crypto: add randomFill and randomFillSync#10209
Closed
Uh oh!
There was an error while loading. Please reload this page.
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
nodejs-github-bot added dont-land-on-v7.x c++ 
Contributor
mscdex commented Dec 9, 2016
Shouldn't the |
ContributorAuthor
evanlucas commented Dec 9, 2016
hm, it was changed from a |
Contributor
sam-github commented Dec 10, 2016
No strong opinion, but what about Also, while I appreciate you not wanting to commit too much work to something before you know it is getting a warm receiption, its hard to get meaningful comment on an API addition if you don't provide API documentation in the PR, you can only get feedback from those willing to wade through the C++. And I'm generally +1 on the idea, seems reasonable. |
Member
addaleax commented Dec 11, 2016
Yeah, I agree, it would probably be easier to have this as its own API, too. |
src/node_crypto.cc Outdated
Member
There was a problem hiding this comment.
Would there be any reason not to fill the passed buffer directly instead of copying?
ContributorAuthor
There was a problem hiding this comment.
Without doing a copy like this, I couldn't get it to work for some reason. I'll dig more into it though.
Member
bnoordhuis commented Dec 12, 2016
This would work, wouldn't it? letsupported=true;try{crypto.randomBytes(newBuffer(1));}catch(e){supported=!(einstanceofTypeError);}I have a mild preference for extending the existing API. That said, the API should ideally also take an offset and a length so you can read into a buffer at a specific location. That might get awkward to retrofit onto the existing API. On the other hand: if the first argument is a buffer, it's unambiguous what version of the API you are trying to invoke. |
Contributor
mscdex commented Dec 12, 2016
Yes, allowing an offset would be even better. |
Contributor
trevnorris commented Dec 13, 2016
@evanlucas@mscdex I was doing some forward proofing, though I seemed to have left in the |
ContributorAuthor
evanlucas commented Dec 14, 2016
@bnoordhuis are you suggesting something like this?: That seems like the following arguments would need to be possible: Is there any way I could sway you on introducing a new api for this? |
Member
jasnell commented Dec 23, 2016
I'm definitely +1 on this but agree that a new API would be better. We consistently get feedback that adding new methods is preferable to extending an existing one. |
Member
bnoordhuis commented Dec 23, 2016
Yes, but we also consistently get feedback that our APIs sprawl and aren't very cohesive. :-) What about |
Contributor
sam-github commented Dec 29, 2016
No one likes my It does have the downside of coupling the Buffer API to an underlying OpenSSL/crypto facility, though, so maybe that downside overweighs the up. @evanlucas in your examples of the syntaxes that would be reasonably expected to work, will the callback-less one still be async, or will it become magically sync? For a new API, I'd lean towards the more node-typical API pattern of a function with Sync in the name explicitly for sync (not the uv-derived "don't pass a callback and it becomes sync" behaviour). |
ContributorAuthor
evanlucas commented Dec 29, 2016
@sam-github I would prefer to explicitly have to specify |
Contributor
trevnorris commented Jan 11, 2017
@sam-github Though we need to consider that there are already APIs in core that write into a Buffer. e.g. +1 for @bnoordhuis proposal. |
Contributor
ronkorving commented Jan 12, 2017
@sam-github I prefer this staying in crypto, rather than being a Buffer method, because at least it indicates that OpenSSL is the source of the randomness (rather than |
Member
jasnell commented Jan 12, 2017
+1 to it staying in |
Contributor
sam-github commented Jan 12, 2017
OK, consensus seems to be keep it in crypto and to use Sync for sync APIs. I think |
Contributor
ronkorving commented Jan 13, 2017
@sam-github Is there a point in supporting |
evanlucasforce-pushed the cryptobuf branch 2 times, most recently from 34cf94e to 5e3c4d1Compareevanlucas changed the title ContributorAuthor
evanlucas commented Jan 13, 2017
I've updated this to be |
evanlucas added the semver-minor evanlucas added a commit that referenced this pull request May 2, 2017
Notable changes: * **crypto**: - add randomFill and randomFillSync (Evan Lucas) #10209 * **meta**: Added new collaborators - add lucamaraschi to collaborators (Luca Maraschi) #12538 - add DavidCai1993 to collaborators (David Cai) #12435 - add jkrems to collaborators (Jan Krems) #12427 - add AnnaMag to collaborators (AnnaMag) #12414 * **process**: - fix crash when Promise rejection is a Symbol (Cameron Little) #11640 * **url**: - make WHATWG URL more spec compliant (Timothy Gu) #12507 * **v8**: - fix stack overflow in recursive method (Ben Noordhuis) #12460 - fix build errors with g++ 7 (Ben Noordhuis) #12392 PR-URL: #12775
evanlucas added a commit that referenced this pull request May 3, 2017
Notable changes: * **crypto**: - add randomFill and randomFillSync (Evan Lucas) #10209 * **meta**: Added new collaborators - add lucamaraschi to collaborators (Luca Maraschi) #12538 - add DavidCai1993 to collaborators (David Cai) #12435 - add jkrems to collaborators (Jan Krems) #12427 - add AnnaMag to collaborators (AnnaMag) #12414 * **process**: - fix crash when Promise rejection is a Symbol (Cameron Little) #11640 * **url**: - make WHATWG URL more spec compliant (Timothy Gu) #12507 * **v8**: - fix stack overflow in recursive method (Ben Noordhuis) #12460 - fix build errors with g++ 7 (Ben Noordhuis) #12392 PR-URL: #12775
evanlucas added a commit that referenced this pull request May 3, 2017
Notable changes: * **crypto**: - add randomFill and randomFillSync (Evan Lucas) #10209 * **meta**: Added new collaborators - add lucamaraschi to collaborators (Luca Maraschi) #12538 - add DavidCai1993 to collaborators (David Cai) #12435 - add jkrems to collaborators (Jan Krems) #12427 - add AnnaMag to collaborators (AnnaMag) #12414 * **process**: - fix crash when Promise rejection is a Symbol (Cameron Little) #11640 * **url**: - make WHATWG URL more spec compliant (Timothy Gu) #12507 * **v8**: - fix stack overflow in recursive method (Ben Noordhuis) #12460 - fix build errors with g++ 7 (Ben Noordhuis) #12392 PR-URL: #12775
imyller added a commit to imyller/meta-nodejs that referenced this pull request May 4, 2017
Notable changes: * **crypto**: - add randomFill and randomFillSync (Evan Lucas) nodejs/node#10209 * **meta**: Added new collaborators - add lucamaraschi to collaborators (Luca Maraschi) nodejs/node#12538 - add DavidCai1993 to collaborators (David Cai) nodejs/node#12435 - add jkrems to collaborators (Jan Krems) nodejs/node#12427 - add AnnaMag to collaborators (AnnaMag) nodejs/node#12414 * **process**: - fix crash when Promise rejection is a Symbol (Cameron Little) nodejs/node#11640 * **url**: - make WHATWG URL more spec compliant (Timothy Gu) nodejs/node#12507 * **v8**: - fix stack overflow in recursive method (Ben Noordhuis) nodejs/node#12460 - fix build errors with g++ 7 (Ben Noordhuis) nodejs/node#12392 PR-URL: nodejs/node#12775 Signed-off-by: Ilkka Myller <[email protected]>
anchnk pushed a commit to anchnk/node that referenced this pull request May 6, 2017
Notable changes: * **crypto**: - add randomFill and randomFillSync (Evan Lucas) nodejs#10209 * **meta**: Added new collaborators - add lucamaraschi to collaborators (Luca Maraschi) nodejs#12538 - add DavidCai1993 to collaborators (David Cai) nodejs#12435 - add jkrems to collaborators (Jan Krems) nodejs#12427 - add AnnaMag to collaborators (AnnaMag) nodejs#12414 * **process**: - fix crash when Promise rejection is a Symbol (Cameron Little) nodejs#11640 * **url**: - make WHATWG URL more spec compliant (Timothy Gu) nodejs#12507 * **v8**: - fix stack overflow in recursive method (Ben Noordhuis) nodejs#12460 - fix build errors with g++ 7 (Ben Noordhuis) nodejs#12392 PR-URL: nodejs#12775
Member
2 tasks
This was referenced May 16, 2017
Contributor
MylesBorins commented Jan 11, 2018
should also land with #12541 |
Member
gibfahn commented Jan 15, 2018
Release team were +1 on backporting to v6.x and v8.x. |
MylesBorins pushed a commit that referenced this pull request Jan 16, 2018
crypto.randomFill and crypto.randomFillSync are similar to crypto.randomBytes, but allow passing in a buffer as the first argument. This allows us to reuse buffers to prevent having to create a new one on every call. PR-URL: #10209 Reviewed-By: Sam Roberts <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Anna Henningsen <[email protected]>
MylesBorins pushed a commit that referenced this pull request Jan 17, 2018
crypto.randomFill and crypto.randomFillSync are similar to crypto.randomBytes, but allow passing in a buffer as the first argument. This allows us to reuse buffers to prevent having to create a new one on every call. PR-URL: #10209 Reviewed-By: Sam Roberts <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Anna Henningsen <[email protected]>
Merged
MylesBorins added a commit that referenced this pull request Feb 11, 2018
This LTS release comes with 109 commits, 17 of which are considered Semver-Minor. This includes 32 which are doc related, 29 which are test related, 8 which are build / tool related and 1 commit which updates a dependency. Notable Changes: * console: - added console.count() and console.clear() (James M Snell) #12678 * crypto: - expose ECDH class (Bryan English) #8188 - added cypto.randomFill() and crypto.randomFillSync() (Evan Lucas) #10209 - warn on invalid authentication tag length (Tobias Nießen) #17566 * deps: - upgrade libuv to 1.16.1 (cjihrig) #16835 * dgram: - added socket.setMulticastInterface() (Will Young) #7855 * http: - add agent.keepSocketAlive and agent.reuseSocket as to allow overridable keep-alive behavior of `Agent` (Fedor Indutny) #13005 * lib: - return this from net.Socket.end() (Sam Roberts) #13481 * module: - add builtinModules api that provides list of all builtin modules in Node (Jon Moss) #16386 * net: - return this from getConnections() (Sam Roberts) #13553 * promises: - more robust stringification for unhandled rejections (Timothy Gu) #13784 * repl: - improve require() autocompletion (Alexey Orlenko) #14409 * src: - add openssl-system-ca-path configure option (Daniel Bevenius) #16790 - add --use-bundled-ca --use-openssl-ca check (Daniel Bevenius) #12087 - add process.ppid (cjihrig) #16839 * tls: - accept `lookup` option for `tls.connect()` (Fedor Indutny) #12839 * tools, build: - a new macOS installer! (JP Wesselink) #15179 * url: - WHATWG URL api support (James M Snell) #7448 * util: - add %i and %f formatting specifiers (Roman Reiss) #10308 PR-URL: #18342
MylesBorins pushed a commit that referenced this pull request Feb 12, 2018
crypto.randomFill and crypto.randomFillSync are similar to crypto.randomBytes, but allow passing in a buffer as the first argument. This allows us to reuse buffers to prevent having to create a new one on every call. PR-URL: #10209 Reviewed-By: Sam Roberts <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Anna Henningsen <[email protected]>
MylesBorins added a commit that referenced this pull request Feb 12, 2018
This LTS release comes with 109 commits, 17 of which are considered Semver-Minor. This includes 32 which are doc related, 29 which are test related, 8 which are build / tool related and 1 commit which updates a dependency. Notable Changes: * console: - added console.count() and console.clear() (James M Snell) #12678 * crypto: - expose ECDH class (Bryan English) #8188 - added cypto.randomFill() and crypto.randomFillSync() (Evan Lucas) #10209 - warn on invalid authentication tag length (Tobias Nießen) #17566 * deps: - upgrade libuv to 1.16.1 (cjihrig) #16835 * dgram: - added socket.setMulticastInterface() (Will Young) #7855 * http: - add agent.keepSocketAlive and agent.reuseSocket as to allow overridable keep-alive behavior of `Agent` (Fedor Indutny) #13005 * lib: - return this from net.Socket.end() (Sam Roberts) #13481 * module: - add builtinModules api that provides list of all builtin modules in Node (Jon Moss) #16386 * net: - return this from getConnections() (Sam Roberts) #13553 * promises: - more robust stringification for unhandled rejections (Timothy Gu) #13784 * repl: - improve require() autocompletion (Alexey Orlenko) #14409 * src: - add openssl-system-ca-path configure option (Daniel Bevenius) #16790 - add --use-bundled-ca --use-openssl-ca check (Daniel Bevenius) #12087 - add process.ppid (cjihrig) #16839 * tls: - accept `lookup` option for `tls.connect()` (Fedor Indutny) #12839 * tools, build: - a new macOS installer! (JP Wesselink) #15179 * url: - WHATWG URL api support (James M Snell) #7448 * util: - add %i and %f formatting specifiers (Roman Reiss) #10308 PR-URL: #18342
MylesBorins pushed a commit that referenced this pull request Feb 13, 2018
crypto.randomFill and crypto.randomFillSync are similar to crypto.randomBytes, but allow passing in a buffer as the first argument. This allows us to reuse buffers to prevent having to create a new one on every call. PR-URL: #10209 Reviewed-By: Sam Roberts <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Anna Henningsen <[email protected]>
MylesBorins added a commit that referenced this pull request Feb 13, 2018
This LTS release comes with 109 commits, 17 of which are considered Semver-Minor. This includes 32 which are doc related, 29 which are test related, 8 which are build / tool related and 1 commit which updates a dependency. Notable Changes: * console: - added console.count() and console.clear() (James M Snell) #12678 * crypto: - expose ECDH class (Bryan English) #8188 - added cypto.randomFill() and crypto.randomFillSync() (Evan Lucas) #10209 - warn on invalid authentication tag length (Tobias Nießen) #17566 * deps: - upgrade libuv to 1.16.1 (cjihrig) #16835 * dgram: - added socket.setMulticastInterface() (Will Young) #7855 * http: - add agent.keepSocketAlive and agent.reuseSocket as to allow overridable keep-alive behavior of `Agent` (Fedor Indutny) #13005 * lib: - return this from net.Socket.end() (Sam Roberts) #13481 * module: - add builtinModules api that provides list of all builtin modules in Node (Jon Moss) #16386 * net: - return this from getConnections() (Sam Roberts) #13553 * promises: - more robust stringification for unhandled rejections (Timothy Gu) #13784 * repl: - improve require() autocompletion (Alexey Orlenko) #14409 * src: - add openssl-system-ca-path configure option (Daniel Bevenius) #16790 - add --use-bundled-ca --use-openssl-ca check (Daniel Bevenius) #12087 - add process.ppid (cjihrig) #16839 * tls: - accept `lookup` option for `tls.connect()` (Fedor Indutny) #12839 * tools, build: - a new macOS installer! (JP Wesselink) #15179 * url: - WHATWG URL api support (James M Snell) #7448 * util: - add %i and %f formatting specifiers (Roman Reiss) #10308 PR-URL: #18342
MylesBorins added a commit that referenced this pull request Feb 13, 2018
This LTS release comes with 112 commits, 17 of which are considered Semver-Minor. This includes 32 which are doc related, 30 which are test related, 8 which are build / tool related and 1 commit which updates a dependency. Notable Changes: * console: - added console.count() and console.clear() (James M Snell) #12678 * crypto: - expose ECDH class (Bryan English) #8188 - added cypto.randomFill() and crypto.randomFillSync() (Evan Lucas) #10209 - warn on invalid authentication tag length (Tobias Nießen) #17566 * deps: - upgrade libuv to 1.16.1 (cjihrig) #16835 * dgram: - added socket.setMulticastInterface() (Will Young) #7855 * http: - add agent.keepSocketAlive and agent.reuseSocket as to allow overridable keep-alive behavior of `Agent` (Fedor Indutny) #13005 * lib: - return this from net.Socket.end() (Sam Roberts) #13481 * module: - add builtinModules api that provides list of all builtin modules in Node (Jon Moss) #16386 * net: - return this from getConnections() (Sam Roberts) #13553 * promises: - more robust stringification for unhandled rejections (Timothy Gu) #13784 * repl: - improve require() autocompletion (Alexey Orlenko) #14409 * src: - add openssl-system-ca-path configure option (Daniel Bevenius) #16790 - add --use-bundled-ca --use-openssl-ca check (Daniel Bevenius) #12087 - add process.ppid (cjihrig) #16839 * tls: - accept `lookup` option for `tls.connect()` (Fedor Indutny) #12839 * tools, build: - a new macOS installer! (JP Wesselink) #15179 * url: - WHATWG URL api support (James M Snell) #7448 * util: - add %i and %f formatting specifiers (Roman Reiss) #10308 PR-URL: #18342
MylesBorins added a commit that referenced this pull request Feb 13, 2018
This LTS release comes with 112 commits, 17 of which are considered Semver-Minor. This includes 32 which are doc related, 30 which are test related, 8 which are build / tool related and 1 commit which updates a dependency. Notable Changes: * console: - added console.count() and console.clear() (James M Snell) #12678 * crypto: - expose ECDH class (Bryan English) #8188 - added cypto.randomFill() and crypto.randomFillSync() (Evan Lucas) #10209 - warn on invalid authentication tag length (Tobias Nießen) #17566 * deps: - upgrade libuv to 1.16.1 (cjihrig) #16835 * dgram: - added socket.setMulticastInterface() (Will Young) #7855 * http: - add agent.keepSocketAlive and agent.reuseSocket as to allow overridable keep-alive behavior of `Agent` (Fedor Indutny) #13005 * lib: - return this from net.Socket.end() (Sam Roberts) #13481 * module: - add builtinModules api that provides list of all builtin modules in Node (Jon Moss) #16386 * net: - return this from getConnections() (Sam Roberts) #13553 * promises: - more robust stringification for unhandled rejections (Timothy Gu) #13784 * repl: - improve require() autocompletion (Alexey Orlenko) #14409 * src: - add openssl-system-ca-path configure option (Daniel Bevenius) #16790 - add --use-bundled-ca --use-openssl-ca check (Daniel Bevenius) #12087 - add process.ppid (cjihrig) #16839 * tls: - accept `lookup` option for `tls.connect()` (Fedor Indutny) #12839 * tools, build: - a new macOS installer! (JP Wesselink) #15179 * url: - WHATWG URL api support (James M Snell) #7448 * util: - add %i and %f formatting specifiers (Roman Reiss) #10308 PR-URL: #18342
MayaLekova pushed a commit to MayaLekova/node that referenced this pull request May 8, 2018
This LTS release comes with 112 commits, 17 of which are considered Semver-Minor. This includes 32 which are doc related, 30 which are test related, 8 which are build / tool related and 1 commit which updates a dependency. Notable Changes: * console: - added console.count() and console.clear() (James M Snell) nodejs#12678 * crypto: - expose ECDH class (Bryan English) nodejs#8188 - added cypto.randomFill() and crypto.randomFillSync() (Evan Lucas) nodejs#10209 - warn on invalid authentication tag length (Tobias Nießen) nodejs#17566 * deps: - upgrade libuv to 1.16.1 (cjihrig) nodejs#16835 * dgram: - added socket.setMulticastInterface() (Will Young) nodejs#7855 * http: - add agent.keepSocketAlive and agent.reuseSocket as to allow overridable keep-alive behavior of `Agent` (Fedor Indutny) nodejs#13005 * lib: - return this from net.Socket.end() (Sam Roberts) nodejs#13481 * module: - add builtinModules api that provides list of all builtin modules in Node (Jon Moss) nodejs#16386 * net: - return this from getConnections() (Sam Roberts) nodejs#13553 * promises: - more robust stringification for unhandled rejections (Timothy Gu) nodejs#13784 * repl: - improve require() autocompletion (Alexey Orlenko) nodejs#14409 * src: - add openssl-system-ca-path configure option (Daniel Bevenius) nodejs#16790 - add --use-bundled-ca --use-openssl-ca check (Daniel Bevenius) nodejs#12087 - add process.ppid (cjihrig) nodejs#16839 * tls: - accept `lookup` option for `tls.connect()` (Fedor Indutny) nodejs#12839 * tools, build: - a new macOS installer! (JP Wesselink) nodejs#15179 * url: - WHATWG URL api support (James M Snell) nodejs#7448 * util: - add %i and %f formatting specifiers (Roman Reiss) nodejs#10308 PR-URL: nodejs#18342
Sign up for freeto join this conversation on GitHub. Already have an account? Sign in to comment
11 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Checklist
make -j4 test(UNIX), orvcbuild test nosign(Windows) passesAffected core subsystem(s)
crypto
Description of change
crypto.randomFill and crypto.randomFillSync are similar to
crypto.randomBytes, but allow passing in a buffer as the first
argument. This allows us to reuse buffers to prevent having to
create a new one on every call.