PR-URL: https://github.com/nodejs/node/pull/37433
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Juan José Arboleda <soyjuanarbol@gmail.com>
We're about to turn on a requirement for dangling commas.
PR-URL: https://github.com/nodejs/node/pull/37088
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Adds [JWK](https://tools.ietf.org/html/rfc7517) keyObject.export format
option.
Supported key types: `ec`, `rsa`, `ed25519`, `ed448`, `x25519`, `x448`,
and symmetric keys, resulting in JWK `kty` (Key Type) values `EC`,
`RSA`, `OKP`, and `oct`.
`rsa-pss` is not supported since the JWK format does not support
PSS Parameters.
`EC` JWK curves supported are `P-256`, `secp256k1`, `P-384`, and `P-521`
PR-URL: https://github.com/nodejs/node/pull/37081
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Signed-off-by: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/37070
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/37056
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
APIs for generating and checking pseudo-random primes
Signed-off-by: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/36997
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
PR-URL: https://github.com/nodejs/node/pull/37016
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/37006
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Juan José Arboleda <soyjuanarbol@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/36993
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Pooja D P <Pooja.D.P@ibm.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Implements initial experimental support for Curve25519 and
Curve448 support for both ECDH and sign/verify in Web Crypto.
Introduced as a Node.js-specific extension to Web Crypto.
Signed-off-by: James M Snell <jasnell@gmail.com>
Fixes: https://github.com/nodejs/node/issues/36076
PR-URL: https://github.com/nodejs/node/pull/36879
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
This API exposes key details. It is conceptually different from the
previously discussed keyObject.fields property since it does not give
access to information that could compromise the security of the key, and
the obtained information cannot be used to uniquely identify a key.
The intended purpose is to determine "security properties" of keys, e.g.
to generate a new key pair with the same parameters, or to decide
whether a key is secure enough.
closes#30045
PR-URL: https://github.com/nodejs/node/pull/36188
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Adds two new command line arguments:
* `--secure-heap=n`, which causes node.js to initialize
an openssl secure heap of `n` bytes on openssl initialization.
* `--secure-heap-min=n`, which specifies the minimum allocation
from the secure heap.
* A new method `crypto.secureHeapUsed()` that returns details
about the total and used secure heap allocation.
The secure heap is an openssl feature that allows certain kinds
of potentially sensitive information (such as private key
BigNums) to be allocated from a dedicated memory area that is
protected against pointer over- and underruns.
The secure heap is a fixed size, so it's important that users
pick a large enough size to cover the crypto operations they
intend to utilize.
The secure heap is disabled by default.
Signed-off-by: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/36779
Refs: https://github.com/nodejs/node/pull/36729
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
This commit renames the check function to createJob which seems to be
more descriptive of what this function does.
PR-URL: https://github.com/nodejs/node/pull/35858
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Fixes a handful of regressions in scrypt support following
the refactor.
Fixes: https://github.com/nodejs/node/issues/35815
PR-URL: https://github.com/nodejs/node/pull/35821
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
This fixes the importKey operation when importing a JWK for the ECDH
algorithm. As per the Web Crypto API specification the JWK `alg`
property is not checked (as opposed to ECDSA).
PR-URL: https://github.com/nodejs/node/pull/35855
Fixes: https://github.com/nodejs/node/issues/35812
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
This will be a start to generalize all argument validation
errors. As currently we throw ARG/OPT, OUT_OF_RANGE, and other more
specific errors.
The OPT errors didn't bring much to the errors as it's just another
variant of ARG error which is sometimes more confusing (some of our code
used OPT errors to denote just argument validation errors presumably
because of similarity of OPT to 'option' and not 'options-object')
and they don't specify the name of the options object where the invalid
value is located. Much better approach would be to just specify path
to the invalid value in the name of the value as it is done in this PR
(i.e. 'options.format', 'options.publicKey.type' etc)
Also since this decreases a variety of errors we have it'd be easier to
reuse validation code across the codebase.
Refs: https://github.com/nodejs/node/pull/31251
Refs: https://github.com/nodejs/node/pull/34070#discussion_r467251009
Signed-off-by: Denys Otrishko <shishugi@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/34682
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Use "must be a safe integer" rather than "must be safe integer". I
believe the former is more easily understood/clear.
PR-URL: https://github.com/nodejs/node/pull/35089
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Previously, the crypto.randomInt() message when "max" was less than or
equal to "min" made it sound like the lower bound for "max" was
hard-coded. Make it clear that it is instead dynamic based on the value
of "min".
For crypto.randomInt(10,0):
Before:
RangeError [ERR_OUT_OF_RANGE]: The value of "max" is out of range. It
must be > 10. Received 0
After:
RangeError [ERR_OUT_OF_RANGE]: The value of "max" is out of range. It
must be greater than the value of "min" (10). Received 0
PR-URL: https://github.com/nodejs/node/pull/35088
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Inline a function that only gets called in the constructor. Make call to
`super()` more straightforward in the process by removing conditional
involving the function as it only ever returns `undefined` or else
throws. That made the code a little hard to understand, as without
looking at the function, one would likely expect it to return `true`
on success rather than `undefined`.
PR-URL: https://github.com/nodejs/node/pull/35064
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Denys Otrishko <shishugi@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Change _cb_ to _callback_ to align with documentation. This is so that
stack traces and error messages align with the documentation. If the
documentation says "callback", then the stack traces and error messages
should indicate that "callback" needs to be function or whatever, rather
than "cb".
PR-URL: https://github.com/nodejs/node/pull/35054
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
PR-URL: https://github.com/nodejs/node/pull/34600
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
This makes the function more robust against V8 inlining.
Fixes: https://github.com/nodejs/node/issues/34073
PR-URL: https://github.com/nodejs/node/pull/34141
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Ujjwal Sharma <ryzokuken@disroot.org>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Zeyu Yang <himself65@outlook.com>
When calling `crypto.sign()`, if the `key` parameter object is
missing the `key` property, the error message is wrong.
Before the fix:
TypeError [ERR_INVALID_ARG_TYPE]: The "key" argument must be of
type string or an instance of Buffer, TypedArray, DataView, or
KeyObject. Received an instance of Object
Expected:
TypeError [ERR_INVALID_ARG_TYPE]: The "key.key property" argument
must be of type string or an instance of Buffer, TypedArray,
DataView, or KeyObject. Received undefined
This seems like a copy&paste bug. Somebody copied from the end of
the function, where this is correct, to here, where it's wrong.
PR-URL: https://github.com/nodejs/node/pull/33482
Fixes: https://github.com/nodejs/node/issues/33480
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Ujjwal Sharma <ryzokuken@disroot.org>
