name and prototype methods are prefixed by the constructor's name followed by "Prototype". For example: primordials.Object.keys becomes primordials.ObjectKeys. PR-URL: https://github.com/nodejs/node/pull/30610 Refs: https://github.com/nodejs/node/issues/29766 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
2019-11-22 17:04:46 +00:00
} = primordials;
lib: enforce the use of Object from primordials PR-URL: https://github.com/nodejs/node/pull/27146 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Gus Caplan <me@gus.host>
2019-04-09 07:55:53 +00:00
crypto: refactor the crypto module * Split single monolithic file into multiple * Make Certificate methods static * Allow randomFill(Sync) to use any ArrayBufferView * Use internal/errors throughout * Improve arg validation in Hash/Hmac * Doc updates PR-URL: https://github.com/nodejs/node/pull/15231 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
2017-09-06 15:10:34 +00:00
const {
assertCrypto,
lib: add trailing commas to all public core modules PR-URL: https://github.com/nodejs/node/pull/46848 Reviewed-By: Debadree Chatterjee <debadree333@gmail.com> Reviewed-By: Moshe Atlow <moshe@atlow.co.il> Reviewed-By: Anatoli Papirovski <apapirovski@mac.com> Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Jiawen Geng <technicalcute@gmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Yongsheng Zhang <zyszys98@gmail.com>
2023-02-12 18:26:21 +00:00
deprecate,
crypto: refactor the crypto module * Split single monolithic file into multiple * Make Certificate methods static * Allow randomFill(Sync) to use any ArrayBufferView * Use internal/errors throughout * Improve arg validation in Hash/Hmac * Doc updates PR-URL: https://github.com/nodejs/node/pull/15231 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
2017-09-06 15:10:34 +00:00
} = require('internal/util');
assertCrypto();
Added default CAs, updated openssl verify behaviour, added crypto and https documentation
2010-05-04 20:49:00 +00:00
lib: port errors to new system This is a first batch of updates that touches non-underscored modules in lib. PR-URL: https://github.com/nodejs/node/pull/19034 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
2018-02-27 13:55:32 +00:00
const {
ERR_CRYPTO_FIPS_FORCED,
crypto: do not allow to call setFips from the worker thread PR-URL: https://github.com/nodejs/node/pull/43624 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Filip Skokan <panva.ip@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Richard Lau <rlau@redhat.com>
2022-07-08 10:50:24 +00:00
ERR_WORKER_UNSUPPORTED_OPERATION,
lib: port errors to new system This is a first batch of updates that touches non-underscored modules in lib. PR-URL: https://github.com/nodejs/node/pull/19034 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
2018-02-27 13:55:32 +00:00
} = require('internal/errors').codes;
src,lib: move `natives` and `constants` to `internalBinding()` Refs: https://github.com/nodejs/node/issues/22160 PR-URL: https://github.com/nodejs/node/pull/23663 Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Weijia Wang <starkwang@126.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com> Reviewed-By: Denys Otrishko <shishugi@gmail.com> Reviewed-By: Refael Ackermann <refack@gmail.com>
2018-10-14 23:41:32 +00:00
const constants = internalBinding('constants').crypto;
src: cache the result of GetOptions() in JS land Instead of calling into C++ each time we need to check the value of a command line option, cache the option map in a new `internal/options` module for faster access to the values in JS land. PR-URL: https://github.com/nodejs/node/pull/24091 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Gus Caplan <me@gus.host> Reviewed-By: Refael Ackermann <refack@gmail.com>
2018-11-04 20:52:50 +00:00
const { getOptionValue } = require('internal/options');
crypto: move typechecking for timingSafeEqual into C++ This makes the function more robust against V8 inlining. Fixes: https://github.com/nodejs/node/issues/34073 PR-URL: https://github.com/nodejs/node/pull/34141 Reviewed-By: Richard Lau <riclau@uk.ibm.com> Reviewed-By: Ujjwal Sharma <ryzokuken@disroot.org> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Zeyu Yang <himself65@outlook.com>
2020-06-30 20:36:10 +00:00
const {
getFipsCrypto,
setFipsCrypto,
timingSafeEqual,
} = internalBinding('crypto');
crypto: refactor the crypto module * Split single monolithic file into multiple * Make Certificate methods static * Allow randomFill(Sync) to use any ArrayBufferView * Use internal/errors throughout * Improve arg validation in Hash/Hmac * Doc updates PR-URL: https://github.com/nodejs/node/pull/15231 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
2017-09-06 15:10:34 +00:00
const {
crypto: add generatePrime/checkPrime APIs for generating and checking pseudo-random primes Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: https://github.com/nodejs/node/pull/36997 Reviewed-By: Tobias Nießen <tniessen@tnie.de>
2021-01-19 07:03:58 +00:00
checkPrime,
checkPrimeSync,
generatePrime,
generatePrimeSync,
crypto: refactor the crypto module * Split single monolithic file into multiple * Make Certificate methods static * Allow randomFill(Sync) to use any ArrayBufferView * Use internal/errors throughout * Improve arg validation in Hash/Hmac * Doc updates PR-URL: https://github.com/nodejs/node/pull/15231 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
2017-09-06 15:10:34 +00:00
randomBytes,
randomFill,
crypto: add randomInt function PR-URL: https://github.com/nodejs/node/pull/34600 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
2020-08-02 12:08:39 +00:00
randomFillSync,
crypto: implement randomuuid Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: https://github.com/nodejs/node/pull/36729 Reviewed-By: Сковорода Никита Андреевич <chalkerx@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Filip Skokan <panva.ip@gmail.com> Reviewed-By: Ben Coe <bencoe@gmail.com>
2021-01-02 05:59:44 +00:00
randomInt,
randomUUID,
crypto: refactor the crypto module * Split single monolithic file into multiple * Make Certificate methods static * Allow randomFill(Sync) to use any ArrayBufferView * Use internal/errors throughout * Improve arg validation in Hash/Hmac * Doc updates PR-URL: https://github.com/nodejs/node/pull/15231 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
2017-09-06 15:10:34 +00:00
} = require('internal/crypto/random');
const {
pbkdf2,
lib: add trailing commas to all public core modules PR-URL: https://github.com/nodejs/node/pull/46848 Reviewed-By: Debadree Chatterjee <debadree333@gmail.com> Reviewed-By: Moshe Atlow <moshe@atlow.co.il> Reviewed-By: Anatoli Papirovski <apapirovski@mac.com> Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Jiawen Geng <technicalcute@gmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Yongsheng Zhang <zyszys98@gmail.com>
2023-02-12 18:26:21 +00:00
pbkdf2Sync,
crypto: refactor the crypto module * Split single monolithic file into multiple * Make Certificate methods static * Allow randomFill(Sync) to use any ArrayBufferView * Use internal/errors throughout * Improve arg validation in Hash/Hmac * Doc updates PR-URL: https://github.com/nodejs/node/pull/15231 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
2017-09-06 15:10:34 +00:00
} = require('internal/crypto/pbkdf2');
crypto: add scrypt() and scryptSync() methods Scrypt is a password-based key derivation function that is designed to be expensive both computationally and memory-wise in order to make brute-force attacks unrewarding. OpenSSL has had support for the scrypt algorithm since v1.1.0. Add a Node.js API modeled after `crypto.pbkdf2()` and `crypto.pbkdf2Sync()`. Changes: * Introduce helpers for copying buffers, collecting openssl errors, etc. * Add new infrastructure for offloading crypto to a worker thread. * Add a `AsyncWrap` JS class to simplify pbkdf2(), randomBytes() and scrypt(). Fixes: https://github.com/nodejs/node/issues/8417 PR-URL: https://github.com/nodejs/node/pull/20816 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
2018-05-18 09:05:20 +00:00
const {
scrypt,
lib: add trailing commas to all public core modules PR-URL: https://github.com/nodejs/node/pull/46848 Reviewed-By: Debadree Chatterjee <debadree333@gmail.com> Reviewed-By: Moshe Atlow <moshe@atlow.co.il> Reviewed-By: Anatoli Papirovski <apapirovski@mac.com> Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Jiawen Geng <technicalcute@gmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Yongsheng Zhang <zyszys98@gmail.com>
2023-02-12 18:26:21 +00:00
scryptSync,
crypto: add scrypt() and scryptSync() methods Scrypt is a password-based key derivation function that is designed to be expensive both computationally and memory-wise in order to make brute-force attacks unrewarding. OpenSSL has had support for the scrypt algorithm since v1.1.0. Add a Node.js API modeled after `crypto.pbkdf2()` and `crypto.pbkdf2Sync()`. Changes: * Introduce helpers for copying buffers, collecting openssl errors, etc. * Add new infrastructure for offloading crypto to a worker thread. * Add a `AsyncWrap` JS class to simplify pbkdf2(), randomBytes() and scrypt(). Fixes: https://github.com/nodejs/node/issues/8417 PR-URL: https://github.com/nodejs/node/pull/20816 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
2018-05-18 09:05:20 +00:00
} = require('internal/crypto/scrypt');
crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: https://github.com/nodejs/node/pull/35093 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com>
2020-08-25 17:05:51 +00:00
const {
hkdf,
lib: add trailing commas to all public core modules PR-URL: https://github.com/nodejs/node/pull/46848 Reviewed-By: Debadree Chatterjee <debadree333@gmail.com> Reviewed-By: Moshe Atlow <moshe@atlow.co.il> Reviewed-By: Anatoli Papirovski <apapirovski@mac.com> Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Jiawen Geng <technicalcute@gmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Yongsheng Zhang <zyszys98@gmail.com>
2023-02-12 18:26:21 +00:00
hkdfSync,
crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: https://github.com/nodejs/node/pull/35093 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com>
2020-08-25 17:05:51 +00:00
} = require('internal/crypto/hkdf');
crypto: add API for key pair generation This adds support for RSA, DSA and EC key pair generation with a variety of possible output formats etc. PR-URL: https://github.com/nodejs/node/pull/22660 Fixes: https://github.com/nodejs/node/issues/15116 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
2018-09-02 15:00:01 +00:00
const {
generateKeyPair,
crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: https://github.com/nodejs/node/pull/35093 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com>
2020-08-25 17:05:51 +00:00
generateKeyPairSync,
generateKey,
generateKeySync,
crypto: add API for key pair generation This adds support for RSA, DSA and EC key pair generation with a variety of possible output formats etc. PR-URL: https://github.com/nodejs/node/pull/22660 Fixes: https://github.com/nodejs/node/issues/15116 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
2018-09-02 15:00:01 +00:00
} = require('internal/crypto/keygen');
crypto: add key object API This commit makes multiple important changes: 1. A new key object API is introduced. The KeyObject class itself is not exposed to users, instead, several new APIs can be used to construct key objects: createSecretKey, createPrivateKey and createPublicKey. The new API also allows to convert between different key formats, and even though the API itself is not compatible to the WebCrypto standard in any way, it makes interoperability much simpler. 2. Key objects can be used instead of the raw key material in all relevant crypto APIs. 3. The handling of asymmetric keys has been unified and greatly improved. Node.js now fully supports both PEM-encoded and DER-encoded public and private keys. 4. Conversions between buffers and strings have been moved to native code for sensitive data such as symmetric keys due to security considerations such as zeroing temporary buffers. 5. For compatibility with older versions of the crypto API, this change allows to specify Buffers and strings as the "passphrase" option when reading or writing an encoded key. Note that this can result in unexpected behavior if the password contains a null byte. PR-URL: https://github.com/nodejs/node/pull/24234 Reviewed-By: Refael Ackermann <refack@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
2018-09-20 17:53:44 +00:00
const {
createSecretKey,
createPublicKey,
crypto: expose KeyObject class PR-URL: https://github.com/nodejs/node/pull/26438 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
2019-03-11 20:26:22 +00:00
createPrivateKey,
KeyObject,
crypto: add key object API This commit makes multiple important changes: 1. A new key object API is introduced. The KeyObject class itself is not exposed to users, instead, several new APIs can be used to construct key objects: createSecretKey, createPrivateKey and createPublicKey. The new API also allows to convert between different key formats, and even though the API itself is not compatible to the WebCrypto standard in any way, it makes interoperability much simpler. 2. Key objects can be used instead of the raw key material in all relevant crypto APIs. 3. The handling of asymmetric keys has been unified and greatly improved. Node.js now fully supports both PEM-encoded and DER-encoded public and private keys. 4. Conversions between buffers and strings have been moved to native code for sensitive data such as symmetric keys due to security considerations such as zeroing temporary buffers. 5. For compatibility with older versions of the crypto API, this change allows to specify Buffers and strings as the "passphrase" option when reading or writing an encoded key. Note that this can result in unexpected behavior if the password contains a null byte. PR-URL: https://github.com/nodejs/node/pull/24234 Reviewed-By: Refael Ackermann <refack@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
2018-09-20 17:53:44 +00:00
} = require('internal/crypto/keys');
crypto: refactor the crypto module * Split single monolithic file into multiple * Make Certificate methods static * Allow randomFill(Sync) to use any ArrayBufferView * Use internal/errors throughout * Improve arg validation in Hash/Hmac * Doc updates PR-URL: https://github.com/nodejs/node/pull/15231 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
2017-09-06 15:10:34 +00:00
const {
DiffieHellman,
DiffieHellmanGroup,
crypto: add crypto.diffieHellman Currently, Node.js has separate (stateful) APIs for DH/ECDH, and no support for ECDH-ES. This commit adds a single stateless function to compute the DH/ECDH/ECDH-ES secret based on two KeyObjects. PR-URL: https://github.com/nodejs/node/pull/31178 Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
2020-01-03 11:01:34 +00:00
ECDH,
lib: add trailing commas to all public core modules PR-URL: https://github.com/nodejs/node/pull/46848 Reviewed-By: Debadree Chatterjee <debadree333@gmail.com> Reviewed-By: Moshe Atlow <moshe@atlow.co.il> Reviewed-By: Anatoli Papirovski <apapirovski@mac.com> Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Jiawen Geng <technicalcute@gmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Yongsheng Zhang <zyszys98@gmail.com>
2023-02-12 18:26:21 +00:00
diffieHellman,
crypto: refactor the crypto module * Split single monolithic file into multiple * Make Certificate methods static * Allow randomFill(Sync) to use any ArrayBufferView * Use internal/errors throughout * Improve arg validation in Hash/Hmac * Doc updates PR-URL: https://github.com/nodejs/node/pull/15231 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
2017-09-06 15:10:34 +00:00
} = require('internal/crypto/diffiehellman');
const {
Cipher,
Cipheriv,
Decipher,
Decipheriv,
privateDecrypt,
privateEncrypt,
publicDecrypt,
crypto: add getCipherInfo method Simple method for retrieving basic information about a cipher (such as block length, expected or default iv length, key length, etc) Signed-off-by: James M Snell <jasnell@gmail.com> Fixes: https://github.com/nodejs/node/issues/22304 PR-URL: https://github.com/nodejs/node/pull/35368 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
2020-09-27 02:20:03 +00:00
publicEncrypt,
getCipherInfo,
crypto: refactor the crypto module * Split single monolithic file into multiple * Make Certificate methods static * Allow randomFill(Sync) to use any ArrayBufferView * Use internal/errors throughout * Improve arg validation in Hash/Hmac * Doc updates PR-URL: https://github.com/nodejs/node/pull/15231 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
2017-09-06 15:10:34 +00:00
} = require('internal/crypto/cipher');
const {
Sign,
crypto: add crypto.sign() and crypto.verify() These methods are added primarily to allow signing and verifying using Ed25519 and Ed448 keys, which do not support streaming of input data. However, any key type can be used with these new APIs, to allow better performance when only signing/verifying a single chunk. Fixes: https://github.com/nodejs/node/issues/26320 PR-URL: https://github.com/nodejs/node/pull/26611 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Rod Vagg <rod@vagg.org> Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
2019-03-12 13:17:10 +00:00
signOneShot,
Verify,
lib: add trailing commas to all public core modules PR-URL: https://github.com/nodejs/node/pull/46848 Reviewed-By: Debadree Chatterjee <debadree333@gmail.com> Reviewed-By: Moshe Atlow <moshe@atlow.co.il> Reviewed-By: Anatoli Papirovski <apapirovski@mac.com> Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Jiawen Geng <technicalcute@gmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Yongsheng Zhang <zyszys98@gmail.com>
2023-02-12 18:26:21 +00:00
verifyOneShot,
crypto: refactor the crypto module * Split single monolithic file into multiple * Make Certificate methods static * Allow randomFill(Sync) to use any ArrayBufferView * Use internal/errors throughout * Improve arg validation in Hash/Hmac * Doc updates PR-URL: https://github.com/nodejs/node/pull/15231 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
2017-09-06 15:10:34 +00:00
} = require('internal/crypto/sig');
const {
Hash,
lib: add trailing commas to all public core modules PR-URL: https://github.com/nodejs/node/pull/46848 Reviewed-By: Debadree Chatterjee <debadree333@gmail.com> Reviewed-By: Moshe Atlow <moshe@atlow.co.il> Reviewed-By: Anatoli Papirovski <apapirovski@mac.com> Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Jiawen Geng <technicalcute@gmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Yongsheng Zhang <zyszys98@gmail.com>
2023-02-12 18:26:21 +00:00
Hmac,
crypto: implement crypto.hash() This patch introduces a helper crypto.hash() that computes a digest from the input at one shot. This can be 1.2-1.6x faster than the object-based createHash() for smaller inputs (<= 5MB) that are readily available (not streamed) and incur less memory overhead since no intermediate objects will be created. PR-URL: https://github.com/nodejs/node/pull/51044 Refs: https://github.com/nodejs/performance/issues/136 Reviewed-By: Vinícius Lourenço Claro Cardoso <contact@viniciusl.com.br> Reviewed-By: Yagiz Nizipli <yagiz.nizipli@sentry.io>
2024-01-05 21:17:00 +00:00
hash,
crypto: refactor the crypto module * Split single monolithic file into multiple * Make Certificate methods static * Allow randomFill(Sync) to use any ArrayBufferView * Use internal/errors throughout * Improve arg validation in Hash/Hmac * Doc updates PR-URL: https://github.com/nodejs/node/pull/15231 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
2017-09-06 15:10:34 +00:00
} = require('internal/crypto/hash');
crypto: introduce X509Certificate API Introduces the `crypto.X509Certificate` object. ```js const { X509Certificate } = require('crypto'); const x509 = new X509Certificate('{pem encoded cert}'); console.log(x509.subject); ``` Fixes: https://github.com/nodejs/node/issues/29181 Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: https://github.com/nodejs/node/pull/36804 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Filip Skokan <panva.ip@gmail.com>
2021-01-05 05:27:20 +00:00
const {
lib: add trailing commas to all public core modules PR-URL: https://github.com/nodejs/node/pull/46848 Reviewed-By: Debadree Chatterjee <debadree333@gmail.com> Reviewed-By: Moshe Atlow <moshe@atlow.co.il> Reviewed-By: Anatoli Papirovski <apapirovski@mac.com> Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Jiawen Geng <technicalcute@gmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Yongsheng Zhang <zyszys98@gmail.com>
2023-02-12 18:26:21 +00:00
X509Certificate,
crypto: introduce X509Certificate API Introduces the `crypto.X509Certificate` object. ```js const { X509Certificate } = require('crypto'); const x509 = new X509Certificate('{pem encoded cert}'); console.log(x509.subject); ``` Fixes: https://github.com/nodejs/node/issues/29181 Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: https://github.com/nodejs/node/pull/36804 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Filip Skokan <panva.ip@gmail.com>
2021-01-05 05:27:20 +00:00
} = require('internal/crypto/x509');
crypto: refactor the crypto module * Split single monolithic file into multiple * Make Certificate methods static * Allow randomFill(Sync) to use any ArrayBufferView * Use internal/errors throughout * Improve arg validation in Hash/Hmac * Doc updates PR-URL: https://github.com/nodejs/node/pull/15231 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
2017-09-06 15:10:34 +00:00
const {
getCiphers,
getCurves,
getHashes,
setEngine,
crypto: implement basic secure heap support Adds two new command line arguments: * `--secure-heap=n`, which causes node.js to initialize an openssl secure heap of `n` bytes on openssl initialization. * `--secure-heap-min=n`, which specifies the minimum allocation from the secure heap. * A new method `crypto.secureHeapUsed()` that returns details about the total and used secure heap allocation. The secure heap is an openssl feature that allows certain kinds of potentially sensitive information (such as private key BigNums) to be allocated from a dedicated memory area that is protected against pointer over- and underruns. The secure heap is a fixed size, so it's important that users pick a large enough size to cover the crypto operations they intend to utilize. The secure heap is disabled by default. Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: https://github.com/nodejs/node/pull/36779 Refs: https://github.com/nodejs/node/pull/36729 Reviewed-By: Tobias Nießen <tniessen@tnie.de>
2021-01-04 17:06:26 +00:00
secureHeapUsed,
crypto: refactor the crypto module * Split single monolithic file into multiple * Make Certificate methods static * Allow randomFill(Sync) to use any ArrayBufferView * Use internal/errors throughout * Improve arg validation in Hash/Hmac * Doc updates PR-URL: https://github.com/nodejs/node/pull/15231 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
2017-09-06 15:10:34 +00:00
} = require('internal/crypto/util');
const Certificate = require('internal/crypto/certificate');
crypto: alias webcrypto.subtle and webcrypto.getRandomValues on crypto The aliases allow code written to assume that `crypto.subtle` and `crypto.getRandomValues()` exist on the `crypto` global to just work. Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: https://github.com/nodejs/node/pull/41266 Reviewed-By: Filip Skokan <panva.ip@gmail.com> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
2021-12-27 14:48:59 +00:00
let webcrypto;
function lazyWebCrypto() {
webcrypto ??= require('internal/crypto/webcrypto');
return webcrypto;
}
crypto: do not allow to call setFips from the worker thread PR-URL: https://github.com/nodejs/node/pull/43624 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Filip Skokan <panva.ip@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Richard Lau <rlau@redhat.com>
2022-07-08 10:50:24 +00:00
let ownsProcessState;
function lazyOwnsProcessState() {
ownsProcessState ??= require('internal/worker').ownsProcessState;
return ownsProcessState;
}
crypto: make createXYZ inlineable This commit increase by around 10% hot code paths that are hitting createXYZ functions. Before this change the createXYZ called the XYZ constructor without new. PR-URL: https://github.com/nodejs/node/pull/16067 Reviewed-By: Bryan English <bryan@bryanenglish.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Yosuke Furukawa <yosuke.furukawa@gmail.com> Reviewed-By: Evan Lucas <evanlucas@me.com> Reviewed-By: Benedikt Meurer <benedikt.meurer@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Timothy Gu <timothygu99@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
2017-10-07 18:24:21 +00:00
// These helper functions are needed because the constructors can
// use new, in which case V8 cannot inline the recursive constructor call
function createHash(algorithm, options) {
return new Hash(algorithm, options);
}
function createCipheriv(cipher, key, iv, options) {
return new Cipheriv(cipher, key, iv, options);
}
function createDecipheriv(cipher, key, iv, options) {
return new Decipheriv(cipher, key, iv, options);
}
function createDiffieHellman(sizeOrKey, keyEncoding, generator, genEncoding) {
return new DiffieHellman(sizeOrKey, keyEncoding, generator, genEncoding);
}
function createDiffieHellmanGroup(name) {
return new DiffieHellmanGroup(name);
}
function createECDH(curve) {
return new ECDH(curve);
}
function createHmac(hmac, key, options) {
return new Hmac(hmac, key, options);
}
function createSign(algorithm, options) {
return new Sign(algorithm, options);
}
function createVerify(algorithm, options) {
return new Verify(algorithm, options);
}
lib: remove `env: node` in eslint config for lib files This patch removes the redundant `require-globals` custom eslint rule by removing `env: node` in the eslint config and whitelist the globals that can be accessed in native modules instead of black listing them. This makes sense for our `lib/` files because here we are creating the Node.js environment instead of running in a normal user land Node.js environment. PR-URL: https://github.com/nodejs/node/pull/27082 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
2019-04-04 03:36:41 +00:00
module.exports = {
crypto: refactor the crypto module * Split single monolithic file into multiple * Make Certificate methods static * Allow randomFill(Sync) to use any ArrayBufferView * Use internal/errors throughout * Improve arg validation in Hash/Hmac * Doc updates PR-URL: https://github.com/nodejs/node/pull/15231 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
2017-09-06 15:10:34 +00:00
// Methods
crypto: add generatePrime/checkPrime APIs for generating and checking pseudo-random primes Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: https://github.com/nodejs/node/pull/36997 Reviewed-By: Tobias Nießen <tniessen@tnie.de>
2021-01-19 07:03:58 +00:00
checkPrime,
checkPrimeSync,
crypto: make createXYZ inlineable This commit increase by around 10% hot code paths that are hitting createXYZ functions. Before this change the createXYZ called the XYZ constructor without new. PR-URL: https://github.com/nodejs/node/pull/16067 Reviewed-By: Bryan English <bryan@bryanenglish.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Yosuke Furukawa <yosuke.furukawa@gmail.com> Reviewed-By: Evan Lucas <evanlucas@me.com> Reviewed-By: Benedikt Meurer <benedikt.meurer@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Timothy Gu <timothygu99@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
2017-10-07 18:24:21 +00:00
createCipheriv,
createDecipheriv,
createDiffieHellman,
createDiffieHellmanGroup,
createECDH,
createHash,
createHmac,
crypto: add key object API This commit makes multiple important changes: 1. A new key object API is introduced. The KeyObject class itself is not exposed to users, instead, several new APIs can be used to construct key objects: createSecretKey, createPrivateKey and createPublicKey. The new API also allows to convert between different key formats, and even though the API itself is not compatible to the WebCrypto standard in any way, it makes interoperability much simpler. 2. Key objects can be used instead of the raw key material in all relevant crypto APIs. 3. The handling of asymmetric keys has been unified and greatly improved. Node.js now fully supports both PEM-encoded and DER-encoded public and private keys. 4. Conversions between buffers and strings have been moved to native code for sensitive data such as symmetric keys due to security considerations such as zeroing temporary buffers. 5. For compatibility with older versions of the crypto API, this change allows to specify Buffers and strings as the "passphrase" option when reading or writing an encoded key. Note that this can result in unexpected behavior if the password contains a null byte. PR-URL: https://github.com/nodejs/node/pull/24234 Reviewed-By: Refael Ackermann <refack@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
2018-09-20 17:53:44 +00:00
createPrivateKey,
createPublicKey,
createSecretKey,
crypto: make createXYZ inlineable This commit increase by around 10% hot code paths that are hitting createXYZ functions. Before this change the createXYZ called the XYZ constructor without new. PR-URL: https://github.com/nodejs/node/pull/16067 Reviewed-By: Bryan English <bryan@bryanenglish.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Yosuke Furukawa <yosuke.furukawa@gmail.com> Reviewed-By: Evan Lucas <evanlucas@me.com> Reviewed-By: Benedikt Meurer <benedikt.meurer@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Timothy Gu <timothygu99@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
2017-10-07 18:24:21 +00:00
createSign,
createVerify,
crypto: add crypto.diffieHellman Currently, Node.js has separate (stateful) APIs for DH/ECDH, and no support for ECDH-ES. This commit adds a single stateless function to compute the DH/ECDH/ECDH-ES secret based on two KeyObjects. PR-URL: https://github.com/nodejs/node/pull/31178 Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
2020-01-03 11:01:34 +00:00
diffieHellman,
crypto: add generatePrime/checkPrime APIs for generating and checking pseudo-random primes Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: https://github.com/nodejs/node/pull/36997 Reviewed-By: Tobias Nießen <tniessen@tnie.de>
2021-01-19 07:03:58 +00:00
generatePrime,
generatePrimeSync,
crypto: refactor the crypto module * Split single monolithic file into multiple * Make Certificate methods static * Allow randomFill(Sync) to use any ArrayBufferView * Use internal/errors throughout * Improve arg validation in Hash/Hmac * Doc updates PR-URL: https://github.com/nodejs/node/pull/15231 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
2017-09-06 15:10:34 +00:00
getCiphers,
crypto: add getCipherInfo method Simple method for retrieving basic information about a cipher (such as block length, expected or default iv length, key length, etc) Signed-off-by: James M Snell <jasnell@gmail.com> Fixes: https://github.com/nodejs/node/issues/22304 PR-URL: https://github.com/nodejs/node/pull/35368 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
2020-09-27 02:20:03 +00:00
getCipherInfo,
crypto: refactor the crypto module * Split single monolithic file into multiple * Make Certificate methods static * Allow randomFill(Sync) to use any ArrayBufferView * Use internal/errors throughout * Improve arg validation in Hash/Hmac * Doc updates PR-URL: https://github.com/nodejs/node/pull/15231 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
2017-09-06 15:10:34 +00:00
getCurves,
crypto: make createXYZ inlineable This commit increase by around 10% hot code paths that are hitting createXYZ functions. Before this change the createXYZ called the XYZ constructor without new. PR-URL: https://github.com/nodejs/node/pull/16067 Reviewed-By: Bryan English <bryan@bryanenglish.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Yosuke Furukawa <yosuke.furukawa@gmail.com> Reviewed-By: Evan Lucas <evanlucas@me.com> Reviewed-By: Benedikt Meurer <benedikt.meurer@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Timothy Gu <timothygu99@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
2017-10-07 18:24:21 +00:00
getDiffieHellman: createDiffieHellmanGroup,
crypto: refactor the crypto module * Split single monolithic file into multiple * Make Certificate methods static * Allow randomFill(Sync) to use any ArrayBufferView * Use internal/errors throughout * Improve arg validation in Hash/Hmac * Doc updates PR-URL: https://github.com/nodejs/node/pull/15231 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
2017-09-06 15:10:34 +00:00
getHashes,
crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: https://github.com/nodejs/node/pull/35093 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com>
2020-08-25 17:05:51 +00:00
hkdf,
hkdfSync,
crypto: refactor the crypto module * Split single monolithic file into multiple * Make Certificate methods static * Allow randomFill(Sync) to use any ArrayBufferView * Use internal/errors throughout * Improve arg validation in Hash/Hmac * Doc updates PR-URL: https://github.com/nodejs/node/pull/15231 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
2017-09-06 15:10:34 +00:00
pbkdf2,
pbkdf2Sync,
crypto: add API for key pair generation This adds support for RSA, DSA and EC key pair generation with a variety of possible output formats etc. PR-URL: https://github.com/nodejs/node/pull/22660 Fixes: https://github.com/nodejs/node/issues/15116 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
2018-09-02 15:00:01 +00:00
generateKeyPair,
generateKeyPairSync,
crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: https://github.com/nodejs/node/pull/35093 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com>
2020-08-25 17:05:51 +00:00
generateKey,
generateKeySync,
crypto: refactor the crypto module * Split single monolithic file into multiple * Make Certificate methods static * Allow randomFill(Sync) to use any ArrayBufferView * Use internal/errors throughout * Improve arg validation in Hash/Hmac * Doc updates PR-URL: https://github.com/nodejs/node/pull/15231 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
2017-09-06 15:10:34 +00:00
privateDecrypt,
privateEncrypt,
publicDecrypt,
publicEncrypt,
randomBytes,
randomFill,
randomFillSync,
crypto: add randomInt function PR-URL: https://github.com/nodejs/node/pull/34600 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
2020-08-02 12:08:39 +00:00
randomInt,
crypto: implement randomuuid Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: https://github.com/nodejs/node/pull/36729 Reviewed-By: Сковорода Никита Андреевич <chalkerx@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Filip Skokan <panva.ip@gmail.com> Reviewed-By: Ben Coe <bencoe@gmail.com>
2021-01-02 05:59:44 +00:00
randomUUID,
crypto: add scrypt() and scryptSync() methods Scrypt is a password-based key derivation function that is designed to be expensive both computationally and memory-wise in order to make brute-force attacks unrewarding. OpenSSL has had support for the scrypt algorithm since v1.1.0. Add a Node.js API modeled after `crypto.pbkdf2()` and `crypto.pbkdf2Sync()`. Changes: * Introduce helpers for copying buffers, collecting openssl errors, etc. * Add new infrastructure for offloading crypto to a worker thread. * Add a `AsyncWrap` JS class to simplify pbkdf2(), randomBytes() and scrypt(). Fixes: https://github.com/nodejs/node/issues/8417 PR-URL: https://github.com/nodejs/node/pull/20816 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
2018-05-18 09:05:20 +00:00
scrypt,
scryptSync,
crypto: add crypto.sign() and crypto.verify() These methods are added primarily to allow signing and verifying using Ed25519 and Ed448 keys, which do not support streaming of input data. However, any key type can be used with these new APIs, to allow better performance when only signing/verifying a single chunk. Fixes: https://github.com/nodejs/node/issues/26320 PR-URL: https://github.com/nodejs/node/pull/26611 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Rod Vagg <rod@vagg.org> Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
2019-03-12 13:17:10 +00:00
sign: signOneShot,
crypto: refactor the crypto module * Split single monolithic file into multiple * Make Certificate methods static * Allow randomFill(Sync) to use any ArrayBufferView * Use internal/errors throughout * Improve arg validation in Hash/Hmac * Doc updates PR-URL: https://github.com/nodejs/node/pull/15231 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
2017-09-06 15:10:34 +00:00
setEngine,
timingSafeEqual,
src: include crypto in the bootstrap snapshot To lazy load the run time options, the following properties are updated from value properties to accessor properties whose getter would turn them back to a value properties upon the initial access. - crypto.constants.defaultCipherList - crypto.pseudoRandomBytes - crypto.prng - crypto.rng PR-URL: https://github.com/nodejs/node/pull/42203 Refs: https://github.com/nodejs/node/issues/37476 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Bradley Farias <bradley.meck@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
2022-03-03 18:18:56 +00:00
getFips,
setFips,
crypto: add crypto.sign() and crypto.verify() These methods are added primarily to allow signing and verifying using Ed25519 and Ed448 keys, which do not support streaming of input data. However, any key type can be used with these new APIs, to allow better performance when only signing/verifying a single chunk. Fixes: https://github.com/nodejs/node/issues/26320 PR-URL: https://github.com/nodejs/node/pull/26611 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Rod Vagg <rod@vagg.org> Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
2019-03-12 13:17:10 +00:00
verify: verifyOneShot,
crypto: implement crypto.hash() This patch introduces a helper crypto.hash() that computes a digest from the input at one shot. This can be 1.2-1.6x faster than the object-based createHash() for smaller inputs (<= 5MB) that are readily available (not streamed) and incur less memory overhead since no intermediate objects will be created. PR-URL: https://github.com/nodejs/node/pull/51044 Refs: https://github.com/nodejs/performance/issues/136 Reviewed-By: Vinícius Lourenço Claro Cardoso <contact@viniciusl.com.br> Reviewed-By: Yagiz Nizipli <yagiz.nizipli@sentry.io>
2024-01-05 21:17:00 +00:00
hash,
crypto: refactor the crypto module * Split single monolithic file into multiple * Make Certificate methods static * Allow randomFill(Sync) to use any ArrayBufferView * Use internal/errors throughout * Improve arg validation in Hash/Hmac * Doc updates PR-URL: https://github.com/nodejs/node/pull/15231 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
2017-09-06 15:10:34 +00:00
// Classes
Certificate,
Cipher,
Cipheriv,
Decipher,
Decipheriv,
DiffieHellman,
DiffieHellmanGroup,
crypto: expose ECDH class For consistency with the rest of the crypto classes, exposes the ECDH class. Originally, only the createECDH function was exposed, and there was no real reason to hide the class. PR-URL: https://github.com/nodejs/node/pull/8188 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com>
2016-08-19 20:56:58 +00:00
ECDH,
crypto: runtime deprecate Hash constructor PR-URL: https://github.com/nodejs/node/pull/51880 Reviewed-By: Yagiz Nizipli <yagiz.nizipli@sentry.io> Reviewed-By: Filip Skokan <panva.ip@gmail.com> Reviewed-By: Paolo Insogna <paolo@cowtech.it> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
2024-03-12 07:58:03 +00:00
Hash: deprecate(Hash, 'crypto.Hash constructor is deprecated.', 'DEP0179'),
crypto: runtime deprecate hmac constructor PR-URL: https://github.com/nodejs/node/pull/52071 Reviewed-By: Yagiz Nizipli <yagiz.nizipli@sentry.io> Reviewed-By: Paolo Insogna <paolo@cowtech.it>
2024-03-20 16:20:05 +00:00
Hmac: deprecate(Hmac, 'crypto.Hmac constructor is deprecated.', 'DEP0181'),
crypto: expose KeyObject class PR-URL: https://github.com/nodejs/node/pull/26438 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
2019-03-11 20:26:22 +00:00
KeyObject,
crypto: refactor the crypto module * Split single monolithic file into multiple * Make Certificate methods static * Allow randomFill(Sync) to use any ArrayBufferView * Use internal/errors throughout * Improve arg validation in Hash/Hmac * Doc updates PR-URL: https://github.com/nodejs/node/pull/15231 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
2017-09-06 15:10:34 +00:00
Sign,
crypto: introduce X509Certificate API Introduces the `crypto.X509Certificate` object. ```js const { X509Certificate } = require('crypto'); const x509 = new X509Certificate('{pem encoded cert}'); console.log(x509.subject); ``` Fixes: https://github.com/nodejs/node/issues/29181 Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: https://github.com/nodejs/node/pull/36804 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Filip Skokan <panva.ip@gmail.com>
2021-01-05 05:27:20 +00:00
Verify,
X509Certificate,
crypto: implement basic secure heap support Adds two new command line arguments: * `--secure-heap=n`, which causes node.js to initialize an openssl secure heap of `n` bytes on openssl initialization. * `--secure-heap-min=n`, which specifies the minimum allocation from the secure heap. * A new method `crypto.secureHeapUsed()` that returns details about the total and used secure heap allocation. The secure heap is an openssl feature that allows certain kinds of potentially sensitive information (such as private key BigNums) to be allocated from a dedicated memory area that is protected against pointer over- and underruns. The secure heap is a fixed size, so it's important that users pick a large enough size to cover the crypto operations they intend to utilize. The secure heap is disabled by default. Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: https://github.com/nodejs/node/pull/36779 Refs: https://github.com/nodejs/node/pull/36729 Reviewed-By: Tobias Nießen <tniessen@tnie.de>
2021-01-04 17:06:26 +00:00
secureHeapUsed,
crypto: refactor the crypto module * Split single monolithic file into multiple * Make Certificate methods static * Allow randomFill(Sync) to use any ArrayBufferView * Use internal/errors throughout * Improve arg validation in Hash/Hmac * Doc updates PR-URL: https://github.com/nodejs/node/pull/15231 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
2017-09-06 15:10:34 +00:00
};
src: include crypto in the bootstrap snapshot To lazy load the run time options, the following properties are updated from value properties to accessor properties whose getter would turn them back to a value properties upon the initial access. - crypto.constants.defaultCipherList - crypto.pseudoRandomBytes - crypto.prng - crypto.rng PR-URL: https://github.com/nodejs/node/pull/42203 Refs: https://github.com/nodejs/node/issues/37476 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Bradley Farias <bradley.meck@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
2022-03-03 18:18:56 +00:00
function getFips() {
return getOptionValue('--force-fips') ? 1 : getFipsCrypto();
crypto: migrate setFipsCrypto to internal/errors With the exception of ThrowCryptoError, use internal/errors to report fips unavailable or forced PR-URL: https://github.com/nodejs/node/pull/16428 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
2017-10-24 05:44:52 +00:00
}
src: include crypto in the bootstrap snapshot To lazy load the run time options, the following properties are updated from value properties to accessor properties whose getter would turn them back to a value properties upon the initial access. - crypto.constants.defaultCipherList - crypto.pseudoRandomBytes - crypto.prng - crypto.rng PR-URL: https://github.com/nodejs/node/pull/42203 Refs: https://github.com/nodejs/node/issues/37476 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Bradley Farias <bradley.meck@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
2022-03-03 18:18:56 +00:00
function setFips(val) {
if (getOptionValue('--force-fips')) {
if (val) return;
throw new ERR_CRYPTO_FIPS_FORCED();
} else {
crypto: do not allow to call setFips from the worker thread PR-URL: https://github.com/nodejs/node/pull/43624 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Filip Skokan <panva.ip@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Richard Lau <rlau@redhat.com>
2022-07-08 10:50:24 +00:00
if (!lazyOwnsProcessState()) {
throw new ERR_WORKER_UNSUPPORTED_OPERATION('Calling crypto.setFips()');
}
src: include crypto in the bootstrap snapshot To lazy load the run time options, the following properties are updated from value properties to accessor properties whose getter would turn them back to a value properties upon the initial access. - crypto.constants.defaultCipherList - crypto.pseudoRandomBytes - crypto.prng - crypto.rng PR-URL: https://github.com/nodejs/node/pull/42203 Refs: https://github.com/nodejs/node/issues/37476 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Bradley Farias <bradley.meck@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
2022-03-03 18:18:56 +00:00
setFipsCrypto(val);
}
crypto: migrate setFipsCrypto to internal/errors With the exception of ThrowCryptoError, use internal/errors to report fips unavailable or forced PR-URL: https://github.com/nodejs/node/pull/16428 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
2017-10-24 05:44:52 +00:00
}
crypto: clarify `require("crypto").getRandomValues` is Node.js specific Refs: https://github.com/nodejs/node/pull/41779 Refs: https://github.com/nodejs/node/pull/41760 PR-URL: https://github.com/nodejs/node/pull/41782 Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
2022-02-22 16:51:50 +00:00
function getRandomValues(array) {
return lazyWebCrypto().crypto.getRandomValues(array);
}
tls: provide default cipher list from command line Avoid storing data that depends on command line options on internal bindings. This is generally a cleaner way of accessing CLI options. PR-URL: https://github.com/nodejs/node/pull/32760 Reviewed-By: Richard Lau <riclau@uk.ibm.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: David Carlier <devnexen@gmail.com>
2020-04-10 11:04:10 +00:00
ObjectDefineProperty(constants, 'defaultCipherList', {
lib: use null-prototype objects for property descriptors Refs: https://github.com/nodejs/node/pull/42921 PR-URL: https://github.com/nodejs/node/pull/43270 Reviewed-By: Paolo Insogna <paolo@cowtech.it> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Chengzhong Wu <legendecas@gmail.com> Reviewed-By: Minwoo Jung <nodecorelab@gmail.com>
2022-06-03 08:23:58 +00:00
__proto__: null,
src: include crypto in the bootstrap snapshot To lazy load the run time options, the following properties are updated from value properties to accessor properties whose getter would turn them back to a value properties upon the initial access. - crypto.constants.defaultCipherList - crypto.pseudoRandomBytes - crypto.prng - crypto.rng PR-URL: https://github.com/nodejs/node/pull/42203 Refs: https://github.com/nodejs/node/issues/37476 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Bradley Farias <bradley.meck@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
2022-03-03 18:18:56 +00:00
get() {
const value = getOptionValue('--tls-cipher-list');
ObjectDefineProperty(this, 'defaultCipherList', {
lib: use null-prototype objects for property descriptors Refs: https://github.com/nodejs/node/pull/42921 PR-URL: https://github.com/nodejs/node/pull/43270 Reviewed-By: Paolo Insogna <paolo@cowtech.it> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Chengzhong Wu <legendecas@gmail.com> Reviewed-By: Minwoo Jung <nodecorelab@gmail.com>
2022-06-03 08:23:58 +00:00
__proto__: null,
src: include crypto in the bootstrap snapshot To lazy load the run time options, the following properties are updated from value properties to accessor properties whose getter would turn them back to a value properties upon the initial access. - crypto.constants.defaultCipherList - crypto.pseudoRandomBytes - crypto.prng - crypto.rng PR-URL: https://github.com/nodejs/node/pull/42203 Refs: https://github.com/nodejs/node/issues/37476 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Bradley Farias <bradley.meck@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
2022-03-03 18:18:56 +00:00
writable: true,
configurable: true,
enumerable: true,
lib: add trailing commas to all public core modules PR-URL: https://github.com/nodejs/node/pull/46848 Reviewed-By: Debadree Chatterjee <debadree333@gmail.com> Reviewed-By: Moshe Atlow <moshe@atlow.co.il> Reviewed-By: Anatoli Papirovski <apapirovski@mac.com> Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Jiawen Geng <technicalcute@gmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Yongsheng Zhang <zyszys98@gmail.com>
2023-02-12 18:26:21 +00:00
value,
src: include crypto in the bootstrap snapshot To lazy load the run time options, the following properties are updated from value properties to accessor properties whose getter would turn them back to a value properties upon the initial access. - crypto.constants.defaultCipherList - crypto.pseudoRandomBytes - crypto.prng - crypto.rng PR-URL: https://github.com/nodejs/node/pull/42203 Refs: https://github.com/nodejs/node/issues/37476 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Bradley Farias <bradley.meck@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
2022-03-03 18:18:56 +00:00
});
return value;
},
set(val) {
ObjectDefineProperty(this, 'defaultCipherList', {
lib: use null-prototype objects for property descriptors Refs: https://github.com/nodejs/node/pull/42921 PR-URL: https://github.com/nodejs/node/pull/43270 Reviewed-By: Paolo Insogna <paolo@cowtech.it> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Chengzhong Wu <legendecas@gmail.com> Reviewed-By: Minwoo Jung <nodecorelab@gmail.com>
2022-06-03 08:23:58 +00:00
__proto__: null,
src: include crypto in the bootstrap snapshot To lazy load the run time options, the following properties are updated from value properties to accessor properties whose getter would turn them back to a value properties upon the initial access. - crypto.constants.defaultCipherList - crypto.pseudoRandomBytes - crypto.prng - crypto.rng PR-URL: https://github.com/nodejs/node/pull/42203 Refs: https://github.com/nodejs/node/issues/37476 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Bradley Farias <bradley.meck@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
2022-03-03 18:18:56 +00:00
writable: true,
configurable: true,
enumerable: true,
lib: add trailing commas to all public core modules PR-URL: https://github.com/nodejs/node/pull/46848 Reviewed-By: Debadree Chatterjee <debadree333@gmail.com> Reviewed-By: Moshe Atlow <moshe@atlow.co.il> Reviewed-By: Anatoli Papirovski <apapirovski@mac.com> Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Jiawen Geng <technicalcute@gmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Yongsheng Zhang <zyszys98@gmail.com>
2023-02-12 18:26:21 +00:00
value: val,
src: include crypto in the bootstrap snapshot To lazy load the run time options, the following properties are updated from value properties to accessor properties whose getter would turn them back to a value properties upon the initial access. - crypto.constants.defaultCipherList - crypto.pseudoRandomBytes - crypto.prng - crypto.rng PR-URL: https://github.com/nodejs/node/pull/42203 Refs: https://github.com/nodejs/node/issues/37476 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Bradley Farias <bradley.meck@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
2022-03-03 18:18:56 +00:00
});
},
configurable: true,
enumerable: true,
tls: provide default cipher list from command line Avoid storing data that depends on command line options on internal bindings. This is generally a cleaner way of accessing CLI options. PR-URL: https://github.com/nodejs/node/pull/32760 Reviewed-By: Richard Lau <riclau@uk.ibm.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: David Carlier <devnexen@gmail.com>
2020-04-10 11:04:10 +00:00
});
src: include crypto in the bootstrap snapshot To lazy load the run time options, the following properties are updated from value properties to accessor properties whose getter would turn them back to a value properties upon the initial access. - crypto.constants.defaultCipherList - crypto.pseudoRandomBytes - crypto.prng - crypto.rng PR-URL: https://github.com/nodejs/node/pull/42203 Refs: https://github.com/nodejs/node/issues/37476 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Bradley Farias <bradley.meck@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
2022-03-03 18:18:56 +00:00
function getRandomBytesAlias(key) {
return {
enumerable: false,
configurable: true,
get() {
let value;
if (getOptionValue('--pending-deprecation')) {
value = deprecate(
randomBytes,
`crypto.${key} is deprecated.`,
'DEP0115');
} else {
value = randomBytes;
}
ObjectDefineProperty(
this,
key,
{
lib: use null-prototype objects for property descriptors Refs: https://github.com/nodejs/node/pull/42921 PR-URL: https://github.com/nodejs/node/pull/43270 Reviewed-By: Paolo Insogna <paolo@cowtech.it> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Chengzhong Wu <legendecas@gmail.com> Reviewed-By: Minwoo Jung <nodecorelab@gmail.com>
2022-06-03 08:23:58 +00:00
__proto__: null,
src: include crypto in the bootstrap snapshot To lazy load the run time options, the following properties are updated from value properties to accessor properties whose getter would turn them back to a value properties upon the initial access. - crypto.constants.defaultCipherList - crypto.pseudoRandomBytes - crypto.prng - crypto.rng PR-URL: https://github.com/nodejs/node/pull/42203 Refs: https://github.com/nodejs/node/issues/37476 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Bradley Farias <bradley.meck@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
2022-03-03 18:18:56 +00:00
enumerable: false,
configurable: true,
writable: true,
lib: add trailing commas to all public core modules PR-URL: https://github.com/nodejs/node/pull/46848 Reviewed-By: Debadree Chatterjee <debadree333@gmail.com> Reviewed-By: Moshe Atlow <moshe@atlow.co.il> Reviewed-By: Anatoli Papirovski <apapirovski@mac.com> Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Jiawen Geng <technicalcute@gmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Yongsheng Zhang <zyszys98@gmail.com>
2023-02-12 18:26:21 +00:00
value: value,
lib: enforce use of trailing commas for functions PR-URL: https://github.com/nodejs/node/pull/46629 Reviewed-By: Jacob Smith <jacob@frende.me> Reviewed-By: Geoffrey Booth <webadmin@geoffreybooth.com> Reviewed-By: Chengzhong Wu <legendecas@gmail.com> Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
2023-02-14 17:45:16 +00:00
},
src: include crypto in the bootstrap snapshot To lazy load the run time options, the following properties are updated from value properties to accessor properties whose getter would turn them back to a value properties upon the initial access. - crypto.constants.defaultCipherList - crypto.pseudoRandomBytes - crypto.prng - crypto.rng PR-URL: https://github.com/nodejs/node/pull/42203 Refs: https://github.com/nodejs/node/issues/37476 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Bradley Farias <bradley.meck@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
2022-03-03 18:18:56 +00:00
);
return value;
},
set(value) {
ObjectDefineProperty(
this,
key,
{
lib: use null-prototype objects for property descriptors Refs: https://github.com/nodejs/node/pull/42921 PR-URL: https://github.com/nodejs/node/pull/43270 Reviewed-By: Paolo Insogna <paolo@cowtech.it> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Chengzhong Wu <legendecas@gmail.com> Reviewed-By: Minwoo Jung <nodecorelab@gmail.com>
2022-06-03 08:23:58 +00:00
__proto__: null,
src: include crypto in the bootstrap snapshot To lazy load the run time options, the following properties are updated from value properties to accessor properties whose getter would turn them back to a value properties upon the initial access. - crypto.constants.defaultCipherList - crypto.pseudoRandomBytes - crypto.prng - crypto.rng PR-URL: https://github.com/nodejs/node/pull/42203 Refs: https://github.com/nodejs/node/issues/37476 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Bradley Farias <bradley.meck@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
2022-03-03 18:18:56 +00:00
enumerable: true,
configurable: true,
writable: true,
lib: add trailing commas to all public core modules PR-URL: https://github.com/nodejs/node/pull/46848 Reviewed-By: Debadree Chatterjee <debadree333@gmail.com> Reviewed-By: Moshe Atlow <moshe@atlow.co.il> Reviewed-By: Anatoli Papirovski <apapirovski@mac.com> Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Jiawen Geng <technicalcute@gmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Yongsheng Zhang <zyszys98@gmail.com>
2023-02-12 18:26:21 +00:00
value,
lib: enforce use of trailing commas for functions PR-URL: https://github.com/nodejs/node/pull/46629 Reviewed-By: Jacob Smith <jacob@frende.me> Reviewed-By: Geoffrey Booth <webadmin@geoffreybooth.com> Reviewed-By: Chengzhong Wu <legendecas@gmail.com> Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
2023-02-14 17:45:16 +00:00
},
src: include crypto in the bootstrap snapshot To lazy load the run time options, the following properties are updated from value properties to accessor properties whose getter would turn them back to a value properties upon the initial access. - crypto.constants.defaultCipherList - crypto.pseudoRandomBytes - crypto.prng - crypto.rng PR-URL: https://github.com/nodejs/node/pull/42203 Refs: https://github.com/nodejs/node/issues/37476 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Bradley Farias <bradley.meck@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
2022-03-03 18:18:56 +00:00
);
lib: add trailing commas to all public core modules PR-URL: https://github.com/nodejs/node/pull/46848 Reviewed-By: Debadree Chatterjee <debadree333@gmail.com> Reviewed-By: Moshe Atlow <moshe@atlow.co.il> Reviewed-By: Anatoli Papirovski <apapirovski@mac.com> Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Jiawen Geng <technicalcute@gmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Yongsheng Zhang <zyszys98@gmail.com>
2023-02-12 18:26:21 +00:00
},
src: include crypto in the bootstrap snapshot To lazy load the run time options, the following properties are updated from value properties to accessor properties whose getter would turn them back to a value properties upon the initial access. - crypto.constants.defaultCipherList - crypto.pseudoRandomBytes - crypto.prng - crypto.rng PR-URL: https://github.com/nodejs/node/pull/42203 Refs: https://github.com/nodejs/node/issues/37476 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Bradley Farias <bradley.meck@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
2022-03-03 18:18:56 +00:00
};
}
lib: flatten access to primordials Store all primordials as properties of the primordials object. Static functions are prefixed by the constructor's name and prototype methods are prefixed by the constructor's name followed by "Prototype". For example: primordials.Object.keys becomes primordials.ObjectKeys. PR-URL: https://github.com/nodejs/node/pull/30610 Refs: https://github.com/nodejs/node/issues/29766 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
2019-11-22 17:04:46 +00:00
ObjectDefineProperties(module.exports, {
crypto: refactor the crypto module * Split single monolithic file into multiple * Make Certificate methods static * Allow randomFill(Sync) to use any ArrayBufferView * Use internal/errors throughout * Improve arg validation in Hash/Hmac * Doc updates PR-URL: https://github.com/nodejs/node/pull/15231 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
2017-09-06 15:10:34 +00:00
fips: {
lib: use null-prototype objects for property descriptors Refs: https://github.com/nodejs/node/pull/42921 PR-URL: https://github.com/nodejs/node/pull/43270 Reviewed-By: Paolo Insogna <paolo@cowtech.it> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Chengzhong Wu <legendecas@gmail.com> Reviewed-By: Minwoo Jung <nodecorelab@gmail.com>
2022-06-03 08:23:58 +00:00
__proto__: null,
crypto: runtime deprecate crypto.fips PR-URL: https://github.com/nodejs/node/pull/55019 Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Richard Lau <rlau@redhat.com>
2024-09-25 22:31:03 +00:00
get: deprecate(getFips, 'The crypto.fips is deprecated. ' +
'Please use crypto.getFips()', 'DEP0093'),
set: deprecate(setFips, 'The crypto.fips is deprecated. ' +
'Please use crypto.setFips()', 'DEP0093'),
crypto: refactor the crypto module * Split single monolithic file into multiple * Make Certificate methods static * Allow randomFill(Sync) to use any ArrayBufferView * Use internal/errors throughout * Improve arg validation in Hash/Hmac * Doc updates PR-URL: https://github.com/nodejs/node/pull/15231 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
2017-09-06 15:10:34 +00:00
},
constants: {
lib: use null-prototype objects for property descriptors Refs: https://github.com/nodejs/node/pull/42921 PR-URL: https://github.com/nodejs/node/pull/43270 Reviewed-By: Paolo Insogna <paolo@cowtech.it> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Chengzhong Wu <legendecas@gmail.com> Reviewed-By: Minwoo Jung <nodecorelab@gmail.com>
2022-06-03 08:23:58 +00:00
__proto__: null,
crypto: refactor the crypto module * Split single monolithic file into multiple * Make Certificate methods static * Allow randomFill(Sync) to use any ArrayBufferView * Use internal/errors throughout * Improve arg validation in Hash/Hmac * Doc updates PR-URL: https://github.com/nodejs/node/pull/15231 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
2017-09-06 15:10:34 +00:00
configurable: false,
crypto: allow custom generator for DiffieHellman
2014-02-18 01:57:08 +00:00
enumerable: true,
lib: add trailing commas to all public core modules PR-URL: https://github.com/nodejs/node/pull/46848 Reviewed-By: Debadree Chatterjee <debadree333@gmail.com> Reviewed-By: Moshe Atlow <moshe@atlow.co.il> Reviewed-By: Anatoli Papirovski <apapirovski@mac.com> Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Jiawen Geng <technicalcute@gmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Yongsheng Zhang <zyszys98@gmail.com>
2023-02-12 18:26:21 +00:00
value: constants,
crypto: deprecate aliases for randomBytes PR-URL: https://github.com/nodejs/node/pull/22519 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
2018-08-25 10:04:35 +00:00
},
crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: https://github.com/nodejs/node/pull/35093 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com>
2020-08-25 17:05:51 +00:00
webcrypto: {
lib: use null-prototype objects for property descriptors Refs: https://github.com/nodejs/node/pull/42921 PR-URL: https://github.com/nodejs/node/pull/43270 Reviewed-By: Paolo Insogna <paolo@cowtech.it> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Chengzhong Wu <legendecas@gmail.com> Reviewed-By: Minwoo Jung <nodecorelab@gmail.com>
2022-06-03 08:23:58 +00:00
__proto__: null,
crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: https://github.com/nodejs/node/pull/35093 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com>
2020-08-25 17:05:51 +00:00
configurable: false,
enumerable: true,
crypto: alias webcrypto.subtle and webcrypto.getRandomValues on crypto The aliases allow code written to assume that `crypto.subtle` and `crypto.getRandomValues()` exist on the `crypto` global to just work. Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: https://github.com/nodejs/node/pull/41266 Reviewed-By: Filip Skokan <panva.ip@gmail.com> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
2021-12-27 14:48:59 +00:00
get() { return lazyWebCrypto().crypto; },
set: undefined,
},
subtle: {
lib: use null-prototype objects for property descriptors Refs: https://github.com/nodejs/node/pull/42921 PR-URL: https://github.com/nodejs/node/pull/43270 Reviewed-By: Paolo Insogna <paolo@cowtech.it> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Chengzhong Wu <legendecas@gmail.com> Reviewed-By: Minwoo Jung <nodecorelab@gmail.com>
2022-06-03 08:23:58 +00:00
__proto__: null,
crypto: alias webcrypto.subtle and webcrypto.getRandomValues on crypto The aliases allow code written to assume that `crypto.subtle` and `crypto.getRandomValues()` exist on the `crypto` global to just work. Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: https://github.com/nodejs/node/pull/41266 Reviewed-By: Filip Skokan <panva.ip@gmail.com> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
2021-12-27 14:48:59 +00:00
configurable: false,
enumerable: true,
get() { return lazyWebCrypto().crypto.subtle; },
set: undefined,
},
getRandomValues: {
lib: use null-prototype objects for property descriptors Refs: https://github.com/nodejs/node/pull/42921 PR-URL: https://github.com/nodejs/node/pull/43270 Reviewed-By: Paolo Insogna <paolo@cowtech.it> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Chengzhong Wu <legendecas@gmail.com> Reviewed-By: Minwoo Jung <nodecorelab@gmail.com>
2022-06-03 08:23:58 +00:00
__proto__: null,
crypto: alias webcrypto.subtle and webcrypto.getRandomValues on crypto The aliases allow code written to assume that `crypto.subtle` and `crypto.getRandomValues()` exist on the `crypto` global to just work. Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: https://github.com/nodejs/node/pull/41266 Reviewed-By: Filip Skokan <panva.ip@gmail.com> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
2021-12-27 14:48:59 +00:00
configurable: false,
enumerable: true,
crypto: clarify `require("crypto").getRandomValues` is Node.js specific Refs: https://github.com/nodejs/node/pull/41779 Refs: https://github.com/nodejs/node/pull/41760 PR-URL: https://github.com/nodejs/node/pull/41782 Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
2022-02-22 16:51:50 +00:00
get: () => getRandomValues,
crypto: alias webcrypto.subtle and webcrypto.getRandomValues on crypto The aliases allow code written to assume that `crypto.subtle` and `crypto.getRandomValues()` exist on the `crypto` global to just work. Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: https://github.com/nodejs/node/pull/41266 Reviewed-By: Filip Skokan <panva.ip@gmail.com> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
2021-12-27 14:48:59 +00:00
set: undefined,
crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: https://github.com/nodejs/node/pull/35093 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com>
2020-08-25 17:05:51 +00:00
},
crypto: deprecate aliases for randomBytes PR-URL: https://github.com/nodejs/node/pull/22519 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
2018-08-25 10:04:35 +00:00
// Aliases for randomBytes are deprecated.
crypto: downgrade DEP0115 to `--pending-deprecation` only Aliases are very cheap to maintain, so an unconditional runtime deprecation that affects existing ecosystem code is not a good idea. This commit turns the runtime deprecation into a `--pending-deprecation` one. Fixes: https://github.com/nodejs/node/issues/23013 PR-URL: https://github.com/nodejs/node/pull/23017 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Refael Ackermann <refack@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
2018-09-22 09:45:42 +00:00
// The ecosystem needs those to exist for backwards compatibility.
src: include crypto in the bootstrap snapshot To lazy load the run time options, the following properties are updated from value properties to accessor properties whose getter would turn them back to a value properties upon the initial access. - crypto.constants.defaultCipherList - crypto.pseudoRandomBytes - crypto.prng - crypto.rng PR-URL: https://github.com/nodejs/node/pull/42203 Refs: https://github.com/nodejs/node/issues/37476 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Bradley Farias <bradley.meck@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
2022-03-03 18:18:56 +00:00
prng: getRandomBytesAlias('prng'),
pseudoRandomBytes: getRandomBytesAlias('pseudoRandomBytes'),
lib: add trailing commas to all public core modules PR-URL: https://github.com/nodejs/node/pull/46848 Reviewed-By: Debadree Chatterjee <debadree333@gmail.com> Reviewed-By: Moshe Atlow <moshe@atlow.co.il> Reviewed-By: Anatoli Papirovski <apapirovski@mac.com> Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Jiawen Geng <technicalcute@gmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Yongsheng Zhang <zyszys98@gmail.com>
2023-02-12 18:26:21 +00:00
rng: getRandomBytesAlias('rng'),
lib: replace legacy uses of __defineGetter__ Minor clean up. There are still some places in core that use the legacy __defineGetter__ syntax. This updates most of those. PR-URL: https://github.com/nodejs/node/pull/6768 Reviewed-By: Rich Trott <rtrott@gmail.com>
2016-05-15 05:29:19 +00:00
});
Reference in New Issue Copy Permalink