Skip to content
Permalink
Branch: master
Commits on Apr 8, 2019
  1. crypto: add support for RSA-PSS keys

    tniessen authored and danbev committed Mar 16, 2019
    This commit adds support for RSA-PSS keys, including
    - KeyObjects of type rsa-pss,
    - key pair generation for RSA-PSS, and
    - signing and verification using RSA-PSS keys.
    
    PR-URL: #26960
    Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
    Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
  2. crypto: simplify missing passphrase detection

    tniessen authored and danbev committed Mar 30, 2019
    PR-URL: #27089
    Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
    Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
    Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
    Reviewed-By: James M Snell <jasnell@gmail.com>
Commits on Apr 4, 2019
  1. crypto: remove legacy native handles

    tniessen committed Mar 30, 2019
    PR-URL: #27011
    Reviewed-By: Michaël Zasso <targos@protonmail.com>
    Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
    Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
    Reviewed-By: James M Snell <jasnell@gmail.com>
    Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
  2. crypto: fail early if passphrase is too long

    tniessen authored and BridgeAR committed Mar 29, 2019
    This causes OpenSSL to fail early if the decryption passphrase is too
    long, and produces a somewhat helpful error message.
    
    PR-URL: #27010
    Refs: #25208
    Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
    Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Commits on Mar 30, 2019
  1. crypto: decode missing passphrase errors

    tniessen committed Dec 23, 2018
    When a user attempts to load an encrypted key without supplying a
    passphrase, a cryptic OpenSSL error is thrown. This change intercepts
    the OpenSSL error and throws a nice error code instead.
    
    PR-URL: #25208
    Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
    Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
    Reviewed-By: Anna Henningsen <anna@addaleax.net>
    Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Commits on Mar 28, 2019
  1. crypto: allow undefined for saltLength and padding

    tniessen committed Mar 26, 2019
    PR-URL: #26921
    Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
    Reviewed-By: James M Snell <jasnell@gmail.com>
    Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
  2. crypto: rename generateKeyPairEdDSA

    tniessen committed Mar 25, 2019
    Now that support for X25519 and X448 has been added, this function is
    not used exclusively for EdDSA keys anymore.
    
    PR-URL: #26900
    Refs: #26774
    Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
    Reviewed-By: James M Snell <jasnell@gmail.com>
    Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
    Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Commits on Mar 18, 2019
  1. crypto: add support for EdDSA key pair generation

    tniessen committed Mar 9, 2019
    PR-URL: #26554
    Refs: #26319
    Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Commits on Mar 15, 2019
  1. Revert "crypto: add KeyObject.asymmetricKeySize"

    tniessen committed Mar 13, 2019
    This reverts commit 4895927.
    
    PR-URL: #26636
    Fixes: #26631
    Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com>
    Reviewed-By: Rich Trott <rtrott@gmail.com>
    Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Commits on Mar 9, 2019
  1. crypto: improve error handling in parseKeyEncoding

    tniessen committed Mar 5, 2019
    This change only affects KeyObject.export().
    
    PR-URL: #26455
    Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
    Reviewed-By: Anna Henningsen <anna@addaleax.net>
    Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
    Reviewed-By: Rich Trott <rtrott@gmail.com>
    Reviewed-By: Michaël Zasso <targos@protonmail.com>
Commits on Mar 7, 2019
  1. crypto: simplify GetPublicOrPrivateKeyFromJs

    tniessen committed Mar 5, 2019
    PR-URL: #26454
    Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
    Reviewed-By: Anna Henningsen <anna@addaleax.net>
    Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
    Reviewed-By: James M Snell <jasnell@gmail.com>
    Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
    Reviewed-By: Masashi Hirano <shisama07@gmail.com>
Commits on Mar 5, 2019
  1. crypto: allow deriving public from private keys

    tniessen committed Jan 26, 2019
    This change allows passing private key objects to
    crypto.createPublicKey, resulting in a key object that represents a
    valid public key for the given private key. The returned public key
    object can be used and exported safely without revealing information
    about the private key.
    
    PR-URL: #26278
    Reviewed-By: James M Snell <jasnell@gmail.com>
    Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
    Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Commits on Mar 2, 2019
  1. crypto: move DEP0113 to End-of-Life

    tniessen committed Feb 21, 2019
    PR-URL: #26249
    Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
    Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
    Reviewed-By: Rich Trott <rtrott@gmail.com>
Commits on Feb 23, 2019
  1. doc: fix deprecation "End-of-Life" capitalization

    tniessen authored and Trott committed Feb 21, 2019
    PR-URL: #26251
    Reviewed-By: Richard Lau <riclau@uk.ibm.com>
    Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
    Reviewed-By: Rich Trott <rtrott@gmail.com>
    Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
    Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
    Reviewed-By: James M Snell <jasnell@gmail.com>
  2. crypto: fix unencrypted DER PKCS8 parsing

    tniessen committed Feb 21, 2019
    The previously used OpenSSL call only supports encrypted PKCS8,
    this commit adds support for unencrypted PKCS8.
    
    PR-URL: #26236
    Reviewed-By: Anna Henningsen <anna@addaleax.net>
    Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
    Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
    Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com>
    Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
  3. crypto: fix error condition in Verify::VerifyFinal

    tniessen committed Feb 21, 2019
    Fail early if key parsing failed, don't try to construct a context out
    of it.
    
    PR-URL: #26238
    Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
    Reviewed-By: Anna Henningsen <anna@addaleax.net>
    Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Commits on Feb 22, 2019
  1. doc: fix metadata of DEP0114

    tniessen committed Feb 21, 2019
    PR-URL: #26250
    Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
    Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
    Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Commits on Jan 18, 2019
  1. crypto: fix key handle extraction

    tniessen authored and BridgeAR committed Jan 18, 2019
    PR-URL: #25562
    Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
    Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Commits on Jan 11, 2019
  1. test: improve test coverage of native crypto code

    tniessen committed Jan 7, 2019
    PR-URL: #25400
    Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
    Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
    Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
    Reviewed-By: James M Snell <jasnell@gmail.com>
    Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Commits on Jan 8, 2019
  1. crypto: remove deprecated crypto._toBuf

    tniessen authored and addaleax committed Jan 4, 2019
    PR-URL: #25338
    Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
    Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
    Reviewed-By: Minwoo Jung <minwoo@nodesource.com>
    Reviewed-By: James M Snell <jasnell@gmail.com>
    Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Commits on Jan 7, 2019
  1. crypto: always accept private keys as public keys

    tniessen authored and addaleax committed Dec 25, 2018
    Some APIs already accept private keys instead of public keys. This
    changes all relevant crypto APIs to do so.
    
    PR-URL: #25217
    Reviewed-By: Anna Henningsen <anna@addaleax.net>
    Reviewed-By: James M Snell <jasnell@gmail.com>
    Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
    Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
  2. crypto: fix key object wrapping in sync keygen

    tniessen authored and danbev committed Jan 3, 2019
    PR-URL: #25326
    Fixes: #25322
    Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
    Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
    Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
    Reviewed-By: James M Snell <jasnell@gmail.com>
Commits on Jan 5, 2019
  1. doc: document key encryption options

    tniessen committed Oct 12, 2018
    PR-URL: #23632
    Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Commits on Dec 30, 2018
  1. crypto: fix zero byte allocation assertion failure

    tniessen authored and addaleax committed Dec 28, 2018
    When an empty string was passed, malloc might have returned a nullptr
    depending on the platform, causing an assertion failure. This change
    makes private key parsing behave as public key parsing does, causing
    a BIO error instead that can be caught in JS.
    
    Fixes: #25247
    
    PR-URL: #25248
    Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com>
    Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
    Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
    Reviewed-By: Anna Henningsen <anna@addaleax.net>
Commits on Dec 24, 2018
  1. crypto: always accept certificates as public keys

    tniessen committed Dec 19, 2018
    PR-URL: #24234
    Reviewed-By: Refael Ackermann <refack@gmail.com>
    Reviewed-By: James M Snell <jasnell@gmail.com>
  2. crypto: add key object API

    tniessen committed Sep 20, 2018
    This commit makes multiple important changes:
    
    1. A new key object API is introduced. The KeyObject class itself is
       not exposed to users, instead, several new APIs can be used to
       construct key objects: createSecretKey, createPrivateKey and
       createPublicKey. The new API also allows to convert between
       different key formats, and even though the API itself is not
       compatible to the WebCrypto standard in any way, it makes
       interoperability much simpler.
    
    2. Key objects can be used instead of the raw key material in all
       relevant crypto APIs.
    
    3. The handling of asymmetric keys has been unified and greatly
       improved. Node.js now fully supports both PEM-encoded and
       DER-encoded public and private keys.
    
    4. Conversions between buffers and strings have been moved to native
       code for sensitive data such as symmetric keys due to security
       considerations such as zeroing temporary buffers.
    
    5. For compatibility with older versions of the crypto API, this
       change allows to specify Buffers and strings as the "passphrase"
       option when reading or writing an encoded key. Note that this
       can result in unexpected behavior if the password contains a
       null byte.
    
    PR-URL: #24234
    Reviewed-By: Refael Ackermann <refack@gmail.com>
    Reviewed-By: James M Snell <jasnell@gmail.com>
Commits on Oct 19, 2018
  1. crypto: remove DiffieHellman.initialised_

    tniessen committed Oct 17, 2018
    As pointed out by Ben Noordhuis, this internal field can be removed
    since all instances are initialized when exposed to users.
    
    PR-URL: #23717
    Refs: #23648
    Reviewed-By: James M Snell <jasnell@gmail.com>
    Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
    Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
    Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
  2. crypto: reduce memory usage of SignFinal

    tniessen committed Oct 11, 2018
    The fixed-size buffer on the stack is unnecessary and way too large
    for most applications. This change removes it and allocates the
    required memory directly instead of copying into heap later.
    
    PR-URL: #23427
    Reviewed-By: Anna Henningsen <anna@addaleax.net>
    Reviewed-By: Refael Ackermann <refack@gmail.com>
Commits on Oct 17, 2018
  1. crypto: simplify internal state handling

    tniessen committed Oct 13, 2018
    Uninitialized instances are not exposed to users, so this condition should
    always be true.
    
    PR-URL: #23648
    Reviewed-By: Refael Ackermann <refack@gmail.com>
    Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
    Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
  2. crypto: simplify error handling in ECDH::New

    tniessen committed Oct 13, 2018
    The type of the argument is being checked within JS which makes the
    type checking in C++ unnecessary.
    
    PR-URL: #23647
    Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
    Reviewed-By: Anna Henningsen <anna@addaleax.net>
Commits on Oct 12, 2018
  1. src: fix bug in MallocedBuffer constructor

    tniessen authored and addaleax committed Oct 12, 2018
    This should be a generic type even though we are
    currently only using `char` as `T`.
    
    PR-URL: #23434
    Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
    Reviewed-By: Anna Henningsen <anna@addaleax.net>
    Reviewed-By: Refael Ackermann <refack@gmail.com>
    Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
    Reviewed-By: James M Snell <jasnell@gmail.com>
Commits on Oct 8, 2018
  1. crypto: remove node::crypto::CheckResult

    tniessen authored and danbev committed Oct 2, 2018
    PR-URL: #23225
    Reviewed-By: Anna Henningsen <anna@addaleax.net>
    Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
    Reviewed-By: James M Snell <jasnell@gmail.com>
    Reviewed-By: Refael Ackermann <refack@gmail.com>
    Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Commits on Oct 2, 2018
  1. crypto: make PEM parsing RFC7468-compliant

    tniessen committed Sep 29, 2018
    PR-URL: #23164
    Fixes: #13612
    Fixes: #22815
    Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
    Reviewed-By: James M Snell <jasnell@gmail.com>
  2. crypto: add support for PEM-level encryption

    tniessen committed Sep 28, 2018
    This adds support for PEM-level encryption as defined in RFC 1421.
    PEM-level encryption is intentionally unsupported for PKCS#8 private
    keys since PKCS#8 defines a newer encryption format.
    
    PR-URL: #23151
    Refs: #22660
    Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
    Reviewed-By: James M Snell <jasnell@gmail.com>
Commits on Oct 1, 2018
  1. crypto: replace gotos

    tniessen committed Sep 27, 2018
    PR-URL: #23132
    Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
    Reviewed-By: Denys Otrishko <shishugi@gmail.com>
    Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
    Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
    Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
    Reviewed-By: Anna Henningsen <anna@addaleax.net>
    Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
    Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
    Reviewed-By: James M Snell <jasnell@gmail.com>
Older
You can’t perform that action at this time.