Skip to content
Permalink
Browse files

crypto: move createCipher to runtime deprecation

PR-URL: #22089
Reviewed-By: Tiancheng "Timothy" Gu <timothygu99@gmail.com>
Reviewed-By: Yihong Wang <yh.wang@ibm.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
  • Loading branch information...
tniessen committed Aug 2, 2018
1 parent 28c70ac commit 933d8eb689bb4bc412e71c0069bf9b7b24de4f9d
@@ -954,7 +954,7 @@ Type: End-of-Life
<a id="DEP0106"></a>
### DEP0106: crypto.createCipher and crypto.createDecipher
Type: Documentation-only
Type: Runtime
Using [`crypto.createCipher()`][] and [`crypto.createDecipher()`][] should be
avoided as they use a weak key derivation function (MD5 with no salt) and static
@@ -140,9 +140,7 @@ function createVerify(algorithm, options) {
module.exports = exports = {
// Methods
_toBuf: toBuf,
createCipher,
createCipheriv,
createDecipher,
createDecipheriv,
createDiffieHellman,
createDiffieHellmanGroup,
@@ -209,6 +207,16 @@ function getFipsForced() {
}

Object.defineProperties(exports, {
createCipher: {
enumerable: false,
value: deprecate(createCipher,
'crypto.createCipher is deprecated.', 'DEP0106')
},
createDecipher: {
enumerable: false,
value: deprecate(createDecipher,
'crypto.createDecipher is deprecated.', 'DEP0106')
},
// crypto.fips is deprecated. DEP0093. Use crypto.getFips()/crypto.setFips()
fips: {
get: !fipsMode ? getFipsDisabled :
@@ -71,8 +71,10 @@ const expectedWarnings = common.hasFipsCrypto ?
['Use Cipheriv for counter mode of aes-256-ccm', common.noWarnCode]
];

const expectedDeprecationWarnings = ['crypto.DEFAULT_ENCODING is deprecated.',
'DEP0091'];
const expectedDeprecationWarnings = [
['crypto.DEFAULT_ENCODING is deprecated.', 'DEP0091'],
['crypto.createCipher is deprecated.', 'DEP0106']
];

common.expectWarning({
Warning: expectedWarnings,
@@ -10,6 +10,15 @@ if (common.hasFipsCrypto)
const crypto = require('crypto');
const assert = require('assert');

common.expectWarning({
Warning: [
['Use Cipheriv for counter mode of aes-256-gcm', common.noWarnCode]
],
DeprecationWarning: [
['crypto.createCipher is deprecated.', 'DEP0106']
]
});

function testCipher1(key) {
// Test encryption and decryption
const plaintext = 'Keep this a secret? No! Tell everyone about node.js!';
@@ -235,10 +244,6 @@ testCipher2(Buffer.from('0123456789abcdef'));
const aadbuf = Buffer.from('aadbuf');
const data = Buffer.from('test-crypto-cipher-decipher');

common.expectWarning('Warning',
'Use Cipheriv for counter mode of aes-256-gcm',
common.noWarnCode);

const cipher = crypto.createCipher('aes-256-gcm', key);
cipher.setAAD(aadbuf);
cipher.setAutoPadding();
@@ -11,9 +11,14 @@ const crypto = require('crypto');
const key = '0123456789';

{
common.expectWarning('Warning',
'Use Cipheriv for counter mode of aes-256-gcm',
common.noWarnCode);
common.expectWarning({
DeprecationWarning: [
['crypto.createCipher is deprecated.', 'DEP0106']
],
Warning: [
['Use Cipheriv for counter mode of aes-256-gcm', common.noWarnCode]
]
});

// Emits regular warning expected by expectWarning()
crypto.createCipher('aes-256-gcm', key);

0 comments on commit 933d8eb

Please sign in to comment.
You can’t perform that action at this time.