src: split CryptoPemCallback into two functions #12827
Conversation
Currently the function CryptoPemCallback is used for two things: 1. As a passphrase callback. 2. To avoid the default OpenSSL passphrase routine. The default OpenSSL passphase routine would apply if both the callback and the passphrase are null pointers and the typical behaviour is to prompt for the passphase which is not appropriate in node. This commit suggests that the PasswordCallback function only handle passphrases, and that an additional function named NoPasswordCallback used for the second case to avoid OpenSSL's passphase routine.
nodejs-github-bot
added
c++
|
/cc @nodejs/crypto |
src/node_crypto.cc
Outdated
| len = len > buflen ? buflen : len; | ||
| memcpy(buf, u, len); | ||
| return len; | ||
| } | ||
|
|
There was a problem hiding this comment.
Please add one more newline here, please.
src/node_crypto.cc
Outdated
| @@ -473,7 +475,7 @@ void SecureContext::SetKey(const FunctionCallbackInfo<Value>& args) { | |||
|
|
|||
| if (len == 2) { | |||
| if (args[1]->IsUndefined() || args[1]->IsNull()) | |||
| len = 1; | |||
| has_password = false; | |||
| else | |||
| THROW_AND_RETURN_IF_NOT_STRING(args[1], "Pass phrase"); | |||
| } | |||
There was a problem hiding this comment.
What if len == 1 from the start? It looks like has_password will be true?
There was a problem hiding this comment.
Oh yes, sorry. Let me fix that. Thanks
src/node_crypto.cc
Outdated
| memcpy(buf, u, len); | ||
| return len; | ||
| } | ||
| CHECK_NE(u, nullptr); |
There was a problem hiding this comment.
consider bringing back the conditional... EDIT: ... because it simplifies code, see below.
src/node_crypto.cc
Outdated
| @@ -482,12 +485,13 @@ void SecureContext::SetKey(const FunctionCallbackInfo<Value>& args) { | |||
| if (!bio) | |||
| return; | |||
|
|
|||
| node::Utf8Value passphrase(env->isolate(), args[1]); | |||
|
|
|||
| auto callback = has_password ? PasswordCallback : NoPasswordCallback; | |||
There was a problem hiding this comment.
... because it really simplifies this code.
This function uses the password cb because it may have a password.
The other examples below that use NoPasswordCallback I agree are more clear because the usage makes it really clear that there is no password, but I think here it is unnecessarily complex, caused only because the PasswordCallback stopped supporting an empty password.
There was a problem hiding this comment.
Sorry, for the unnecessarily obscure comments.
There was a problem hiding this comment.
Fair point. Let me restore the original allowing a null passphrase but keep the NoPasswordCallback for this.
src/node_crypto.cc
Outdated
| @@ -243,6 +241,13 @@ static int PasswordCallback(char *buf, int size, int rwflag, void *u) { | |||
| } | |||
|
|
|||
|
|
|||
| // This callback is used to avoid the default passphrase callback in OpenSSL | |||
| // which will typically prompt for the passphrase. | |||
There was a problem hiding this comment.
"the prompting is designed for the openssl CLI, but works poorly for Node.js because it involves synchronous interaction with the controlling terminal, something we never want, and use this function to avoid." <--- Maybe add something like that?
There was a problem hiding this comment.
I've added that now, thanks!
|
@indutny Would you mind taking a look and see what you think now? Your requested changes have been added (really only became the extra line as the other was reverted following the suggestions by sam-github). Thanks |
|
@indutny Sorry about nagging, just wanted to ask again if you have anything against this landing? |
|
Landed in 29d89c9 |
Currently the function CryptoPemCallback is used for two things: 1. As a passphrase callback. 2. To avoid the default OpenSSL passphrase routine. The default OpenSSL passphase routine would apply if both the callback and the passphrase are null pointers and the typical behaviour is to prompt for the passphase which is not appropriate in node. This commit suggests that the PasswordCallback function only handle passphrases, and that an additional function named NoPasswordCallback used for the second case to avoid OpenSSL's passphase routine. PR-URL: #12827 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
|
@addaleax Thanks! |
Currently the function CryptoPemCallback is used for two things: 1. As a passphrase callback. 2. To avoid the default OpenSSL passphrase routine. The default OpenSSL passphase routine would apply if both the callback and the passphrase are null pointers and the typical behaviour is to prompt for the passphase which is not appropriate in node. This commit suggests that the PasswordCallback function only handle passphrases, and that an additional function named NoPasswordCallback used for the second case to avoid OpenSSL's passphase routine. PR-URL: nodejs#12827 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Currently the function CryptoPemCallback is used for two things: 1. As a passphrase callback. 2. To avoid the default OpenSSL passphrase routine. The default OpenSSL passphase routine would apply if both the callback and the passphrase are null pointers and the typical behaviour is to prompt for the passphase which is not appropriate in node. This commit suggests that the PasswordCallback function only handle passphrases, and that an additional function named NoPasswordCallback used for the second case to avoid OpenSSL's passphase routine. PR-URL: #12827 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Currently the function CryptoPemCallback is used for two things:
The default OpenSSL passphase routine would apply if both
the callback and the passphrase are null pointers and the typical
behaviour is to prompt for the passphase which is not appropriate in
node.
This commit suggests that the PasswordCallback function only handle
passphrases, and that an additional function named NoPasswordCallback
used for the second case to avoid OpenSSL's passphase routine.
Checklist
make -j4 test(UNIX), orvcbuild test(Windows) passesAffected core subsystem(s)
src