Update the dead link to <keygen> documentation.
Add a link to mozilla developper documentation because
W3C deleted the reference to this element.
Add a note to inform <keygen> element is deprecated since HTML 5.2.
PR-URL: https://github.com/nodejs/node/pull/18721
Fixes: https://github.com/nodejs/node/issues/18662
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
Remove the various **Note:** prefixes throughout the docs.
PR-URL: https://github.com/nodejs/node/pull/18592
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Docs-only deprecate the getter/setter crypto.fips and replace
with crypto.setFips() and crypto.getFips()
This is specifically in preparation for ESM module support
PR-URL: https://github.com/nodejs/node/pull/18335
Refs: https://github.com/nodejs/node/pull/18131
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Guy Bedford <guybedford@gmail.com>
Reviewed-By: Jon Moss <me@jonathanmoss.me>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
PR-URL: https://github.com/nodejs/node/pull/18376
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Use upper case variant in text in compliance with RFC 2898.
PR-URL: https://github.com/nodejs/node/pull/18279
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Vladimir Kurchatkin <vladimir.kurchatkin@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
According to the linked document: "The length of the randomly-generated
portion of the salt shall be at least 128 bits." [NIST SP 800-132]
PR-URL: https://github.com/nodejs/node/pull/17524
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
changes in c++ are in the computeSecret function, but the thrown
exception that was moved to JS land was in BufferToPoint
function, here i let the allocation error be thrown so the only value
returned is the nullptr that i use later to catch the error in
computeSecret, to then construct the exception in JS land.
an ERR_CRYPTO_ECDH_INVALID_PUBLIC_KEY error was added to errors.js
and with that, subsequent changes to docs and tests were made.
PR-URL: https://github.com/nodejs/node/pull/16849
Refs: https://www.iacr.org/archive/pkc2003/25670211/25670211.pdf
Fixes: https://github.com/nodejs/node/issues/16625
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Neither crypto.randomBytes nor crypto.randomFill
partitions the work submitted to the threadpool.
This change was suggested during the discussion of #17054.
See also #17154.
PR-URL: https://github.com/nodejs/node/pull/17250
Refs: https://github.com/nodejs/node/pull/17154
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Evan Lucas <evanlucas@me.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
PR-URL: https://github.com/nodejs/node/pull/17263
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Anatoli Papirovski <apapirovski@mac.com>
Included reference to 'constant time' in
crypto.timingSafeEqual description.
The Node website would score higher on a Google search
and the API would be more discoverable if it used the words
"constant time" in its description.
PR-URL: https://github.com/nodejs/node/pull/16604
Fixes: https://github.com/nodejs/node/issues/16504
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
* Older experimental APIs have been removed.
[[`d731369b1d`](https://github.com/nodejs/node/commit/d731369b1d)]
[#14414](https://github.com/nodejs/node/pull/14414)
* **Errors**
* Improvements have been made to `buffer` module error messages.
* The assignment of static error codes to Node.js error continues:
* `buffer`
* `child_process`
* `console`
* `crypto`
* `dns`
* `events`
* `fs`
* `http`
* `inspector`
* `net`
* `path`
* `process`
* `querystring`
* `readline`
* `repl`
* `streams`
* `string_decoder`
* `timers`
* `tls`
* `url`
* `util`
* `v8`
* `zlib`
* **Child Processes**
* Errors are emitted on process nextTick.
* **Domains**
* The long-deprecated `.dispose()` method has been removed.
* **fs**
* The `fs.ReadStream` and `fs.WriteStream` classes now use `destroy()`.
* `fs` module callbacks are now invoked with an undefined context.
* **HTTP/1**
* A 400 Bad Request response will now be sent when parsing fails.
* Socket timeout will be set when the socket connects.
* A bug causing the request `'error'` event to fire twice was fixed.
* HTTP clients may now use generic `Duplex` streams in addition to `net.Socket`.
* **Intl**
* The deprecated `Intl.v8BreakIterator` has been removed.
* **Modules**
* The `require.resolve()` method now supports using custom lookup paths.
* **OS**
* The `os.EOL` property is now read-only.
* **Timers**
* `setTimeout()` will emit a warning if the timeout is larger that the maximum
32-bit unsigned integer.
Move input argument validation to js, using internal/errors.
Also update docs
* `password` and `salt` may be Buffers or any TypedArrays
* `crypto.DEFAULT_ENCODING` changes the returned derivedKey type
PR-URL: https://github.com/nodejs/node/pull/15746
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Since `crypto.publicDecrypt()` and `crypto.publicEncrypt()` accept both
public and private keys, make it clear that the `passphrase` option only
applies to private keys.
PR-URL: https://github.com/nodejs/node/pull/16087
Ref: https://github.com/nodejs/node/pull/16038
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Nikolai Vavilov <vvnicholas@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Clarify return values for crypto.publicEncrypt and similar functions
PR-URL: https://github.com/nodejs/node/pull/16229
Fixes: https://github.com/nodejs/node/issues/12946
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
Move argument type checking to js, use internal/errors
PR-URL: https://github.com/nodejs/node/pull/15756
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Although, as docs mention, private keys can be used instead of
public keys, I presume that these parameter explanations
should be corrected.
Fixes: https://github.com/nodejs/node/issues/13633
PR-URL: https://github.com/nodejs/node/pull/16038
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
* Split single monolithic file into multiple
* Make Certificate methods static
* Allow randomFill(Sync) to use any ArrayBufferView
* Use internal/errors throughout
* Improve arg validation in Hash/Hmac
* Doc updates
PR-URL: https://github.com/nodejs/node/pull/15231
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
PR #11705 switched Node away from using using OpenSSL's legacy EVP_Sign*
and EVP_Verify* APIs. Instead, it computes a hash normally via
EVP_Digest* and then uses EVP_PKEY_sign and EVP_PKEY_verify to verify
the hash directly. This change corrects two problems:
1. The documentation still recommends the signature algorithm EVP_MD
names of OpenSSL's legacy APIs. OpenSSL has since moved away from
thosee, which is why ECDSA was strangely inconsistent. (This is why
"ecdsa-with-SHA256" was missing.)
2. Node_SignFinal copied some code from EVP_SignFinal's internals. This
is problematic for OpenSSL 1.1.0 and is missing a critical check
that prevents pkey->pkey.ptr from being cast to the wrong type.
To resolve this, remove the non-EVP_PKEY_sign codepath. This codepath is
no longer necessary. PR #11705's verify half was already assuming all
EVP_PKEYs supported EVP_PKEY_sign and EVP_PKEY_verify. Also, in the
documentation, point users towards using hash function names which are
more consisent. This avoids an ECDSA special-case and some strangeness
around RSA-PSS ("RSA-SHA256" is the OpenSSL name of the
sha256WithRSAEncryption OID which is not used for RSA-PSS).
PR-URL: https://github.com/nodejs/node/pull/15024
Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Each page of the API documentation should have links to other versions
of the same page. This will make it easier to switch between the current
"live" release at nodejs.org and LTS versions.
PR-URL: https://github.com/nodejs/node/pull/10958
Fixes: https://github.com/nodejs/node/issues/10726
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Evan Lucas <evanlucas@me.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Not knowing which APIs use libuv's threadpool can lead to surprising
performance problems. Document the APIs, and also document
UV_THREADPOOL_SIZE, which can be used to fix problems.
PR-URL: https://github.com/nodejs/node/pull/14995
Reviewed-By: Brian White <mscdex@mscdex.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
It may not return random bytes right away, but when called
asynchronously it will not block.
PR-URL: https://github.com/nodejs/node/pull/14993
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
`crypto.createCipher()` sets the fixed IV derived from password and it
leads to a security risk of nonce reuse when counter mode is used.
A warning is emitted when CTR, GCM or CCM is used in
`crypto.createCipher()` to notify users to avoid nonce reuse.
Fixes: https://github.com/nodejs/node/issues/13801
PR-URL: https://github.com/nodejs/node/pull/13821
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
In preparation for stricter ESLint indentation checking, fix a few
issues in sample code.
PR-URL: https://github.com/nodejs/node/pull/13950
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
oath.md: make order of properties consistent
tls.md: remove spaces in getPeerCertificate signature
tls.md: add deprecation notice to server.connections
http.md: fix signature of request.end
crypto.md: change crypto parameters to camelCase
vm.md: add missing apostrophe
vm.md: fix signature of vm.runInNewContext
zlib.md: improve description of zlib.createXYZ
PR-URL: https://github.com/nodejs/node/pull/13491
Ref: https://github.com/nodejs/node/issues/9538
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
In the api docs there were some instances of behaviour
and many more with behavior. I was asked as part of a review
on a different PR which one to use and went with behavior
to be consistent with the majority.
Our style guide states that American English spelling is preferred.
PR-URL: https://github.com/nodejs/node/pull/13245
Reviewed-By: Alexey Orlenko <eaglexrlnk@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Kunal Pathak <kunal.pathak@microsoft.com>
Make the style of "Note:" paragraphs consistent and document the
guidelines in `doc/STYLE_GUIDE.md`.
PR-URL: https://github.com/nodejs/node/pull/13133
Fixes: https://github.com/nodejs/node/issues/13131
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Daijiro Wachi <daijiro.wachi@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
As per https://github.com/nodejs/node/issues/12946
the crypto doc for publicEncrypt doesn't tell
you whether the encryption happens in place or not.
Fixes: https://github.com/nodejs/node/issues/12946
PR-URL: https://github.com/nodejs/node/pull/12947
Reviewed-By: Brian White <mscdex@mscdex.net>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/12726
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
This patch replaces the word `buf` with `buffer` and fixes the broken
link to `randomfill`.
PR-URL: https://github.com/nodejs/node/pull/12541
Reviewed-By: Evan Lucas <evanlucas@me.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
crypto.randomFill and crypto.randomFillSync are similar to
crypto.randomBytes, but allow passing in a buffer as the first
argument. This allows us to reuse buffers to prevent having to
create a new one on every call.
PR-URL: https://github.com/nodejs/node/pull/10209
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
