From 7a881d965bc433a9b5c063eef92e8fcc6e7e8124 Mon Sep 17 00:00:00 2001 From: Ujjwal Sharma Date: Thu, 5 Apr 2018 02:17:56 +0530 Subject: [PATCH] crypto,doc: update language regarding key stretching Update the docs to provide clearer instructions regarding the exact scope of the use (and re-use) of an IV, stating the instructions explicitly with greater clarity. Fixes: https://github.com/nodejs/node/issues/19748 --- doc/api/crypto.md | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/doc/api/crypto.md b/doc/api/crypto.md index a614fc1d0fde37..b7fdaaf7bebcf6 100644 --- a/doc/api/crypto.md +++ b/doc/api/crypto.md @@ -1365,6 +1365,13 @@ The `key` is the raw key used by the `algorithm` and `iv` is an [Buffers][`Buffer`], `TypedArray`, or `DataView`s. If the cipher does not need an initialization vector, `iv` may be `null`. +Initialization vectors should be unpredictable and unique; ideally, they will be +cryptographically random. They do not have to be secret: IVs are typically just +added to ciphertext messages unencrypted. It may sound contradictory that +something has to be unpredictable and unique, but does not have to be secret; +it is important to remember that an attacker must not be able to predict ahead +of time what a given IV will be. + ### crypto.createCredentials(details)