Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

doc: warn about using strings as inputs in crypto #37248

Merged
merged 0 commits into from
Feb 9, 2021
Merged

doc: warn about using strings as inputs in crypto #37248

merged 0 commits into from
Feb 9, 2021

Conversation

tniessen
Copy link
Member

@tniessen tniessen commented Feb 6, 2021

Passing Unicode strings to cryptographic APIs can negatively affect security and safety due to the way Unicode encoding works. This change adds appropriate warnings.

The bot will label this as crypto but it's probably more appropriate for @nodejs/documentation or @nodejs/buffer.

@tniessen tniessen added the doc Issues and PRs related to the documentations. label Feb 6, 2021
@nodejs-github-bot nodejs-github-bot added the crypto Issues and PRs related to the crypto subsystem. label Feb 6, 2021
@tniessen tniessen force-pushed the doc-crypto-warn-about-strings branch from 44d6475 to 4ebefd3 Compare February 6, 2021 16:05
benjamingr
benjamingr approved these changes Feb 6, 2021
View reviewed changes
Copy link
Member

@benjamingr benjamingr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM (with the marker lint stuff fixed.).

@tniessen tniessen added the author ready PRs that have at least one approval, no pending requests for changes, and a CI started. label Feb 6, 2021
Trott
Trott reviewed Feb 6, 2021
View reviewed changes
doc/api/crypto.md Outdated Show resolved Hide resolved
@tniessen
Copy link
Member Author

tniessen commented Feb 6, 2021

Good point @Trott, fixed.

jasnell
jasnell approved these changes Feb 6, 2021
View reviewed changes
Copy link
Member

@jasnell jasnell left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We may want to consider eventually deprecating string use on these.

Trott
Trott approved these changes Feb 6, 2021
View reviewed changes
Copy link
Member

@Trott Trott left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM although I think the linter is going to want the bottom reference moved because they're in ASCII order so capitalization changes things.

@tniessen
Copy link
Member Author

tniessen commented Feb 6, 2021

We may want to consider eventually deprecating string use on these.

@jasnell I have been in favor of that for certain APIs for a long time. The last time I brought it up, I remember that @bnoordhuis was against that. Strings do make sense in some cases, e.g. for KDFs, but, in my opinion, not for symmetric keys etc. I am working on a PR that deprecates unsafe output encodings (not input encodings).

@tniessen tniessen added wip Issues and PRs that are still a work in progress. and removed wip Issues and PRs that are still a work in progress. labels Feb 6, 2021
addaleax
addaleax approved these changes Feb 7, 2021
View reviewed changes
doc/api/crypto.md Outdated Show resolved Hide resolved
@Trott
Copy link
Member

Trott commented Feb 9, 2021
edited
Loading

Landed in 01e4228.

@Trott Trott closed this Feb 9, 2021
@Trott Trott force-pushed the doc-crypto-warn-about-strings branch from ba659df to 01e4228 Compare February 9, 2021 00:35
@Trott Trott merged commit 01e4228 into nodejs:master Feb 9, 2021
danielleadams pushed a commit that referenced this pull request Feb 16, 2021
@tniessen @danielleadams
doc: warn about using strings as inputs in crypto
cd50e93 
PR-URL: #37248
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
This was referenced Feb 16, 2021
Closed
Merged
@tniessen tniessen removed the author ready PRs that have at least one approval, no pending requests for changes, and a CI started. label Feb 21, 2021
@tniessen tniessen deleted the doc-crypto-warn-about-strings branch February 21, 2021 11:57
@tniessen tniessen mentioned this pull request Aug 8, 2021
Open
tniessen added a commit to tniessen/node that referenced this pull request May 22, 2023
@tniessen
doc: improve HMAC key recommendations
96feae2 
Add a reference to potential problems with using strings as HMAC keys.
Also advise against exceeding the underlying hash function's block size
when generating HMAC keys from a cryptographically secure source of
entropy.

Refs: nodejs#48052
Refs: nodejs#37248
@tniessen tniessen mentioned this pull request May 22, 2023
Merged
nodejs-github-bot pushed a commit that referenced this pull request May 24, 2023
@tniessen
doc: improve HMAC key recommendations
a0e11d7 
Add a reference to potential problems with using strings as HMAC keys.
Also advise against exceeding the underlying hash function's block size
when generating HMAC keys from a cryptographically secure source of
entropy.

Refs: #48052
Refs: #37248
PR-URL: #48121
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
targos pushed a commit that referenced this pull request May 30, 2023
@tniessen @targos
doc: improve HMAC key recommendations
281dfaf 
Add a reference to potential problems with using strings as HMAC keys.
Also advise against exceeding the underlying hash function's block size
when generating HMAC keys from a cryptographically secure source of
entropy.

Refs: #48052
Refs: #37248
PR-URL: #48121
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
danielleadams pushed a commit that referenced this pull request Jul 6, 2023
@tniessen @danielleadams
doc: improve HMAC key recommendations
5146a73 
Add a reference to potential problems with using strings as HMAC keys.
Also advise against exceeding the underlying hash function's block size
when generating HMAC keys from a cryptographically secure source of
entropy.

Refs: #48052
Refs: #37248
PR-URL: #48121
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
MoLow pushed a commit to MoLow/node that referenced this pull request Jul 6, 2023
@tniessen @MoLow
doc: improve HMAC key recommendations
d14018e 
Add a reference to potential problems with using strings as HMAC keys.
Also advise against exceeding the underlying hash function's block size
when generating HMAC keys from a cryptographically secure source of
entropy.

Refs: nodejs#48052
Refs: nodejs#37248
PR-URL: nodejs#48121
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Ceres6 pushed a commit to Ceres6/node that referenced this pull request Aug 14, 2023
@tniessen @Ceres6
doc: improve HMAC key recommendations
d4838d7 
Add a reference to potential problems with using strings as HMAC keys.
Also advise against exceeding the underlying hash function's block size
when generating HMAC keys from a cryptographically secure source of
entropy.

Refs: nodejs#48052
Refs: nodejs#37248
PR-URL: nodejs#48121
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Ceres6 pushed a commit to Ceres6/node that referenced this pull request Aug 14, 2023
@tniessen @Ceres6
doc: improve HMAC key recommendations
e18d0e7 
Add a reference to potential problems with using strings as HMAC keys.
Also advise against exceeding the underlying hash function's block size
when generating HMAC keys from a cryptographically secure source of
entropy.

Refs: nodejs#48052
Refs: nodejs#37248
PR-URL: nodejs#48121
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@panva panva panva approved these changes

@jasnell jasnell jasnell approved these changes

@Trott Trott Trott approved these changes

@addaleax addaleax addaleax approved these changes

@benjamingr benjamingr benjamingr approved these changes

@aymen94 aymen94 aymen94 approved these changes

@marsonya marsonya marsonya approved these changes

Assignees
No one assigned
Labels
crypto Issues and PRs related to the crypto subsystem. doc Issues and PRs related to the documentations.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
10 participants
@tniessen @Trott @panva @jasnell @addaleax @benjamingr @aymen94 @marsonya @targos @nodejs-github-bot