Skip to content

crypto: deprecate digest == null in PBKDF2 #22861

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
tniessen wants to merge 1 commit into from
Closed

crypto: deprecate digest == null in PBKDF2 #22861

tniessen wants to merge 1 commit into from

Conversation

@tniessen
Copy link
Member

@tniessen tniessen commented Sep 14, 2018
edited
Loading

I assume that permitting digest === null was unintentional when digest === undefined was deprecated since their behavior was equivalent. The sha1 default for digest === null has somehow made it through refactoring of the PBKDF2 module multiple times, even though digest === undefined has been EOL for some time now.

This change deprecates setting digest to null so we can fix the behavior in Node.js 12 or so.

Checklist
  • make -j4 test (UNIX), or vcbuild test (Windows) passes
  • tests and/or benchmarks are included
  • documentation is changed or added
  • commit message follows commit guidelines

@tniessen tniessen added the semver-major PRs that contain breaking changes and should be released in the next major version. label Sep 14, 2018
@tniessen tniessen added this to the 11.0.0 milestone Sep 14, 2018
@tniessen tniessen requested a review from jasnell September 14, 2018 11:44
@nodejs-github-bot nodejs-github-bot added the crypto Issues and PRs related to the crypto subsystem. label Sep 14, 2018
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Sep 14, 2018

@tniessen build started: https://ci.nodejs.org/blue/organizations/jenkins/node-test-pull-request-lite-pipeline/detail/node-test-pull-request-lite-pipeline/888/pipeline

@tniessen
Copy link
Member Author

tniessen commented Sep 14, 2018

cc @nodejs/tsc @nodejs/security-wg @nodejs/crypto

@tniessen tniessen mentioned this pull request Sep 14, 2018
Closed
4 tasks
vsemozhetbyt
vsemozhetbyt reviewed Sep 14, 2018
View reviewed changes
doc/api/deprecations.md Outdated
Copy link
Contributor

@vsemozhetbyt vsemozhetbyt Sep 14, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

an -> a

lpinca
lpinca reviewed Sep 15, 2018
View reviewed changes
lib/internal/crypto/pbkdf2.js Outdated
Copy link
Member

@lpinca lpinca Sep 15, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If I'm not wrong this is emitted every time check() is called, is this wanted?

Copy link
Member Author

@tniessen tniessen Sep 16, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

check is called once per crypto.pbkdf2 / crypto.pbkdf2Sync call. Would you prefer to only warn once throughout the whole execution?

Copy link
Member

@lpinca lpinca Sep 16, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, I think it's better. As is it may create too much noise.

@tniessen tniessen added the deprecations Issues and PRs related to deprecations. label Sep 17, 2018
@tniessen
Copy link
Member Author

tniessen commented Sep 17, 2018
edited
Loading

@lpinca I rewrote it to use the deprecate function, that should take care of it. PTAL.

CI: https://ci.nodejs.org/job/node-test-pull-request/17234/
Resumed in https://ci.nodejs.org/job/node-test-pull-request/17244/
Resumed in https://ci.nodejs.org/job/node-test-pull-request/17266/

@tniessen
crypto: deprecate digest == null in PBKDF2
6bcfb6f 
I assume that permitting digest === null was unintentional when
digest === undefined was deprecated since their behavior was
equivalent. The sha1 default for digest === null has somehow made it
through refactoring of the PBKDF2 module multiple times, even though
digest === undefined has been EOL for some time now.

This change deprecates setting digest to null so we can fix the
behavior in Node.js 12 or so.
@tniessen tniessen force-pushed the crypto-fix-pbkdf2-behavior-for-digest-null branch from 3aef5e5 to 6bcfb6f Compare September 18, 2018 14:14
@tniessen
Copy link
Member Author

tniessen commented Sep 18, 2018
edited
Loading

Rebased on top of #22858. New CI: https://ci.nodejs.org/job/node-test-pull-request/17288/
Re-run on Windows: https://ci.nodejs.org/job/node-test-commit-windows-fanned/20837/

@joyeecheung joyeecheung mentioned this pull request Sep 18, 2018
Closed
@tniessen
Copy link
Member Author

tniessen commented Sep 19, 2018
edited
Loading

Landed in 19ad6b8, thanks for reviewing.

@tniessen tniessen closed this Sep 19, 2018
tniessen added a commit that referenced this pull request Sep 19, 2018
@tniessen
crypto: deprecate digest == null in PBKDF2
19ad6b8 
I assume that permitting digest === null was unintentional when
digest === undefined was deprecated since their behavior was
equivalent. The sha1 default for digest === null has somehow made it
through refactoring of the PBKDF2 module multiple times, even though
digest === undefined has been EOL for some time now.

This change deprecates setting digest to null so we can fix the
behavior in Node.js 12 or so.

PR-URL: #22861
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jasnell jasnell jasnell approved these changes

@addaleax addaleax addaleax approved these changes

@lpinca lpinca lpinca approved these changes

+1 more reviewer

@vsemozhetbyt vsemozhetbyt vsemozhetbyt left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

crypto Issues and PRs related to the crypto subsystem. deprecations Issues and PRs related to deprecations. semver-major PRs that contain breaking changes and should be released in the next major version.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@tniessen @nodejs-github-bot @jasnell @addaleax @lpinca @vsemozhetbyt