crypto: add support for chacha20-poly1305 for AEAD

[chux0519]

Openssl support AEAD_CHACHA20_POLY1305(rfc7539) since 1.1.

Fixes: #24080
Refs: https://tools.ietf.org/html/rfc7539

Checklist

• make -j4 test (UNIX), or vcbuild test (Windows) passes
• tests and/or benchmarks are included
• documentation is changed or added
• commit message follows commit guidelines

[targos]

@nodejs/crypto

[refack]

Hello @chux0519 welcome, and thank you for your contribution 🥇
If you are not familiar with our review and landing process, it's covered in CONTRIBUTING.md

P.S. If you have any question you can also feel free to contact me directly.

[chux0519]

Hello @chux0519 welcome, and thank you for your contribution 🥇
If you are not familiar with our review and landing process, it's covered in CONTRIBUTING.md

P.S. If you have any question you can also feel free to contact me directly.

thx, I will change my code to follow that guide

[chux0519]

It seems make lint-md can not check the 80 characters limit.

[ryzokuken]

@chux0519 lint-md lints the markdown in the codebase. It is geared towards doc-only contributions.

[chux0519]

@chux0519 lint-md lints the markdown in the codebase. It is geared towards doc-only contributions.

thx, i see

[Trott]

It seems make lint-md can not check the 80 characters limit.

@chux0519 It does not currently check that line lengths are 80 characters or less, although I've just opened a PR to implement that. #24094

[chux0519]

#24094

It would be great to have that, And will avoid many comments in reviews causing by doc lint like this one above.

[refack]

After rebasing to current master, Travis should not fail anymore for lint in commit message - #23739

[sam-github]

LGTM, thanks.

[sam-github]

Would overloading IsSupportedAuthenticatedMode() to also accept the EVP_CIPHER_CTX type make sense? It would shorten these 3 repeated calls.

[chux0519]

thank you, It's a good idea, I will add one more IsSupportedAuthenticatedMode to take the EVP_CIPHER_CTX as param

[sam-github]

Maybe a comment here to state that chacha20-poly1305 is an AEAD cipher, but that its mode of 0 doesn't indicate that?

[chux0519]

I will add a comment to indicate it

[sam-github]

ci: https://ci.nodejs.org/job/node-test-pull-request/18376/

[bnoordhuis]

Thanks, LGTM with a request and a suggestion.

[bnoordhuis]

Can you add a CHECK here that verifies the cipher is one of these?

[sam-github]

@bnoordhuis maybe the comment can just be removed? The function is protected by a CHECK(IsAuthenticatedMode()); already, so we know this is an AEAD cipher, and what's happening here is that GCM has some special requirements on tag length that aren't shared by any other AEAD ciphers.

[chux0519]

Thank you for comment, will remove it

[bnoordhuis]

Style: should go on the previous line; i.e., no line break after the paren. The next line should have 4 spaces of indent.

If it gets too unwieldy / doesn't fit in 80 columns, assign the cipher to a variable first:

const EVP_CIPHER* cipher = EVP_CIPHER_CTX_cipher(ctx_.get());
if (kind_ == kDecipher && IsSupportedAuthenticatedMode(cipher)) {
  // ...
}

(Arguably a good idea in any case; easier to read, IMO.)

[chux0519]

Thank you, I will fix this

[refack]

Resume: https://ci.nodejs.org/job/node-test-commit/22946/

P.S. I'm self-assigned this so I'll get notifications from Github, and so that I will not lose track of it and help steward it to completion.

[tniessen]

LGTM, but it would be best to explicitely mention this change in the changes section of createCipheriv and createDecipheriv (in doc/api/crypto.md) like this:

  - version: REPLACEME
    pr-url: https://github.com/nodejs/node/pull/24081
    description: The cipher `chacha20-poly1305` is now supported.

Could you add this to the top of the respective changes: metadata sections in doc/api/crypto.md? (Probably right above OCB support.)

[chux0519]

@tniessen Of course, I have added them

[targos]

Suggested change

	- version: v12.0.0
	- version: REPLACEME

[targos]

Suggested change

	- version: v12.0.0
	- version: REPLACEME

[chux0519]

v10.14.0 right ? Sorry, I just used the ./out/Release/node -v

[targos]

We do not know yet in which actual release this will land, so instead we write REPLACEME and the value is changed when the release that includes this change is done.

[chux0519]

ah, I misunderstood the REPLACEMENT

[chux0519]

Thank you for being so patient.

[sam-github]

I think you are the one being patient! Thanks.

[targos]

I assume this is semver-minor?

[tniessen]

@targos I don't think we have been consistent about that in the past, I'd be okay with marking it semver-minor.

[tniessen]

CI: https://ci.nodejs.org/job/node-test-pull-request/18404/

[refack]

Landed in 5c59622
Congratulations @chux0519 for GitHub promoting you from

to

[rvagg]

Hey @chux0519, thanks for contributing this! I wasn't even aware we didn't support it but it'll help us get closer to solid TLS1.3 support (eventually). You'll note that it's in 11.2.0 now btw.

[chux0519]

Hey @chux0519, thanks for contributing this! I wasn't even aware we didn't support it but it'll help us get closer to solid TLS1.3 support (eventually). You'll note that it's in 11.2.0 now btw.

I'm happy to make this little contrubution to nodejs, thank your all guys' help during the PR process