crypto: add key object API #24234
Closed
crypto: add key object API #24234
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
tniessen
added
the
semver-minor
nodejs-github-bot
added
the
lib / src
tniessen
added
crypto
refack
reviewed
Nov 8, 2018
sam-github
reviewed
Nov 8, 2018
sam-github
reviewed
Nov 8, 2018
sam-github
reviewed
Nov 8, 2018
sam-github
reviewed
Nov 8, 2018
sam-github
reviewed
Nov 8, 2018
addaleax
reviewed
Nov 8, 2018
mcollina
reviewed
Nov 9, 2018
What are the differences between this new API and the API exposed through web crypto? Could we realistically change this API to be compatible? |
WebCrypto has a very different design. I originally called the new API
Rebased, old HEAD was 6c92496a7cf304785162ad5cd37632cea916b22b. |
tniessen
force-pushed
the
crypto-add-key-objects
branch
from
6c92496
to
29e1fe7
Compare
refack
reviewed
Nov 12, 2018
refack
reviewed
Nov 12, 2018
refack
reviewed
Nov 12, 2018
refack
reviewed
Nov 12, 2018
sam-github
reviewed
Nov 14, 2018
There was a problem hiding this comment.
I really like the direction, I think its a good API. Left some comments, mostly on the API. The C++ is a lot to read through, sorry, I ran out of time. I would prefer this not be experimental. I assume it doesn't intentionally break current APIs, and it also isn't particularly complex in terms of its API, so its hard to see it generating much comment or controversy or need to change. Would be great if it can go into 11.x, get some mileage there, and be stable in 12.xx. I doubt it can make it into 10.x, its a lot of churn.
jasnell
reviewed
Nov 19, 2018
|
Definite +1 on this moving forward. Code generally looking good but won't sign off until it's further along. |
tniessen
force-pushed
the
crypto-add-key-objects
branch
from
c115514
to
e68c257
Compare
|
/cc @joepie91 |
|
One question has come up multiple times: Should the key object API permit X509 certificates when constructing public keys? Personally, I think it makes more sense to provide an API for certificates that allows to extract the public key as a key object because a certificate is not the same as an asymmetric key, but others might feel differently. cc @nodejs/crypto |
refack
approved these changes
Nov 26, 2018
This commit makes multiple important changes: 1. A new key object API is introduced. The KeyObject class itself is not exposed to users, instead, several new APIs can be used to construct key objects: createSecretKey, createPrivateKey and createPublicKey. The new API also allows to convert between different key formats, and even though the API itself is not compatible to the WebCrypto standard in any way, it makes interoperability much simpler. 2. Key objects can be used instead of the raw key material in all relevant crypto APIs. 3. The handling of asymmetric keys has been unified and greatly improved. Node.js now fully supports both PEM-encoded and DER-encoded public and private keys. 4. Conversions between buffers and strings have been moved to native code for sensitive data such as symmetric keys due to security considerations such as zeroing temporary buffers. 5. For compatibility with older versions of the crypto API, this change allows to specify Buffers and strings as the "passphrase" option when reading or writing an encoded key. Note that this can result in unexpected behavior if the password contains a null byte.
2 tasks
MylesBorins
pushed a commit
that referenced
this pull request
Dec 25, 2018
This commit makes multiple important changes: 1. A new key object API is introduced. The KeyObject class itself is not exposed to users, instead, several new APIs can be used to construct key objects: createSecretKey, createPrivateKey and createPublicKey. The new API also allows to convert between different key formats, and even though the API itself is not compatible to the WebCrypto standard in any way, it makes interoperability much simpler. 2. Key objects can be used instead of the raw key material in all relevant crypto APIs. 3. The handling of asymmetric keys has been unified and greatly improved. Node.js now fully supports both PEM-encoded and DER-encoded public and private keys. 4. Conversions between buffers and strings have been moved to native code for sensitive data such as symmetric keys due to security considerations such as zeroing temporary buffers. 5. For compatibility with older versions of the crypto API, this change allows to specify Buffers and strings as the "passphrase" option when reading or writing an encoded key. Note that this can result in unexpected behavior if the password contains a null byte. PR-URL: #24234 Reviewed-By: Refael Ackermann <refack@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
MylesBorins
pushed a commit
that referenced
this pull request
Dec 25, 2018
PR-URL: #24234 Reviewed-By: Refael Ackermann <refack@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
MylesBorins
added a commit
that referenced
this pull request
Dec 25, 2018
Notable Changes:
* cli:
- add --max-http-header-size flag (cjihrig)
#24811
* crypto:
- always accept certificates as public keys (Tobias Nießen)
#24234
- add key object API (Tobias Nießen) [#24234](#24234)
- update root certificates (Sam Roberts)
#25113
* deps:
- upgrade to libuv 1.24.1 (cjihrig)
#25078
- upgrade npm to 6.5.0 (Audrey Eschright)
#24734
* http:
- add maxHeaderSize property (cjihrig)
#24860
PR-URL: #25175
Merged
MylesBorins
pushed a commit
that referenced
this pull request
Dec 26, 2018
This commit makes multiple important changes: 1. A new key object API is introduced. The KeyObject class itself is not exposed to users, instead, several new APIs can be used to construct key objects: createSecretKey, createPrivateKey and createPublicKey. The new API also allows to convert between different key formats, and even though the API itself is not compatible to the WebCrypto standard in any way, it makes interoperability much simpler. 2. Key objects can be used instead of the raw key material in all relevant crypto APIs. 3. The handling of asymmetric keys has been unified and greatly improved. Node.js now fully supports both PEM-encoded and DER-encoded public and private keys. 4. Conversions between buffers and strings have been moved to native code for sensitive data such as symmetric keys due to security considerations such as zeroing temporary buffers. 5. For compatibility with older versions of the crypto API, this change allows to specify Buffers and strings as the "passphrase" option when reading or writing an encoded key. Note that this can result in unexpected behavior if the password contains a null byte. PR-URL: #24234 Reviewed-By: Refael Ackermann <refack@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
MylesBorins
pushed a commit
that referenced
this pull request
Dec 26, 2018
PR-URL: #24234 Reviewed-By: Refael Ackermann <refack@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
MylesBorins
added a commit
that referenced
this pull request
Dec 26, 2018
Notable Changes:
* cli:
- add --max-http-header-size flag (cjihrig)
#24811
* crypto:
- always accept certificates as public keys (Tobias Nießen)
#24234
- add key object API (Tobias Nießen) [#24234](#24234)
- update root certificates (Sam Roberts)
#25113
* deps:
- upgrade to libuv 1.24.1 (cjihrig)
#25078
- upgrade npm to 6.5.0 (Audrey Eschright)
#24734
* http:
- add maxHeaderSize property (cjihrig)
#24860
PR-URL: #25175
MylesBorins
added a commit
that referenced
this pull request
Dec 26, 2018
Notable Changes:
* cli:
- add --max-http-header-size flag (cjihrig)
#24811
* crypto:
- always accept certificates as public keys (Tobias Nießen)
#24234
- add key object API (Tobias Nießen) [#24234](#24234)
- update root certificates (Sam Roberts)
#25113
* deps:
- upgrade to libuv 1.24.1 (cjihrig)
#25078
- upgrade npm to 6.5.0 (Audrey Eschright)
#24734
* http:
- add maxHeaderSize property (cjihrig)
#24860
PR-URL: #25175
cjihrig
added a commit
to cjihrig/node
that referenced
this pull request
Dec 26, 2018
During the time between nodejs#24234 being opened and it landing, a V8 update occurred that deprecated several APIs. This commit fixes the following compiler warnings: ../src/node_crypto.cc:3342:11: warning: 'Set' is deprecated: Use maybe version ../src/node_crypto.cc:3345:13: warning: 'GetFunction' is deprecated: Use maybe version PR-URL: nodejs#25205 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
MylesBorins
added a commit
that referenced
this pull request
Dec 26, 2018
Notable Changes:
* cli:
- add --max-http-header-size flag (cjihrig)
#24811
* crypto:
- always accept certificates as public keys (Tobias Nießen)
#24234
- add key object API (Tobias Nießen) [#24234](#24234)
- update root certificates (Sam Roberts)
#25113
* deps:
- upgrade to libuv 1.24.1 (cjihrig)
#25078
- upgrade npm to 6.5.0 (Audrey Eschright)
#24734
* http:
- add maxHeaderSize property (cjihrig)
#24860
PR-URL: #25175
3 tasks
targos
pushed a commit
that referenced
this pull request
Jan 1, 2019
During the time between #24234 being opened and it landing, a V8 update occurred that deprecated several APIs. This commit fixes the following compiler warnings: ../src/node_crypto.cc:3342:11: warning: 'Set' is deprecated: Use maybe version ../src/node_crypto.cc:3345:13: warning: 'GetFunction' is deprecated: Use maybe version PR-URL: #25205 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
refack
pushed a commit
to refack/node
that referenced
this pull request
Jan 14, 2019
This commit makes multiple important changes: 1. A new key object API is introduced. The KeyObject class itself is not exposed to users, instead, several new APIs can be used to construct key objects: createSecretKey, createPrivateKey and createPublicKey. The new API also allows to convert between different key formats, and even though the API itself is not compatible to the WebCrypto standard in any way, it makes interoperability much simpler. 2. Key objects can be used instead of the raw key material in all relevant crypto APIs. 3. The handling of asymmetric keys has been unified and greatly improved. Node.js now fully supports both PEM-encoded and DER-encoded public and private keys. 4. Conversions between buffers and strings have been moved to native code for sensitive data such as symmetric keys due to security considerations such as zeroing temporary buffers. 5. For compatibility with older versions of the crypto API, this change allows to specify Buffers and strings as the "passphrase" option when reading or writing an encoded key. Note that this can result in unexpected behavior if the password contains a null byte. PR-URL: nodejs#24234 Reviewed-By: Refael Ackermann <refack@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
refack
pushed a commit
to refack/node
that referenced
this pull request
Jan 14, 2019
PR-URL: nodejs#24234 Reviewed-By: Refael Ackermann <refack@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
refack
pushed a commit
to refack/node
that referenced
this pull request
Jan 14, 2019
During the time between nodejs#24234 being opened and it landing, a V8 update occurred that deprecated several APIs. This commit fixes the following compiler warnings: ../src/node_crypto.cc:3342:11: warning: 'Set' is deprecated: Use maybe version ../src/node_crypto.cc:3345:13: warning: 'GetFunction' is deprecated: Use maybe version PR-URL: nodejs#25205 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
refack
pushed a commit
to refack/node
that referenced
this pull request
Jan 14, 2019
Notable Changes:
* cli:
- add --max-http-header-size flag (cjihrig)
nodejs#24811
* crypto:
- always accept certificates as public keys (Tobias Nießen)
nodejs#24234
- add key object API (Tobias Nießen) [nodejs#24234](nodejs#24234)
- update root certificates (Sam Roberts)
nodejs#25113
* deps:
- upgrade to libuv 1.24.1 (cjihrig)
nodejs#25078
- upgrade npm to 6.5.0 (Audrey Eschright)
nodejs#24734
* http:
- add maxHeaderSize property (cjihrig)
nodejs#24860
PR-URL: nodejs#25175
4 tasks
4 tasks
paroga
added a commit
to paroga/node
that referenced
this pull request
Mar 2, 2019
Expose the size of asymetric keys of crypto key object from the crypto module added in v11.6.0 (nodejs#24234)
BridgeAR
pushed a commit
to BridgeAR/node
that referenced
this pull request
Mar 6, 2019
Expose the size of asymetric keys of crypto key object from the crypto module added in v11.6.0. PR-URL: nodejs#26387 Refs: nodejs#24234 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
BridgeAR
pushed a commit
to BridgeAR/node
that referenced
this pull request
Mar 12, 2019
Expose the size of asymetric keys of crypto key object from the crypto module added in v11.6.0. PR-URL: nodejs#26387 Refs: nodejs#24234 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
16 tasks
|
The new API introduced here is extremely ambiguous and confusing. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Preamble: This is a huge change and I will do my best to help with reviewing it. There might still be dozens of places that need some work, but so far, everything seems to be working nicely. I summarized the motivation behind this change in #15113 (comment). There are also lots of possible discussions around this, e.g. whether key derivation should consume / produce key objects etc.
This commit makes multiple important changes:
A new key object API is introduced. The
KeyObjectclass itself isnot exposed to users, instead, several new APIs can be used to
construct key objects:
createSecretKey,createPrivateKeyandcreatePublicKey. The new API also allows to convert betweendifferent key formats, and even though the API itself is not
compatible to the WebCrypto standard in any way, it makes
interoperability much simpler.
Key objects can be used instead of the raw key material in all
relevant crypto APIs.
The handling of asymmetric keys has been unified and greatly
improved. Node.js now fully supports both PEM-encoded and
DER-encoded public and private keys.
Conversions between buffers and strings have been moved to native
code for sensitive data such as symmetric keys due to security
considerations such as zeroing temporary buffers.
For compatibility with older versions of the crypto API, this
change allows to specify Buffers and strings as the
"passphrase"option when reading or writing an encoded key. Note that this
can result in unexpected behavior if the password contains a
null byte.
cc @nodejs/crypto @nodejs/security-wg @nodejs/security
Checklist
make -j4 test(UNIX), orvcbuild test(Windows) passes