mirror of
https://github.com/zebrajr/node.git
synced 2026-01-15 12:15:26 +00:00
457567f72c
To lazy load the run time options, the following properties are updated from value properties to accessor properties whose getter would turn them back to a value properties upon the initial access. - crypto.constants.defaultCipherList - crypto.pseudoRandomBytes - crypto.prng - crypto.rng PR-URL: https://github.com/nodejs/node/pull/42203 Refs: https://github.com/nodejs/node/issues/37476 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Bradley Farias <bradley.meck@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
382 lines
8.4 KiB
JavaScript
382 lines
8.4 KiB
JavaScript
// Copyright Joyent, Inc. and other Node contributors.
|
|
//
|
|
// Permission is hereby granted, free of charge, to any person obtaining a
|
|
// copy of this software and associated documentation files (the
|
|
// "Software"), to deal in the Software without restriction, including
|
|
// without limitation the rights to use, copy, modify, merge, publish,
|
|
// distribute, sublicense, and/or sell copies of the Software, and to permit
|
|
// persons to whom the Software is furnished to do so, subject to the
|
|
// following conditions:
|
|
//
|
|
// The above copyright notice and this permission notice shall be included
|
|
// in all copies or substantial portions of the Software.
|
|
//
|
|
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
|
|
// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
|
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
|
|
// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
|
|
// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
|
|
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
|
|
// USE OR OTHER DEALINGS IN THE SOFTWARE.
|
|
|
|
// Note: In 0.8 and before, crypto functions all defaulted to using
|
|
// binary-encoded strings rather than buffers.
|
|
|
|
'use strict';
|
|
|
|
const {
|
|
ObjectDefineProperty,
|
|
ObjectDefineProperties,
|
|
} = primordials;
|
|
|
|
const {
|
|
assertCrypto,
|
|
deprecate
|
|
} = require('internal/util');
|
|
assertCrypto();
|
|
|
|
const {
|
|
ERR_CRYPTO_FIPS_FORCED,
|
|
} = require('internal/errors').codes;
|
|
const constants = internalBinding('constants').crypto;
|
|
const { getOptionValue } = require('internal/options');
|
|
const {
|
|
getFipsCrypto,
|
|
setFipsCrypto,
|
|
timingSafeEqual,
|
|
} = internalBinding('crypto');
|
|
const {
|
|
checkPrime,
|
|
checkPrimeSync,
|
|
generatePrime,
|
|
generatePrimeSync,
|
|
randomBytes,
|
|
randomFill,
|
|
randomFillSync,
|
|
randomInt,
|
|
randomUUID,
|
|
} = require('internal/crypto/random');
|
|
const {
|
|
pbkdf2,
|
|
pbkdf2Sync
|
|
} = require('internal/crypto/pbkdf2');
|
|
const {
|
|
scrypt,
|
|
scryptSync
|
|
} = require('internal/crypto/scrypt');
|
|
const {
|
|
hkdf,
|
|
hkdfSync
|
|
} = require('internal/crypto/hkdf');
|
|
const {
|
|
generateKeyPair,
|
|
generateKeyPairSync,
|
|
generateKey,
|
|
generateKeySync,
|
|
} = require('internal/crypto/keygen');
|
|
const {
|
|
createSecretKey,
|
|
createPublicKey,
|
|
createPrivateKey,
|
|
KeyObject,
|
|
} = require('internal/crypto/keys');
|
|
const {
|
|
DiffieHellman,
|
|
DiffieHellmanGroup,
|
|
ECDH,
|
|
diffieHellman
|
|
} = require('internal/crypto/diffiehellman');
|
|
const {
|
|
Cipher,
|
|
Cipheriv,
|
|
Decipher,
|
|
Decipheriv,
|
|
privateDecrypt,
|
|
privateEncrypt,
|
|
publicDecrypt,
|
|
publicEncrypt,
|
|
getCipherInfo,
|
|
} = require('internal/crypto/cipher');
|
|
const {
|
|
Sign,
|
|
signOneShot,
|
|
Verify,
|
|
verifyOneShot
|
|
} = require('internal/crypto/sig');
|
|
const {
|
|
Hash,
|
|
Hmac
|
|
} = require('internal/crypto/hash');
|
|
const {
|
|
X509Certificate
|
|
} = require('internal/crypto/x509');
|
|
const {
|
|
getCiphers,
|
|
getCurves,
|
|
getDefaultEncoding,
|
|
getHashes,
|
|
setDefaultEncoding,
|
|
setEngine,
|
|
secureHeapUsed,
|
|
} = require('internal/crypto/util');
|
|
const Certificate = require('internal/crypto/certificate');
|
|
|
|
let webcrypto;
|
|
function lazyWebCrypto() {
|
|
webcrypto ??= require('internal/crypto/webcrypto');
|
|
return webcrypto;
|
|
}
|
|
|
|
// These helper functions are needed because the constructors can
|
|
// use new, in which case V8 cannot inline the recursive constructor call
|
|
function createHash(algorithm, options) {
|
|
return new Hash(algorithm, options);
|
|
}
|
|
|
|
function createCipher(cipher, password, options) {
|
|
return new Cipher(cipher, password, options);
|
|
}
|
|
|
|
function createCipheriv(cipher, key, iv, options) {
|
|
return new Cipheriv(cipher, key, iv, options);
|
|
}
|
|
|
|
function createDecipher(cipher, password, options) {
|
|
return new Decipher(cipher, password, options);
|
|
}
|
|
|
|
function createDecipheriv(cipher, key, iv, options) {
|
|
return new Decipheriv(cipher, key, iv, options);
|
|
}
|
|
|
|
function createDiffieHellman(sizeOrKey, keyEncoding, generator, genEncoding) {
|
|
return new DiffieHellman(sizeOrKey, keyEncoding, generator, genEncoding);
|
|
}
|
|
|
|
function createDiffieHellmanGroup(name) {
|
|
return new DiffieHellmanGroup(name);
|
|
}
|
|
|
|
function createECDH(curve) {
|
|
return new ECDH(curve);
|
|
}
|
|
|
|
function createHmac(hmac, key, options) {
|
|
return new Hmac(hmac, key, options);
|
|
}
|
|
|
|
function createSign(algorithm, options) {
|
|
return new Sign(algorithm, options);
|
|
}
|
|
|
|
function createVerify(algorithm, options) {
|
|
return new Verify(algorithm, options);
|
|
}
|
|
|
|
module.exports = {
|
|
// Methods
|
|
checkPrime,
|
|
checkPrimeSync,
|
|
createCipheriv,
|
|
createDecipheriv,
|
|
createDiffieHellman,
|
|
createDiffieHellmanGroup,
|
|
createECDH,
|
|
createHash,
|
|
createHmac,
|
|
createPrivateKey,
|
|
createPublicKey,
|
|
createSecretKey,
|
|
createSign,
|
|
createVerify,
|
|
diffieHellman,
|
|
generatePrime,
|
|
generatePrimeSync,
|
|
getCiphers,
|
|
getCipherInfo,
|
|
getCurves,
|
|
getDiffieHellman: createDiffieHellmanGroup,
|
|
getHashes,
|
|
hkdf,
|
|
hkdfSync,
|
|
pbkdf2,
|
|
pbkdf2Sync,
|
|
generateKeyPair,
|
|
generateKeyPairSync,
|
|
generateKey,
|
|
generateKeySync,
|
|
privateDecrypt,
|
|
privateEncrypt,
|
|
publicDecrypt,
|
|
publicEncrypt,
|
|
randomBytes,
|
|
randomFill,
|
|
randomFillSync,
|
|
randomInt,
|
|
randomUUID,
|
|
scrypt,
|
|
scryptSync,
|
|
sign: signOneShot,
|
|
setEngine,
|
|
timingSafeEqual,
|
|
getFips,
|
|
setFips,
|
|
verify: verifyOneShot,
|
|
|
|
// Classes
|
|
Certificate,
|
|
Cipher,
|
|
Cipheriv,
|
|
Decipher,
|
|
Decipheriv,
|
|
DiffieHellman,
|
|
DiffieHellmanGroup,
|
|
ECDH,
|
|
Hash,
|
|
Hmac,
|
|
KeyObject,
|
|
Sign,
|
|
Verify,
|
|
X509Certificate,
|
|
secureHeapUsed,
|
|
};
|
|
|
|
function getFips() {
|
|
return getOptionValue('--force-fips') ? 1 : getFipsCrypto();
|
|
}
|
|
|
|
function setFips(val) {
|
|
if (getOptionValue('--force-fips')) {
|
|
if (val) return;
|
|
throw new ERR_CRYPTO_FIPS_FORCED();
|
|
} else {
|
|
setFipsCrypto(val);
|
|
}
|
|
}
|
|
|
|
function getRandomValues(array) {
|
|
return lazyWebCrypto().crypto.getRandomValues(array);
|
|
}
|
|
|
|
ObjectDefineProperty(constants, 'defaultCipherList', {
|
|
get() {
|
|
const value = getOptionValue('--tls-cipher-list');
|
|
ObjectDefineProperty(this, 'defaultCipherList', {
|
|
writable: true,
|
|
configurable: true,
|
|
enumerable: true,
|
|
value
|
|
});
|
|
return value;
|
|
},
|
|
set(val) {
|
|
ObjectDefineProperty(this, 'defaultCipherList', {
|
|
writable: true,
|
|
configurable: true,
|
|
enumerable: true,
|
|
value: val
|
|
});
|
|
},
|
|
configurable: true,
|
|
enumerable: true,
|
|
});
|
|
|
|
function getRandomBytesAlias(key) {
|
|
return {
|
|
enumerable: false,
|
|
configurable: true,
|
|
get() {
|
|
let value;
|
|
if (getOptionValue('--pending-deprecation')) {
|
|
value = deprecate(
|
|
randomBytes,
|
|
`crypto.${key} is deprecated.`,
|
|
'DEP0115');
|
|
} else {
|
|
value = randomBytes;
|
|
}
|
|
ObjectDefineProperty(
|
|
this,
|
|
key,
|
|
{
|
|
enumerable: false,
|
|
configurable: true,
|
|
writable: true,
|
|
value: value
|
|
}
|
|
);
|
|
return value;
|
|
},
|
|
set(value) {
|
|
ObjectDefineProperty(
|
|
this,
|
|
key,
|
|
{
|
|
enumerable: true,
|
|
configurable: true,
|
|
writable: true,
|
|
value
|
|
}
|
|
);
|
|
}
|
|
};
|
|
}
|
|
|
|
ObjectDefineProperties(module.exports, {
|
|
createCipher: {
|
|
enumerable: false,
|
|
value: deprecate(createCipher,
|
|
'crypto.createCipher is deprecated.', 'DEP0106')
|
|
},
|
|
createDecipher: {
|
|
enumerable: false,
|
|
value: deprecate(createDecipher,
|
|
'crypto.createDecipher is deprecated.', 'DEP0106')
|
|
},
|
|
// crypto.fips is deprecated. DEP0093. Use crypto.getFips()/crypto.setFips()
|
|
fips: {
|
|
get: getFips,
|
|
set: setFips,
|
|
},
|
|
DEFAULT_ENCODING: {
|
|
enumerable: false,
|
|
configurable: true,
|
|
get: deprecate(getDefaultEncoding,
|
|
'crypto.DEFAULT_ENCODING is deprecated.', 'DEP0091'),
|
|
set: deprecate(setDefaultEncoding,
|
|
'crypto.DEFAULT_ENCODING is deprecated.', 'DEP0091')
|
|
},
|
|
constants: {
|
|
configurable: false,
|
|
enumerable: true,
|
|
value: constants
|
|
},
|
|
|
|
webcrypto: {
|
|
configurable: false,
|
|
enumerable: true,
|
|
get() { return lazyWebCrypto().crypto; },
|
|
set: undefined,
|
|
},
|
|
|
|
subtle: {
|
|
configurable: false,
|
|
enumerable: true,
|
|
get() { return lazyWebCrypto().crypto.subtle; },
|
|
set: undefined,
|
|
},
|
|
|
|
getRandomValues: {
|
|
configurable: false,
|
|
enumerable: true,
|
|
get: () => getRandomValues,
|
|
set: undefined,
|
|
},
|
|
|
|
// Aliases for randomBytes are deprecated.
|
|
// The ecosystem needs those to exist for backwards compatibility.
|
|
prng: getRandomBytesAlias('prng'),
|
|
pseudoRandomBytes: getRandomBytesAlias('pseudoRandomBytes'),
|
|
rng: getRandomBytesAlias('rng')
|
|
});
|