jiangcuo/node
1
0
Fork 0
mirror of https://github.com/nodejs/node.git synced 2025-05-08 01:12:09 +00:00
Code Issues Actions 12 Packages Projects Releases Wiki Activity
42,841 Commits 67 Branches 878 Tags 2.1 GiB
57f23b4050
Commit Graph

54 Commits

Author SHA1 Message Date
Tobias Nießen
fe7162915e
crypto: allow deriving public from private keys 
This change allows passing private key objects to
crypto.createPublicKey, resulting in a key object that represents a
valid public key for the given private key. The returned public key
object can be used and exported safely without revealing information
about the private key.

PR-URL: https://github.com/nodejs/node/pull/26278
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
 2019-03-05 16:32:19 +01:00
Tobias Nießen
9315daaf02
crypto: fix key handle extraction 
PR-URL: https://github.com/nodejs/node/pull/25562
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
 2019-01-18 14:55:29 +01:00
Tobias Nießen
fe5b8dca40
crypto: fix zero byte allocation assertion failure 
When an empty string was passed, malloc might have returned a nullptr
depending on the platform, causing an assertion failure. This change
makes private key parsing behave as public key parsing does, causing
a BIO error instead that can be caught in JS.

Fixes: https://github.com/nodejs/node/issues/25247

PR-URL: https://github.com/nodejs/node/pull/25248
Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
 2018-12-30 18:18:40 +01:00
Tobias Nießen
823d86c47c crypto: add key object API 
This commit makes multiple important changes:

1. A new key object API is introduced. The KeyObject class itself is
   not exposed to users, instead, several new APIs can be used to
   construct key objects: createSecretKey, createPrivateKey and
   createPublicKey. The new API also allows to convert between
   different key formats, and even though the API itself is not
   compatible to the WebCrypto standard in any way, it makes
   interoperability much simpler.

2. Key objects can be used instead of the raw key material in all
   relevant crypto APIs.

3. The handling of asymmetric keys has been unified and greatly
   improved. Node.js now fully supports both PEM-encoded and
   DER-encoded public and private keys.

4. Conversions between buffers and strings have been moved to native
   code for sensitive data such as symmetric keys due to security
   considerations such as zeroing temporary buffers.

5. For compatibility with older versions of the crypto API, this
   change allows to specify Buffers and strings as the "passphrase"
   option when reading or writing an encoded key. Note that this
   can result in unexpected behavior if the password contains a
   null byte.

PR-URL: https://github.com/nodejs/node/pull/24234
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
 2018-12-24 14:50:16 +01:00