-
Notifications
You must be signed in to change notification settings - Fork 30.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[v6.x backport] crypto: add sign/verify support for RSASSA-PSS #14376
Conversation
@gibfahn Do you want a separate PR, separate commit, or can I just adopt and force-push that one-character fix? |
same PR, you can amend or cherry-pick, as you wish. I'd probably amend. |
ef0394b
to
da2b6b8
Compare
Separate commit (cherry-pick it onto your |
da2b6b8
to
e1feaf2
Compare
@gibfahn Done. |
d29fd52
to
97f5806
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This LGTM, although I'd appreciate a quick look from @nodejs/crypto
LGTM, this basically lands clean, the conflicts are tiny, and just due to sign/verify being given names in master, and being anonymous in v6.x. |
This would have landed clean if #8993 had been landed, I'll comment there. |
doc/api/crypto.md
Outdated
which can be an RSA public key, a DSA public key, or an X.509 certificate, | ||
or an object with one or more of the following properties: | ||
|
||
* `key`: {string} - PEM encoded private key (required) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
key
: {string} - PEM encoded public key (required)
7b8fcf8
to
f4691bb
Compare
22fa484
to
f9419c2
Compare
f9419c2
to
403c465
Compare
@gibfahn Status on this? Should I rebase? |
See #11705 (comment), this will have to wait till we review You can subscribe to nodejs/Release#228 if you want to know when LTS will decide on backporting. |
aaf4e13
to
31f572c
Compare
We've agreed to land this. |
@MylesBorins #8993 will be needed as well to land clean |
@tniessen do you want to take another pass at this now that #8993 (comment) has landed its dependent PR? If not, ping me, and I will. |
PR-URL: nodejs#14107 Fixes: nodejs#14105 Reviewed-By: Refael Ackermann <refack@gmail.com>
Use try/catch to instead of threw. PR-URL: nodejs#10534 Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Simplify the BSD list by defining OPENSSL_BSD if using a matching BSD platform. Add NetBSD to the list and update documentation. PR-URL: nodejs#14313 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com>
As an example, `curl https://nodejs.org/dist/v8.4.0/SHASUM256.txt` will return a 404 right now. PR-URL: nodejs#15101 Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Refael Ackermann <refack@gmail.com>
Create one file for testing each function of the path module. Keep general error tests and tests for constant properties in test-path.js. PR-URL: nodejs#15093 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: Yuta Hiroto <hello@about-hiroppy.com>
Adds support for the PSS padding scheme. Until now, the sign/verify functions used the old EVP_Sign*/EVP_Verify* OpenSSL API, making it impossible to change the padding scheme. Fixed by first computing the message digest and then signing/verifying with a custom EVP_PKEY_CTX, allowing us to specify options such as the padding scheme and the PSS salt length. Fixes: nodejs#1127 PR-URL: nodejs#11705 Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org> Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Anna Henningsen <anna@addaleax.net>
e1feaf2
to
61d1d20
Compare
Hope I did not miss anything. CI: https://ci.nodejs.org/job/node-test-pull-request/10172/ |
b811464
to
2c8fe97
Compare
landed in 1213f38 |
Backport of #11705 to v6.x @nodejs/lts
Checklist
make -j4 test
(UNIX), orvcbuild test
(Windows) passesAffected core subsystem(s)
crypto