(v10.x backport) Backport 12 crypto commits by tniessen · Pull Request #20706 · nodejs/node
and others added 12 commits
May 13, 2018 19:13
This change allows users to restrict accepted GCM authentication tag lengths to a single value. PR-URL: nodejs#20039 Fixes: nodejs#17523 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Yihong Wang <yh.wang@ibm.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
This commit extracts the common code from the Cipher/Cipheriv and Decipher/Decipheriv constructors into a separate function to avoid code duplication. PR-URL: nodejs#20164 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
This commit adds a function named addCipherPrototypeFunctions to avoid code duplication. PR-URL: nodejs#20164 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
This commit renames rsaPublic and removes the rsaPrivate function as the code in these two functions are identical. PR-URL: nodejs#20164 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Currently the following compiler warnings are issued by clang:
../src/node_crypto.cc:2801:56:
warning: '&&' within '||' [-Wlogical-op-parentheses]
return tag_len == 4 || tag_len == 8 || tag_len >= 12 && tag_len <= 16;
~~ ~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~
../src/node_crypto.cc:2801:56:
note: place parentheses around the '&&' expression to silence this
warning
return tag_len == 4 || tag_len == 8 || tag_len >= 12 && tag_len <= 16;
^
../src/node_crypto.cc:2925:51:
warning: '&&' within '||' [-Wlogical-op-parentheses]
if (cipher->auth_tag_len_ != kNoAuthTagLength &&
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~
../src/node_crypto.cc:2925:51:
note: place parentheses around the '&&' expression to silence this
warning
if (cipher->auth_tag_len_ != kNoAuthTagLength &&
^
This commit adds parenthesis around these expressions to silence the
warnings.
PR-URL: nodejs#20216
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
This commit removes the usage of the deprectated crypto.DEFAULT_ENCODING. PR-URL: nodejs#20221 Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
PR-URL: nodejs#20225 Refs: nodejs#20039 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
PR-URL: nodejs#20225 Refs: nodejs#20039 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
The authTagLength option can now be used to produce GCM authentication tags with a specific length. PR-URL: nodejs#20235 Refs: nodejs#20039 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Yihong Wang <yh.wang@ibm.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
For key wrapping algorithms, calling EVP_CipherUpdate() with null output could obtain the size for the ciphertext. Then use the returned size to allocate output buffer. Also add a test case to verify des3-wrap. Signed-off-by: Yihong Wang <yh.wang@ibm.com> PR-URL: nodejs#20370 Fixes: nodejs#19655 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com>
Prefer custom smart pointers fitted to the OpenSSL data structures over more manual memory management and lots of `goto`s. PR-URL: nodejs#20238 Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com> Reviewed-By: Tiancheng "Timothy" Gu <timothygu99@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com>
Add test cases for AES key wrapping and only detect output length in cipher case. The reason being is the returned output length is insufficient in AES key unwrapping case. PR-URL: nodejs#20587 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
nodejs-github-bot
added
c++
v10.x labels
May 13, 2018addaleax pushed a commit that referenced this pull request
May 14, 2018addaleax pushed a commit that referenced this pull request
May 14, 2018
This commit extracts the common code from the Cipher/Cipheriv and Decipher/Decipheriv constructors into a separate function to avoid code duplication. Backport-PR-URL: #20706 PR-URL: #20164 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
addaleax pushed a commit that referenced this pull request
May 14, 2018
This commit adds a function named addCipherPrototypeFunctions to avoid code duplication. Backport-PR-URL: #20706 PR-URL: #20164 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
addaleax pushed a commit that referenced this pull request
May 14, 2018
This commit renames rsaPublic and removes the rsaPrivate function as the code in these two functions are identical. Backport-PR-URL: #20706 PR-URL: #20164 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
addaleax pushed a commit that referenced this pull request
May 14, 2018
Currently the following compiler warnings are issued by clang:
../src/node_crypto.cc:2801:56:
warning: '&&' within '||' [-Wlogical-op-parentheses]
return tag_len == 4 || tag_len == 8 || tag_len >= 12 && tag_len <= 16;
~~ ~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~
../src/node_crypto.cc:2801:56:
note: place parentheses around the '&&' expression to silence this
warning
return tag_len == 4 || tag_len == 8 || tag_len >= 12 && tag_len <= 16;
^
../src/node_crypto.cc:2925:51:
warning: '&&' within '||' [-Wlogical-op-parentheses]
if (cipher->auth_tag_len_ != kNoAuthTagLength &&
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~
../src/node_crypto.cc:2925:51:
note: place parentheses around the '&&' expression to silence this
warning
if (cipher->auth_tag_len_ != kNoAuthTagLength &&
^
This commit adds parenthesis around these expressions to silence the
warnings.
Backport-PR-URL: #20706
PR-URL: #20216
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
addaleax pushed a commit that referenced this pull request
May 14, 2018addaleax pushed a commit that referenced this pull request
May 14, 2018addaleax pushed a commit that referenced this pull request
May 14, 2018addaleax pushed a commit that referenced this pull request
May 14, 2018addaleax pushed a commit that referenced this pull request
May 14, 2018
For key wrapping algorithms, calling EVP_CipherUpdate() with null output could obtain the size for the ciphertext. Then use the returned size to allocate output buffer. Also add a test case to verify des3-wrap. Signed-off-by: Yihong Wang <yh.wang@ibm.com> Backport-PR-URL: #20706 PR-URL: #20370 Fixes: #19655 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com>
addaleax added a commit that referenced this pull request
May 14, 2018
Prefer custom smart pointers fitted to the OpenSSL data structures over more manual memory management and lots of `goto`s. Backport-PR-URL: #20706 PR-URL: #20238 Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com> Reviewed-By: Tiancheng "Timothy" Gu <timothygu99@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com>
addaleax pushed a commit that referenced this pull request
May 14, 2018
Add test cases for AES key wrapping and only detect output length in cipher case. The reason being is the returned output length is insufficient in AES key unwrapping case. Backport-PR-URL: #20706 PR-URL: #20587 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters