Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto: Better docs for cases where peer's public key is invalid #16849

Closed
wants to merge 1 commit into from
Closed

crypto: Better docs for cases where peer's public key is invalid #16849

wants to merge 1 commit into from

Conversation

j0t3x
Copy link
Contributor

@j0t3x j0t3x commented Nov 6, 2017

changes in c++ are in the computeSecret function, but the thrown
exception that was moved to JS land was in BufferToPoint
function, here i let the allocation error be thrown so the only value
returned is the nullptr that i use later to catch the error in
computeSecret, to then construct the exception in JS land.

an ERR_CRYPTO_ECDH_INVALID_PUBLIC_KEY error was added to errors.js
and with that, subsequent changes to docs and tests were made.

Fixes: #16625
Refs: https://www.iacr.org/archive/pkc2003/25670211/25670211.pdf

Checklist
  • make -j4 test (UNIX), or vcbuild test (Windows) passes
  • tests and/or benchmarks are included
  • documentation is changed or added
  • commit message follows commit guidelines
Affected core subsystem(s)

crypto, doc, test

@nodejs-github-bot nodejs-github-bot added c++ Issues and PRs that require attention from people who are familiar with C++. crypto Issues and PRs related to the crypto subsystem. errors Issues and PRs related to JavaScript errors originated in Node.js core. labels Nov 6, 2017
@@ -522,6 +522,12 @@ provided, `otherPublicKey` is expected to be a [`Buffer`][],
If `outputEncoding` is given a string is returned; otherwise, a
[`Buffer`][] is returned.

*Note*:

* The `server.computeSecret` will throw an
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't this be diffieHellman.computeSecret()?

Also we can drop 'The' at the beginning.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

my mistake :)
already corrected 👍 thanks!

@jasnell jasnell added the semver-major PRs that contain breaking changes and should be released in the next major version. label Nov 8, 2017
@jasnell
Copy link
Member

jasnell commented Nov 8, 2017

Marking major due to the change in the error message and use of internal/errors.

Copy link
Member

@bnoordhuis bnoordhuis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, LGTM modulo nits.


* `diffieHellman.computeSecret` will throw an
`ERR_CRYPTO_ECDH_INVALID_PUBLIC_KEY` error when the provided
public key lies out of the elliptic curve.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

s/out of/outside/?


Used when an invalid value for the `key` argument has been passed to the
`crypto.ECDH()` class `computeSecret()` method. It means that the public
key lies out of the elliptic curve.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Likewise.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

xD damn!
corrected the 2 occurrences 👍

if (pub == nullptr) {
args.GetReturnValue().Set(
String::NewFromUtf8(env->isolate(),
"ERR_CRYPTO_ECDH_KEY_FAIL_TRANSLATE"));
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Style nit: can you indent line continuations by four spaces?

Since you're passing a static string, you can use the slightly more efficientFIXED_ONE_BYTE_STRING(env->isolate(), "...") here.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks!
this also helped me to correct the error code in c++(which was one of the first names i thought but then dropped for ERR_CRYPTO_ECDH_INVALID_PUBLIC_KEY) 👍

@Emill
Copy link

Emill commented Nov 8, 2017

Nice!
A few points:

  1. The documentation update is at the wrong place. It's the ECDH class's computeSecret that should be updates; not the DiffieHellman's.
  2. I'd like to see the sample updated at https://github.com/j0t3x/node/blob/3663e21bc0cefb159b6842f75647bf66f048b866/doc/api/crypto.md#class-ecdh. As mentioned earlier, I don't see any cases where you would not want to catch the error since the input is usually supplied from a remote user over an insecure network.

@j0t3x
Copy link
Contributor Author

j0t3x commented Nov 8, 2017

right @Emill !
corrected 😃

@@ -668,6 +668,14 @@ provided, `otherPublicKey` is expected to be a [`Buffer`][], `TypedArray`, or
If `outputEncoding` is given a string will be returned; otherwise a
[`Buffer`][] is returned.

*Note*:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit: I'd remove *Note*: and let the paragraph stand on its own.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done!
Updating the pr soon.
Thanks!

<a id="ERR_CRYPTO_ECDH_INVALID_PUBLIC_KEY"></a>
### ERR_CRYPTO_ECDH_INVALID_PUBLIC_KEY

Used when an invalid value for the `key` argument has been passed to the
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit: There's a PR in to remove Used when from all these messages. I'd prefer this go in as something like this:

An invalid value for the key argument was passed to the...

Copy link
Contributor Author

@j0t3x j0t3x Nov 14, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done :)
But I want to understand the rationale behind the rule. It will help me a lot.
Thanks in advance.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's to reduce wordiness and make the document more scannable. There were some pretty egregious examples, like:

The 'ERR_INVALID_CURSOR_POS' is thrown specifically when a cursor on
a given stream is attempted to move to a specified row without a specified
column.

That will be shortened to:

A cursor on a given stream cannot be moved to a specified row without
a specified column.

PR is #16954

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

xD nice example.
Understood.

@Emill
Copy link

Emill commented Nov 14, 2017

Not sure but should the documentation include something like "since: node version x"?

@j0t3x
Copy link
Contributor Author

j0t3x commented Nov 29, 2017

can be: "added: v0.0.0"?
In case of a yes: what version should be?

@@ -668,6 +668,12 @@ provided, `otherPublicKey` is expected to be a [`Buffer`][], `TypedArray`, or
If `outputEncoding` is given a string will be returned; otherwise a
[`Buffer`][] is returned.

* `ecdh.computeSecret` will throw an
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

added: v0.0.0

We only use added for new functions/classes/modules/etc.

What you want is something like this, added to the YAML block for this function:


changes:
  - version: REPLACEME
    pr-url: https://github.com/nodejs/node/pull/16849
    description: The default `computeSecret` option is supported now-

Copy link
Member

@addaleax addaleax Nov 30, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh, wait. I think I misunderstood; can you not make this a list item (not let this start with a *)?

And I don't think you need a changelog entry if all that changed is the error format.

Looks good with this changed though.

Copy link
Contributor Author

@j0t3x j0t3x Nov 30, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what version should be there instead of replace me? Maybe 9?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

forget it, i saw its 10 :)

@@ -668,6 +668,12 @@ provided, `otherPublicKey` is expected to be a [`Buffer`][], `TypedArray`, or
If `outputEncoding` is given a string will be returned; otherwise a
[`Buffer`][] is returned.

* `ecdh.computeSecret` will throw an
Copy link
Member

@addaleax addaleax Nov 30, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh, wait. I think I misunderstood; can you not make this a list item (not let this start with a *)?

And I don't think you need a changelog entry if all that changed is the error format.

Looks good with this changed though.

@addaleax addaleax dismissed their stale review November 30, 2017 01:11

can probably be fixed while landing

@addaleax addaleax added the author ready PRs that have at least one approval, no pending requests for changes, and a CI started. label Nov 30, 2017
@addaleax
Copy link
Member

changes in c++ are in the computeSecret function, but the thrown
exception that was moved to JS land was in BufferToPoint
function, here i let the allocation error be thrown so the only value
returned is the nullptr that i use later to catch the error in
computeSecret, to then construct the exception in JS land.

an ERR_CRYPTO_ECDH_INVALID_PUBLIC_KEY error was added to errors.js
and with that, subsequent changes to docs and tests were made.

Fixes: #16625
Refs: https://www.iacr.org/archive/pkc2003/25670211/25670211.pdf
@addaleax
Copy link
Member

addaleax commented Dec 1, 2017

Landed in 845633a, thanks for the PR! 🎉

@addaleax addaleax closed this Dec 1, 2017
addaleax pushed a commit that referenced this pull request Dec 1, 2017
changes in c++ are in the computeSecret function, but the thrown
exception that was moved to JS land was in BufferToPoint
function, here i let the allocation error be thrown so the only value
returned is the nullptr that i use later to catch the error in
computeSecret, to then construct the exception in JS land.

an ERR_CRYPTO_ECDH_INVALID_PUBLIC_KEY error was added to errors.js
and with that, subsequent changes to docs and tests were made.

PR-URL: #16849
Refs: https://www.iacr.org/archive/pkc2003/25670211/25670211.pdf
Fixes: #16625
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
@addaleax addaleax removed the author ready PRs that have at least one approval, no pending requests for changes, and a CI started. label Dec 7, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
c++ Issues and PRs that require attention from people who are familiar with C++. crypto Issues and PRs related to the crypto subsystem. errors Issues and PRs related to JavaScript errors originated in Node.js core. semver-major PRs that contain breaking changes and should be released in the next major version.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

crypto: Better documentation for cases where peer's public key is invalid
8 participants