Fedor Indutny
ae5b0e1fc1
crypto: add padding to diffie-hellman key
DH_size returns number of bytes in a prime number, DH_compute_key returns number
of bytes in a remainder of exponent, which may have less bytes than a prime
number. Therefore add 0-padding to the allocated buffer.
Fixes #3372
13 years ago
Ben Noordhuis
900196e135
crypto: make cipher/decipher accept buffer args
13 years ago
ssuda
fb7348ae06
crypto: add PKCS12/PFX support
Fixes #2845 .
13 years ago
Ben Noordhuis
78e831a31c
Don't use _snprintf() on Windows, it's not safe.
_snprintf() doesn't zero-terminate the buffer on overflow. Use the hand-rolled
version that lives in src/node_internals.h.
13 years ago
isaacs
d4ed2e61f7
Add Todo comments about domain-ifying crypto
13 years ago
isaacs
a26bee8fa1
MakeCallback: Consistent symbol usage
13 years ago
isaacs
35c0cd219d
MakeCallback: Use in node_crypto
13 years ago
Ben Noordhuis
9eacf93928
crypto: root JS objects in HandleScope with Local<>
13 years ago
Ben Noordhuis
17524432ff
Fix Engrish in error messages.
13 years ago
Ben Noordhuis
6986d9316c
crypto: fix signedness compiler warnings
13 years ago
ssuda
249c3c165a
Avoiding unnecessary ToString() calls
String::Utf8Value and String::AsciiValue constructors take Handle<Value>
So no need to convert to Handle<String>
13 years ago
Ben Noordhuis
ea44d3031d
crypto: fix compile-time error with openssl <= 0.9.7e
13 years ago
Ben Noordhuis
ff4a9d381d
core: use proper #include directives
13 years ago
Tomasz Buchert
c6a04ce78f
crypto: add function getDiffieHellman()
Returns a well known, predefined RFC group.
13 years ago
Ben Noordhuis
3415427dbf
tls: mitigate session renegotiation attacks
The TLS protocol allows (and sometimes requires) clients to renegotiate the
session. However, renegotiation requires a disproportional amount of server-side
resources, particularly CPU time, which makes it a potential vector for
denial-of-service attacks.
To mitigate this issue, we keep track of and limit the number of renegotiation
requests over time, emitting an error if the threshold is exceeded.
13 years ago
Ben Noordhuis
74a8215a86
Revert support for isolates.
It was decided that the performance benefits that isolates offer (faster spin-up
times for worker processes, faster inter-worker communication, possibly a lower
memory footprint) are not actual bottlenecks for most people and do not outweigh
the potential stability issues and intrusive changes to the code base that
first-class support for isolates requires.
Hence, this commit backs out all isolates-related changes.
Good bye, isolates. We hardly knew ye.
13 years ago
Ben Noordhuis
9edb984274
crypto: silence unused variable warning
`retry` is not used if SSL_PRINT_DEBUG is not defined.
13 years ago
Ingmar Runge
0ca30187cf
Crypto: adding ability to turn off automatic PKCS padding
13 years ago
Ryan Dahl
be67fa7e09
Revert "crypto: add SecureContext.clearOptions() method"
API addition needs to go in master. Also openssl-0.9.8k doesn't have
SSL_CTX_clear_options().
This reverts commit 6f8839d2ac
.
13 years ago
Ben Noordhuis
6f8839d2ac
crypto: add SecureContext.clearOptions() method
SecureContext.setOptions() is backed by SSL_CTX_set_options() which, contrary to
what the name suggests, is additive: it doesn't set options, it adds them to the
already active options.
Hence the need for SecureContext.clearOptions(), which lets you unset active
options.
13 years ago
Ryan Dahl
20ba454ef9
Add node::Loop() and don't inc node_isolate.h in *.cc
node::Loop() replaces the NODE_LOOP macro. This avoids hitting
v8::Isolate::GetCurrent() for each loop lookup when HAVE_ISOLATE==0
13 years ago
Ryan Dahl
f168f7d702
Remove node_isolate.h from node.h
13 years ago
Ben Noordhuis
356992fe4d
isolates: isolate-ify the main loop
13 years ago
Ryan Dahl
9d792f3183
Add node::Loop() and don't inc node_isolate.h in *.cc
node::Loop() replaces the NODE_LOOP macro. This avoids hitting
v8::Isolate::GetCurrent() for each loop lookup when HAVE_ISOLATE==0
13 years ago
Ryan Dahl
87bb848268
Remove node_isolate.h from node.h
13 years ago
Ben Noordhuis
c3346f6760
isolates: isolate-ify the main loop
13 years ago
Roman Shtylman
4b123f9ca2
crypto: rewrite HexDecode without snprintf
No need to use snprintf to create a hex string. It creates
more overhead than is needed. This new version is much faster.
13 years ago
Ben Noordhuis
cc2861ee44
crypto: don't ignore DH init errors
13 years ago
Ben Noordhuis
ef12fa1bf7
crypto: deduplicate encoding parsing logic
13 years ago
Ben Noordhuis
321ec97d95
crypto: deduplicate decipher logic
13 years ago
Ben Noordhuis
77f21787d4
crypto: fix memory leak when decrypting empty strings
Also fixes a dangling pointer delete[] in the error path.
13 years ago
Ben Noordhuis
d70ef199f1
crypto: fix memory leaks in PBKDF2 error path
13 years ago
Ryan Dahl
c5e51cead8
Move lock back to node_crypto.cc
13 years ago
Ryan Dahl
e10fd321e4
move global vars from platfrom, node_signal_watcher to struct
13 years ago
Ryan Dahl
e53e9c72cb
move global vars for node_file.cc, node_zlib.cc, and node_crypto.cc
13 years ago
Ben Noordhuis
f44d0b9044
crypto: throw exception on unknown digest method
Fixes #2227 .
13 years ago
Ingmar Runge
260383215b
node_crypto: use EVP_Cipher*_ex methods, not 'obsolete' versions
This also fixes an issue that made blowfish's ECB mode unusable.
13 years ago
Ben Noordhuis
a808ab4ac4
crypto: use the libuv rwlock API
13 years ago
Ben Noordhuis
9d3faf4f9a
crypto: add support for RSA public key signing/verification
13 years ago
Ben Noordhuis
3ac5f1106d
crypto: make verify() return true or false, not 1 or 0
It's what the documentation says it should return.
13 years ago
Ben Noordhuis
534e41b474
crypto: make verify() return true or false, not 1 or 0
It's what the documentation says it should return.
13 years ago
Ben Noordhuis
cf2ee19049
crypto: fix 'var may be used uninitialized' compiler warnings
13 years ago
Ben Noordhuis
cdcb1118c8
Remove stray NODE_MODULE() semi-colons.
13 years ago
Ben Noordhuis
efb833f342
crypto: use the right mutex
13 years ago
Ben Noordhuis
97cada0e6a
crypto: make module thread-safe
13 years ago
Bert Belder
189dd8f803
Fix line endings and trailing whitespace
13 years ago
koichik
f53d092a2a
tls, https: add passphrase option
Fixes #1925 .
13 years ago
koichik
19a855382c
tls: requestCert unusable with Firefox and Chrome
Fixes #1516 .
14 years ago
Ben Noordhuis
c4eaf7e5a9
crypto: implement randomBytes() and pseudoRandomBytes()
14 years ago
Ben Noordhuis
93aad55342
crypto: fix delete of potentially uninitialized pointer
14 years ago