Default to FIPS off even in FIPS builds.
Add JS API to check and control FIPS mode.
Add command line arguments to force FIPS on/off.
Respect OPENSSL_CONF variable and read the config.
Add testing for new features.
Fixes: https://github.com/nodejs/node/issues/3819
PR-URL: https://github.com/nodejs/node/pull/5181
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-by: Michael Dawson <michael_dawson@ca.ibm.com>
Template string was syntactically incorrect. Copied Documentation code
would throw an error.
PR-URL: https://github.com/nodejs/node/pull/5240
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Roman Reiss <me@silverwind.io>
Fixes several type references in the docs so that the
doc html gen tool that parses them can put the correct
links in.
Changes css styling for the generated type links.
PR-URL: https://github.com/nodejs/node/pull/4741
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Reviewed-By: Chris Dickinson <chris@neversaw.us>
Reviewed-By: Roman Reiss <me@silverwind.io>
fix a reference to a non-existent API, `hash.final()`.
It should be `hash.digest()`.
PR-URL: https://github.com/nodejs/node/pull/5050
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Evan Lucas <evanlucas@me.com>
1. correct code type in addons.markdown
2. add missed code type in crypto.markdown
PR-URL: https://github.com/nodejs/node/pull/4858
Reviewed-By: Roman Reiss <me@silverwind.io>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Roman Klauke <romaaan.git@gmail.com>
As per #3292, this PR introduces a deprecation notice about removing
the 'default digest' overload which currently defaults to the soon
to be defunct SHA1 digest.
Instead it should be left up to the documentation and implementor to
suggest a suitable digest function.
Ref: https://github.com/nodejs/node/pull/3292
PR-URL: https://github.com/nodejs/node/pull/4047
Reviewed-By: bnoordhuis - Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
This changes the code blocks from 4-space indentation to ``` fences for
better syntax highlighting and future linting support. Minor On-the-fly
changes for typos and highlight breaking markdown have been made.
JSON-Style objects have been changed so their closing bracket is
on the same line as the opening one.
Known issues:
* Not every JSON / object notation has been improved. Should
make another run for this.
* Some example functions break hightlighting due to various
combinations of brackets. However changing them means leaving
the code style.
Fixes: https://github.com/nodejs/node/issues/4726
PR-URL: https://github.com/nodejs/node/pull/4733
Reviewed-By: Roman Reiss <me@silverwind.io>
The docs were recently refactored, and some "above" and "below"
references were no longer accurate. This commit removes many
such references, and replaces others with links.
PR-URL: https://github.com/nodejs/node/pull/4499
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
General improvements to crypto.markdown including new and
revised examples.
PR-URL: https://github.com/nodejs/node/pull/4435
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
* Use single quotes consistently
* Modernize examples to use template strings and arrow funcs
* Fix a few typos
* Example edits for consistency
PR-URL: https://github.com/nodejs/node/pull/4282
Reviewed-By: Chris Dickinson <christopher.s.dickinson@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
These changes simplify using ECDH with private keys that are not
dynamically generated with ECDH.generateKeys.
Support for computing the public key corresponding to the given private
key was added. Validity checks to reduce the possibility of computing
a weak or invalid shared secret were also added.
Finally, ECDH.setPublicKey was softly deprecated.
PR-URL: https://github.com/nodejs/node/pull/3511
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
PR-URL: https://github.com/nodejs/node/pull/4054
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Roman Reiss <me@silverwind.io>
* add backticks around names
* add single quotes around event names
* add parenthesis after function names
* add internal links between different sections
* add external links to MDN for some JavaScript references
* sort the link definitions alphabetically
PR-URL: https://github.com/nodejs/node/pull/4054
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Roman Reiss <me@silverwind.io>
Added some information around usages of how to use iterations, how to
choose decent salts and updating the example to have a significant
work factor and to use sha512.
PR-URL: https://github.com/nodejs/node/pull/3290
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
Moved all the URLs in API docs to the bottom of the files as
reference-style links.
PR-URL: https://github.com/nodejs/node/pull/3845
Reviewed-By: James M Snell <jasnell@gmail.com>
Reorders, with no contextual changes, the crypto documentation
alphabetically.
PR-URL: https://github.com/nodejs/node/pull/3662
Reviewed-By: Evan Lucas <evanlucas@me.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Add description of user responsibility in the choice of cypto
algorithms and its key length. Some of recommendations for the safer
use are also described.
PR-URL: https://github.com/nodejs/node/pull/3479
Reviewed-By: James M Snell <jasnell@gmail.com>
Fix regarding description of the following functions:
Certificate.exportPublicKey(spkac)
Certificate.exportChallenge(spkac)
The descriptions were applied incorrectly.
PR-URL: https://github.com/nodejs/node/pull/3614
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Ensure that keylen for pbkdf2 is documented as a length of bytes and not
bits.
PR-URL: https://github.com/nodejs/node/pull/3334
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
The deprecation messages in the documentations should be in the format
Stability: 0 - Deprecated: Use [alternate] instead.
so that they will be consistent.
PR-URL: https://github.com/nodejs/node/pull/2450
Reviewed-By: Roman Reiss <me@silverwind.io>
Reviewed-By: James M Snell <jasnell@gmail.com>
This commit replaces instances of io.js with Node.js, based on the
recent convergence. There are some remaining instances of io.js,
related to build and the installer.
Fixes: https://github.com/nodejs/node/issues/2361
PR-URL: https://github.com/nodejs/node/pull/2367
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: João Reis <reis@janeasystems.com>
This adds references to the newly available crypto.getCurves method
where appropriate.
PR-URL: https://github.com/nodejs/io.js/pull/1918
Reviewed-By: Brian White <mscdex@mscdex.net>
Added instructions on how to get the elliptic curves supported by the
OpenSSL installation in the crypto.createECDH() constructor. Also made
a few minor grammar fixes within the same paragraph.
PR-URL: https://github.com/nodejs/io.js/pull/1913
Reviewed-By: Roman Reiss <me@silverwind.io>
This simplifies the stability index to 4 levels:
0 - deprecated
1 - experimental / feature-flagged
2 - stable
3 - locked
Domains has been downgraded to deprecated, assert has been
downgraded to stable. Timers and Module remain locked. All
other APIs are now stable.
PR-URL: https://github.com/iojs/io.js/pull/943
Fixes: https://github.com/iojs/io.js/issues/930
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Reviewed-By: Vladimir Kurchatkin <vladimir.kurchatkin@gmail.com>
Private keys may be used along with publicEncrypt since the private key
includes the public one. This adds the ability to use encrypted private
keys which previously threw an error. This commit also makes sure the
user exposed functions have names.
PR-URL: https://github.com/iojs/io.js/pull/626
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Adds a note that the default padding for publicDecrypt/privateEncrypt
is RSA_PKCS1_PADDING instead of RSA_PKCS1_OAEP_PADDING as it is for
privateDecrypt/publicEncrypt.
PR-URL: https://github.com/iojs/io.js/pull/659
Reviewed-By: Brendan Ashworth <brendan.ashworth@me.com>
Previously pseudoRandomBytes worked similarly to randomBytes but in the
event of insufficient entropy would silently return non-secure values.
As of f68a116, the entropy pool blocks if there is insufficient entropy
instead of giving an error so there is now no longer a case where
pseudoRandomBytes would act differently than randomBytes.
Docs are updated to remove pseudoRandomBytes and to clarify that
randomBytes now does block instead of erring when entropy is low.
PR-URL: https://github.com/iojs/io.js/pull/557
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Updates the docs for the crypto.pseudoRandomBytes function
to more explicitly detail how it's the same as crypto.randomBytes
just without a safety net (e.g. it doesn't throw an error when
there is low entropy).
PR-URL: https://github.com/iojs/io.js/pull/545
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
adds a note to the crypto docs passing along
the advice that openssl gives about what
key derivation function they recommend.
PR-URL: https://github.com/joyent/node/pull/8580
Reviewed-by: Fedor Indutny <fedor@indutny.com>
Cherry-picked-from: 7dbc024c85
The parameter parser specifically looked for the old bracket syntax.
This generated a lot of warnings when building the docs. Those warnings
have been fixed by changing the parsing logic.
Signed-off-by: Trevor Norris <trev.norris@gmail.com>
Documentation incorrectly used bracket notation for optional parameters.
This caused inconsistencies in usage because of examples like the
following:
fs.write(fd, data[, position[, encoding]], callback)
This simply fixes all uses of bracket notation in documentation.
Signed-off-by: Trevor Norris <trev.norris@gmail.com>
Reviewed-by: Fedor Indutny <fedor@indutny.com>