diff --git a/doc/api/deprecations.md b/doc/api/deprecations.md index 56935574e6186c..f1a38d4ce1d173 100644 --- a/doc/api/deprecations.md +++ b/doc/api/deprecations.md @@ -1031,6 +1031,14 @@ With the current crypto API, having `Cipher.setAuthTag()` and when called. They have never been documented and will be removed in a future release. + +### DEP00XX: crypto._toBuf() + +Type: Runtime + +The `crypto._toBuf()` function was not designed to be used by modules outside +of Node.js core and will be removed in the future. + [`--pending-deprecation`]: cli.html#cli_pending_deprecation [`Buffer.allocUnsafeSlow(size)`]: buffer.html#buffer_class_method_buffer_allocunsafeslow_size [`Buffer.from(array)`]: buffer.html#buffer_class_method_buffer_from_array diff --git a/lib/_tls_common.js b/lib/_tls_common.js index de96fa687dcc02..55e00b732c66cc 100644 --- a/lib/_tls_common.js +++ b/lib/_tls_common.js @@ -31,8 +31,8 @@ const { const { SSL_OP_CIPHER_SERVER_PREFERENCE } = process.binding('constants').crypto; -// Lazily loaded -var crypto = null; +// Lazily loaded from internal/crypto/util. +let toBuf = null; const { SecureContext: NativeSecureContext } = process.binding('crypto'); @@ -178,26 +178,26 @@ exports.createSecureContext = function createSecureContext(options, context) { } if (options.pfx) { - if (!crypto) - crypto = require('crypto'); + if (!toBuf) + toBuf = require('internal/crypto/util').toBuf; if (Array.isArray(options.pfx)) { for (i = 0; i < options.pfx.length; i++) { const pfx = options.pfx[i]; const raw = pfx.buf ? pfx.buf : pfx; - const buf = crypto._toBuf(raw); + const buf = toBuf(raw); const passphrase = pfx.passphrase || options.passphrase; if (passphrase) { - c.context.loadPKCS12(buf, crypto._toBuf(passphrase)); + c.context.loadPKCS12(buf, toBuf(passphrase)); } else { c.context.loadPKCS12(buf); } } } else { - const buf = crypto._toBuf(options.pfx); + const buf = toBuf(options.pfx); const passphrase = options.passphrase; if (passphrase) { - c.context.loadPKCS12(buf, crypto._toBuf(passphrase)); + c.context.loadPKCS12(buf, toBuf(passphrase)); } else { c.context.loadPKCS12(buf); } diff --git a/lib/crypto.js b/lib/crypto.js index fa9412bc85289d..6693b11c7378b0 100644 --- a/lib/crypto.js +++ b/lib/crypto.js @@ -139,7 +139,7 @@ function createVerify(algorithm, options) { module.exports = exports = { // Methods - _toBuf: toBuf, + _toBuf: deprecate(toBuf, 'crypto._toBuf is deprecated.', 'DEP00XX'), createCipheriv, createDecipheriv, createDiffieHellman, diff --git a/test/parallel/test-crypto.js b/test/parallel/test-crypto.js index 88d49167100fbe..1fcadb57d997f7 100644 --- a/test/parallel/test-crypto.js +++ b/test/parallel/test-crypto.js @@ -25,6 +25,13 @@ const common = require('../common'); if (!common.hasCrypto) common.skip('missing crypto'); +common.expectWarning({ + DeprecationWarning: [ + ['crypto.createCipher is deprecated.', 'DEP0106'], + ['crypto._toBuf is deprecated.', 'DEP00XX'] + ] +}); + const assert = require('assert'); const crypto = require('crypto'); const tls = require('tls'); @@ -294,3 +301,8 @@ testEncoding({ testEncoding({ defaultEncoding: 'latin1' }, assertionHashLatin1); + +{ + // Test that the exported _toBuf function is deprecated. + crypto._toBuf(Buffer.alloc(0)); +}