Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto: modernize DH/ECDH/ECDH-ES #31178

Closed
wants to merge 5 commits into from

Conversation

tniessen
Copy link
Member

@tniessen tniessen commented Jan 3, 2020

This adds support for DH/ECDH/ECDH-ES via the KeyObject API, and should fix #26626. I also added DH support to generateKeyPair, which is a partial solution to #28404. There are still lots of things I need to figure out, but I would like to see if people are okay with this approach.

(Note that the current API does not support "raw" DH keys, only SPKI/PKCS#8 keys are supported as of now. That will likely change via the previously discussed .params / .fields APIs.)

cc @nodejs/crypto @nodejs/security

Checklist
  • make -j4 test (UNIX), or vcbuild test (Windows) passes
  • tests and/or benchmarks are included
  • documentation is changed or added
  • commit message follows commit guidelines

@tniessen tniessen added wip Issues and PRs that are still a work in progress. crypto Issues and PRs related to the crypto subsystem. semver-minor PRs that contain new features and should be released in the next minor version. labels Jan 3, 2020
@nodejs-github-bot nodejs-github-bot added the lib / src Issues and PRs related to general changes in the lib or src directory. label Jan 3, 2020
doc/api/crypto.md Outdated Show resolved Hide resolved
doc/api/crypto.md Outdated Show resolved Hide resolved
@tniessen tniessen force-pushed the crypto-modernize-dh branch from e394dd5 to 6261781 Compare January 3, 2020 15:46
Copy link
Contributor

@sam-github sam-github left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM in principle, some comments on the WIP.

doc/api/crypto.md Outdated Show resolved Hide resolved
doc/api/crypto.md Outdated Show resolved Hide resolved
doc/api/crypto.md Outdated Show resolved Hide resolved
lib/internal/crypto/diffiehellman.js Outdated Show resolved Hide resolved
src/node_crypto.cc Show resolved Hide resolved
src/node_crypto_groups.h Show resolved Hide resolved
@panva
Copy link
Member

panva commented Jan 3, 2020

I can confirm the missing ECDH-ES JWA algorithm support for x25519 and x448 keys is solved with this (closes #26626).

@tniessen would it be possible to split the change to

  1. add the diffieHellman method only (accepting only current 'ec', 'x25519' and 'x448' key objects)
  2. add the dh KeyObject support in a follow up PR?

Reason I ask is i'd like to see 1) backported to lts/erbium and in order to do that It would likely be easier if the change was as simple as possible.

@sam-github
Copy link
Contributor

@panva Since either the whole PR, or a subset, are semver-minor, there isn't anything blocking backporting to LTS.

@panva
Copy link
Member

panva commented Jan 3, 2020

Great.

Copy link
Member

@bnoordhuis bnoordhuis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall direction seems okay to me.

src/node_crypto.cc Show resolved Hide resolved
src/node_crypto.cc Outdated Show resolved Hide resolved
src/node_crypto.cc Show resolved Hide resolved
@tniessen tniessen force-pushed the crypto-modernize-dh branch from 6261781 to 0dfa9c5 Compare January 4, 2020 14:41
@tniessen
Copy link
Member Author

tniessen commented Jan 4, 2020

Thank you for the initial round of reviews, I'll try to finish up within the next few days.

Overall direction seems okay to me.

I would happily accept alternative directions! This is the best I came up with so far :)

doc/api/crypto.md Outdated Show resolved Hide resolved
src/node_crypto.cc Outdated Show resolved Hide resolved
src/node_crypto.cc Show resolved Hide resolved
@tniessen tniessen force-pushed the crypto-modernize-dh branch 4 times, most recently from 27d73df to 78043cc Compare January 5, 2020 01:35
Copy link
Member

@lundibundi lundibundi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Few nits regarding error handling.

lib/internal/crypto/keygen.js Show resolved Hide resolved
lib/internal/crypto/keygen.js Show resolved Hide resolved
lib/internal/crypto/keygen.js Outdated Show resolved Hide resolved
@tniessen tniessen force-pushed the crypto-modernize-dh branch from 78043cc to eb347a5 Compare January 5, 2020 17:36
@tniessen tniessen mentioned this pull request Jan 8, 2020
16 tasks
@tniessen tniessen force-pushed the crypto-modernize-dh branch from eb347a5 to bc309fb Compare January 8, 2020 14:22
@tniessen tniessen marked this pull request as ready for review January 8, 2020 14:27
@BridgeAR BridgeAR removed the wip Issues and PRs that are still a work in progress. label Jan 9, 2020
@tniessen tniessen force-pushed the crypto-modernize-dh branch from e98c950 to 4378c9d Compare January 11, 2020 20:19
@tniessen
Copy link
Member Author

@nodejs/crypto PTAL.

@tniessen tniessen force-pushed the crypto-modernize-dh branch from 4378c9d to 70dc715 Compare January 11, 2020 20:33
Copy link
Member

@BridgeAR BridgeAR left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The JS code is LGTM

lib/internal/crypto/keygen.js Show resolved Hide resolved
test/parallel/test-crypto-dh-stateless.js Outdated Show resolved Hide resolved
@tniessen tniessen force-pushed the crypto-modernize-dh branch 2 times, most recently from 62197f1 to a962a3d Compare January 15, 2020 21:36
addaleax pushed a commit that referenced this pull request Mar 11, 2020
Refs: #31178
Refs: #31445

PR-URL: #31873
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: David Carlier <devnexen@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
targos pushed a commit to targos/node that referenced this pull request Apr 25, 2020
The new key type 'dh' corresponds to EVP_PKEY_DH.

PR-URL: nodejs#31178
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
targos pushed a commit to targos/node that referenced this pull request Apr 25, 2020
PR-URL: nodejs#31178
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
targos pushed a commit to targos/node that referenced this pull request Apr 25, 2020
This allows using the generateKeyPair API for DH instead of the old
stateful DH APIs.

PR-URL: nodejs#31178
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
targos pushed a commit to targos/node that referenced this pull request Apr 25, 2020
Currently, Node.js has separate (stateful) APIs for DH/ECDH, and no
support for ECDH-ES. This commit adds a single stateless function to
compute the DH/ECDH/ECDH-ES secret based on two KeyObjects.

PR-URL: nodejs#31178
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
targos pushed a commit to targos/node that referenced this pull request Apr 25, 2020
test-crypto-keygen and test-crypto-dh-stateless are currently flaky
on ARM CI systems due to their slow CPUs.

PR-URL: nodejs#31178
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
targos pushed a commit that referenced this pull request Apr 28, 2020
The new key type 'dh' corresponds to EVP_PKEY_DH.

PR-URL: #31178
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
targos pushed a commit that referenced this pull request Apr 28, 2020
PR-URL: #31178
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
targos pushed a commit that referenced this pull request Apr 28, 2020
This allows using the generateKeyPair API for DH instead of the old
stateful DH APIs.

PR-URL: #31178
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
targos pushed a commit that referenced this pull request Apr 28, 2020
Currently, Node.js has separate (stateful) APIs for DH/ECDH, and no
support for ECDH-ES. This commit adds a single stateless function to
compute the DH/ECDH/ECDH-ES secret based on two KeyObjects.

PR-URL: #31178
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
targos pushed a commit that referenced this pull request Apr 28, 2020
test-crypto-keygen and test-crypto-dh-stateless are currently flaky
on ARM CI systems due to their slow CPUs.

PR-URL: #31178
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
@panva panva mentioned this pull request Feb 3, 2021
8 tasks
@mhdawson
Copy link
Member

@tniessen I noticed some test excludes in the parallel tests:

[$arch==arm || $arch==arm64]
# https://github.com/nodejs/node/pull/31178
test-crypto-dh-stateless: SKIP
test-crypto-keygen: SKIP

Since this PR is closed I'm wondering if they are still needed and/or there is an open issue that should be listed instead of this one as to why they are excluded?

@tniessen
Copy link
Member Author

@mhdawson These tests were disabled because they kept timing out. I "temporarily disabled" them more than two years ago, see #31178 (comment) 😄

abhishekumar-tyagi pushed a commit to abhishekumar-tyagi/node that referenced this pull request May 5, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
crypto Issues and PRs related to the crypto subsystem. lib / src Issues and PRs related to general changes in the lib or src directory. notable-change PRs with changes that should be highlighted in changelogs. semver-minor PRs that contain new features and should be released in the next minor version.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

crypto: X25519 and X448 and ECDH