-
Notifications
You must be signed in to change notification settings - Fork 29.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
crypto: fix EdDSA support for KeyObject #26319
Conversation
@mscdex sadly an error occured when I tried to trigger a build :( |
0c427fd
to
79c3aa6
Compare
@nodejs/crypto |
Also, this should be backported if/when #26270 lands. |
assert.strictEqual(key.export(exportOptions), info.public); | ||
}); | ||
} | ||
}); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you also check that encryption and decryption work? Search this file for publicEncrypt()
and privateDecrypt()
for examples.
(We really should have tests that check that all different KeyObject types are accepted wherever a KeyObject is accepted - e.g., sign(), verify(), createHmac(), etc.)
edit: oh, I see you opened #26320 for this?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Correct, these changes were easy/straight-forward enough that I decided to submit a PR for them separately.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good.
The pre-existing switch statement default CHECK() makes me wonder if there are other key types that could be smuggled in to cause abort.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry for chiming in late, I've been away for a couple of days.
Ping @mscdex |
d1c5ca1
to
e40b0ad
Compare
e40b0ad
to
8c139e6
Compare
Aren't we just "patching" here? In the future if another key manages to pass openssl but isn't prepared this way we'll crash again. |
It's hard to know if this catches all key types that are possible, I don't understand enough of the context this is used, or the OpenSSL APIs. A check of the OpenSSL headers don't make it easy to see what EVP_PKEY_ types we should handle: node/deps/openssl/openssl/include/openssl/evp.h Lines 41 to 64 in b22ee71
I can only find one case statement handling EVP_PKEY_ED448, and it could be taken to imply we are missing a couple PKEY types that we should perhaps handle,EVP_PKEY_RSA_PSS, EVP_PKEY_DH, and the three Gost key types: node/deps/openssl/openssl/crypto/x509/x509type.c Lines 33 to 59 in b22ee71
@mscdex Do you think its worth adding a couple more case statements to match Its fine to leave that for a follow up PR if it takes more research. It is in my TODO list of things to look at, but that list is already large and growing faster than my free time, so no promises. |
@sam-github The only reason I'm adding these values is because ed25519/ed448 support was only added in OpenSSL 1.1.1, which was pulled in not that long ago. I do not know about supporting other types. |
@mscdex Understood. If anyone else wants to take a crack at figuring out what other types could show up in the default of the case statement, have at it, but I don't think it should block this PR. |
@sam-github I can take a look at that later, this PR should be good to land either way as you said. |
I just remembered we have most of our keys in |
Unsurprisingly, |
@sam-github Wherever the conversation is had, we do have a team for distributors (@nodejs/distros) and another for embedders (@nodejs/embedders) so maybe pinging those channels. They are both subteams of @nodejs/delivery-channels (which also includes the version management folks, for stuff like nvm and n). The delivery-channels team has no repository, but they do have a discussion board. Unfortunately, that can't be made public (but can be made viewable by anyone in the @nodejs org and that's hundreds of people, so maybe that's a place to start.). |
PR-URL: #26554 Refs: #26319 Reviewed-By: Sam Roberts <[email protected]>
PR-URL: nodejs#26554 Refs: nodejs#26319 Reviewed-By: Sam Roberts <[email protected]>
I think |
I just landed the commit on v11.x-staging. |
PR-URL: #26319 Fixes: #26316 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Sam Roberts <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Tobias Nießen <[email protected]> Reviewed-By: Ujjwal Sharma <[email protected]>
PR-URL: #26554 Refs: #26319 Reviewed-By: Sam Roberts <[email protected]>
FWIW this was labeled as |
Its pretty easy to add some conditionals on the key type so that it builds against shared openssl 1.1.0, so doing a backport is very possible if someone wants to. |
Honestly I'd much rather have all eddsa-related functionality available within a branch (even if it means it's only available in node v12+) because it's easier to think about, rather than having to a bunch of complicated checks. |
What do you mean by "branch"? I'm not concerned about getting eddsa back into 10.x, if 10.x users want new features they can use 12.x. However, in my experience, small "we won't backport this because we don't need the feature" changes have big ripples, as backports become increasingly difficult because new code has textual (as opposed to depending on eddsa) dependencies on the non-backported code. Eventually, more and more stuff has to be backported that could have cherry-picked cleanly, or almost cleanly. |
I'm not going to push hard for this to be backported, but I will propose a backport as soon as we have a PR that doesn't land because this is missing. Required checks for backporting are an ifdef around the two new case statements, and some of the test keys have to be skipped. I don't think that is complicated. |
Fixes: #26316
Checklist
make -j4 test
(UNIX), orvcbuild test
(Windows) passes