Skip to content
Permalink
Browse files

crypto: fail early when loading crypto without openssl

Fail early in require('crypto'), require('tls'),
require('https'), etc when crypto is not available
(rather than depending on an internal try/catch).

Add documentation for detecting when crypto is not available.

PR-URL: #5611
Reviewed-By: Rod Vagg <rod@vagg.org>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
  • Loading branch information...
jasnell committed Mar 8, 2016
1 parent 0b3936b commit f429fe1b88db3463957058ec8975d3365fc3fefa
Showing with 40 additions and 18 deletions.
  1. +15 −0 doc/api/crypto.markdown
  2. +3 −6 lib/_tls_legacy.js
  3. +2 −0 lib/_tls_wrap.js
  4. +10 −12 lib/crypto.js
  5. +2 −0 lib/https.js
  6. +6 −0 lib/internal/util.js
  7. +2 −0 lib/tls.js
@@ -19,6 +19,21 @@ console.log(hash);
// c0fa1bc00531bd78ef38c628449c5102aeabd49b5dc3a2a516ea6ea959d6658e
```

## Determining if crypto support is unavailable

It is possible for Node.js to be built without including support for the
`crypto` module. In such cases, calling `require('crypto')` will result in an
error being thrown.

```js
var crypto;
try {
crypto = require('crypto');
} catch (err) {
console.log('crypto support is disabled!');
}
```

## Class: Certificate

SPKAC is a Certificate Signing Request mechanism originally implemented by
@@ -1,5 +1,7 @@
'use strict';

require('internal/util').assertCrypto(exports);

const assert = require('assert');
const EventEmitter = require('events');
const stream = require('stream');
@@ -9,12 +11,7 @@ const common = require('_tls_common');
const debug = util.debuglog('tls-legacy');
const Buffer = require('buffer').Buffer;
const Timer = process.binding('timer_wrap').Timer;
var Connection = null;
try {
Connection = process.binding('crypto').Connection;
} catch (e) {
throw new Error('Node.js is not compiled with openssl crypto support');
}
const Connection = process.binding('crypto').Connection;

function SlabBuffer() {
this.create();
@@ -1,5 +1,7 @@
'use strict';

require('internal/util').assertCrypto(exports);

const assert = require('assert');
const crypto = require('crypto');
const net = require('net');
@@ -3,25 +3,23 @@

'use strict';

const internalUtil = require('internal/util');
internalUtil.assertCrypto(exports);

exports.DEFAULT_ENCODING = 'buffer';

try {
var binding = process.binding('crypto');
var randomBytes = binding.randomBytes;
var getCiphers = binding.getCiphers;
var getHashes = binding.getHashes;
var getCurves = binding.getCurves;
var getFipsCrypto = binding.getFipsCrypto;
var setFipsCrypto = binding.setFipsCrypto;
} catch (e) {
throw new Error('Node.js is not compiled with openssl crypto support');
}
const binding = process.binding('crypto');
const randomBytes = binding.randomBytes;
const getCiphers = binding.getCiphers;
const getHashes = binding.getHashes;
const getCurves = binding.getCurves;
const getFipsCrypto = binding.getFipsCrypto;
const setFipsCrypto = binding.setFipsCrypto;

const Buffer = require('buffer').Buffer;
const constants = require('constants');
const stream = require('stream');
const util = require('util');
const internalUtil = require('internal/util');
const LazyTransform = require('internal/streams/lazy_transform');

const DH_GENERATOR = 2;
@@ -1,5 +1,7 @@
'use strict';

require('internal/util').assertCrypto(exports);

const tls = require('tls');
const url = require('url');
const http = require('http');
@@ -96,3 +96,9 @@ exports.isError = function isError(e) {
exports.objectToString = function objectToString(o) {
return Object.prototype.toString.call(o);
};

const noCrypto = !process.versions.openssl;
exports.assertCrypto = function(exports) {
if (noCrypto)
throw new Error('Node.js is not compiled with openssl crypto support');
};
@@ -1,5 +1,7 @@
'use strict';

require('internal/util').assertCrypto(exports);

const net = require('net');
const url = require('url');
const binding = process.binding('crypto');

0 comments on commit f429fe1

Please sign in to comment.
You can’t perform that action at this time.