delta/node-new.git/src/node_crypto.cc, branch Ninja.py-StringIO github.com: nodejs/node.git crypto: don't expose openssl internals 2019-08-29T04:42:58+00:00 Shelley Vohr shelley.vohr@gmail.com 2019-08-26T19:18:50+00:00 17a697c794f2525c9789fd92c2206a1b634cf473 PR-URL: https://github.com/nodejs/node/pull/29325 Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Tobias Nießen <tniessen@tnie.de> 
PR-URL: https://github.com/nodejs/node/pull/29325
Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
crypto: handle i2d_SSL_SESSION() error return 2019-08-23T04:35:09+00:00 Ben Noordhuis info@bnoordhuis.nl 2019-08-20T12:10:42+00:00 ceace1f96eb0862a2944bc38c2e897974169f622 i2d_SSL_SESSION() can return a value <= 0 when the session is malformed or otherwise invalid. Handle that case. This change comes without a regression test because I couldn't figure out a good way to generate an existing but invalid session in a timely fashion. Fixes: https://github.com/nodejs/node/issues/29202 PR-URL: https://github.com/nodejs/node/pull/29225 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> 
i2d_SSL_SESSION() can return a value <= 0 when the session is malformed
or otherwise invalid. Handle that case.

This change comes without a regression test because I couldn't figure
out a good way to generate an existing but invalid session in a timely
fashion.

Fixes: https://github.com/nodejs/node/issues/29202

PR-URL: https://github.com/nodejs/node/pull/29225
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
crypto: simplify DSA validation in FIPS mode 2019-08-21T03:18:17+00:00 Tobias Nießen tniessen@tnie.de 2019-08-18T16:27:53+00:00 61140ffe3cccbdbed36667831d0914622db46866 PR-URL: https://github.com/nodejs/node/pull/29195 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com> 
PR-URL: https://github.com/nodejs/node/pull/29195
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
src: add error codes to errors thrown in C++ 2019-08-09T22:58:58+00:00 Yaniv Friedensohn yaniv.friedensohn@gmail.com 2019-05-11T17:00:38+00:00 a0e2c6d2843ea6e37035a949827cdcc7949026d6 PR-URL: https://github.com/nodejs/node/pull/27700 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com> 
PR-URL: https://github.com/nodejs/node/pull/27700
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
crypto: extend RSA-OAEP support with oaepHash 2019-08-07T11:45:42+00:00 Tobias Nießen tniessen@tnie.de 2019-06-21T14:37:06+00:00 0c9ad34427cdc8a68c8b3e7c2d4748f462567680 This adds an oaepHash option to asymmetric encryption which allows users to specify a hash function when using OAEP padding. This feature is required for interoperability with WebCrypto applications. PR-URL: https://github.com/nodejs/node/pull/28335 Fixes: https://github.com/nodejs/node/issues/25756 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Sam Roberts <vieuxtech@gmail.com> 
This adds an oaepHash option to asymmetric encryption which allows
users to specify a hash function when using OAEP padding. This
feature is required for interoperability with WebCrypto applications.

PR-URL: https://github.com/nodejs/node/pull/28335
Fixes: https://github.com/nodejs/node/issues/25756
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
crypto: add outputLength option to crypto.createHash 2019-07-26T06:00:41+00:00 Tobias Nießen tniessen@tnie.de 2019-07-19T00:44:31+00:00 31d9b2f14fe9851b530c213b92e14b4646f6d131 This change adds an outputLength option to crypto.createHash which allows users to produce variable-length hash values using XOF hash functons. Fixes: https://github.com/nodejs/node/issues/28757 PR-URL: https://github.com/nodejs/node/pull/28805 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com> 
This change adds an outputLength option to crypto.createHash which
allows users to produce variable-length hash values using XOF hash
functons.

Fixes: https://github.com/nodejs/node/issues/28757
PR-URL: https://github.com/nodejs/node/pull/28805
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
crypto: increase maxmem range from 32 to 53 bits 2019-07-24T04:17:19+00:00 Tobias Nießen tniessen@tnie.de 2019-07-21T18:14:34+00:00 1dc458cdd0a578093d5e84439158c799664b78cf Fixes: https://github.com/nodejs/node/issues/28755 PR-URL: https://github.com/nodejs/node/pull/28799 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com> 
Fixes: https://github.com/nodejs/node/issues/28755

PR-URL: https://github.com/nodejs/node/pull/28799
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
src: fix type name in comment 2019-07-23T16:59:31+00:00 Ben Noordhuis info@bnoordhuis.nl 2019-06-20T08:36:32+00:00 35788c8c18ca13dcb72f82f156dea62d0d3822c3 The comment refers to an exception type that JS land throws on the C++ code's behalf but apparently I changed the JS name before landing the pull request and forgot to update the comment. Refs: https://github.com/nodejs/node/pull/20816 PR-URL: https://github.com/nodejs/node/pull/28320 Reviewed-By: Richard Lau <riclau@uk.ibm.com> Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: Anto Aravinth <anto.aravinth.cse@gmail.com> 
The comment refers to an exception type that JS land throws on the C++
code's behalf but apparently I changed the JS name before landing the
pull request and forgot to update the comment.

Refs: https://github.com/nodejs/node/pull/20816

PR-URL: https://github.com/nodejs/node/pull/28320
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Anto Aravinth <anto.aravinth.cse@gmail.com>
crypto: fix crash when calling digest after piping 2019-06-18T16:42:48+00:00 Tobias Nießen tniessen@tnie.de 2019-06-16T09:26:03+00:00 fc50e6bcc81e4b34f4f3f3fe494b79200ae22efb When piping data into an SHA3 hash, EVP_DigestFinal_ex is called in hash._flush, bypassing safeguards in the JavaScript layer. Calling hash.digest causes EVP_DigestFinal_ex to be called again, resulting in a segmentation fault in the SHA3 implementation of OpenSSL. A relatively easy solution is to cache the result of calling EVP_DigestFinal_ex until the Hash object is garbage collected. PR-URL: https://github.com/nodejs/node/pull/28251 Fixes: https://github.com/nodejs/node/issues/28245 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> 
When piping data into an SHA3 hash, EVP_DigestFinal_ex is called in
hash._flush, bypassing safeguards in the JavaScript layer. Calling
hash.digest causes EVP_DigestFinal_ex to be called again, resulting
in a segmentation fault in the SHA3 implementation of OpenSSL.

A relatively easy solution is to cache the result of calling
EVP_DigestFinal_ex until the Hash object is garbage collected.

PR-URL: https://github.com/nodejs/node/pull/28251
Fixes: https://github.com/nodejs/node/issues/28245
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
src: remove TLS code for unsupported OpenSSLs 2019-06-10T16:23:12+00:00 Sam Roberts vieuxtech@gmail.com 2019-06-02T22:10:01+00:00 94a7c2ab8a191097e28749c44b3aefd2ba6920ee Versions of OpenSSL lower than 1.1.1 are no longer supported, so remove ifdefs for previous versions. PR-URL: https://github.com/nodejs/node/pull/28085 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Anatoli Papirovski <apapirovski@mac.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> 
Versions of OpenSSL lower than 1.1.1 are no longer supported, so remove
ifdefs for previous versions.

PR-URL: https://github.com/nodejs/node/pull/28085
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Anatoli Papirovski <apapirovski@mac.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>