crypto: assign deprecation code for setAuthTag/GCM
PR-URL: https://github.com/nodejs/node/pull/18017 Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Michaël Zasso <targos@protonmail.com>
This commit is contained in:
parent
b12425d055
commit
858b48b692
@ -807,6 +807,18 @@ Importing assert directly is not recommended as the exposed functions will use
|
||||
loose equality checks. Use `require('assert').strict` instead. The API is the
|
||||
same as the legacy assert but it will always use strict equality checks.
|
||||
|
||||
<a id="DEP0090"></a>
|
||||
### DEP0090: Invalid GCM authentication tag lengths
|
||||
|
||||
Type: Runtime
|
||||
|
||||
Node.js supports all GCM authentication tag lengths which are accepted by
|
||||
OpenSSL when calling [`decipher.setAuthTag()`][]. This behavior will change in
|
||||
a future version at which point only authentication tag lengths of 128, 120,
|
||||
112, 104, 96, 64, and 32 bits will be allowed. Authentication tags whose length
|
||||
is not included in this list will be considered invalid in compliance with
|
||||
[NIST SP 800-38D][].
|
||||
|
||||
[`Buffer.allocUnsafeSlow(size)`]: buffer.html#buffer_class_method_buffer_allocunsafeslow_size
|
||||
[`Buffer.from(array)`]: buffer.html#buffer_class_method_buffer_from_array
|
||||
[`Buffer.from(buffer)`]: buffer.html#buffer_class_method_buffer_from_buffer
|
||||
@ -821,6 +833,7 @@ same as the legacy assert but it will always use strict equality checks.
|
||||
[`console.log()`]: console.html#console_console_log_data_args
|
||||
[`crypto.createCredentials()`]: crypto.html#crypto_crypto_createcredentials_details
|
||||
[`crypto.pbkdf2()`]: crypto.html#crypto_crypto_pbkdf2_password_salt_iterations_keylen_digest_callback
|
||||
[`decipher.setAuthTag()`]: crypto.html#crypto_decipher_setauthtag_buffer
|
||||
[`domain`]: domain.html
|
||||
[`ecdh.setPublicKey()`]: crypto.html#crypto_ecdh_setpublickey_publickey_encoding
|
||||
[`emitter.listenerCount(eventName)`]: events.html#events_emitter_listenercount_eventname
|
||||
@ -871,4 +884,5 @@ same as the legacy assert but it will always use strict equality checks.
|
||||
[alloc_unsafe_size]: buffer.html#buffer_class_method_buffer_allocunsafe_size
|
||||
[from_arraybuffer]: buffer.html#buffer_class_method_buffer_from_arraybuffer_byteoffset_length
|
||||
[from_string_encoding]: buffer.html#buffer_class_method_buffer_from_string_encoding
|
||||
[NIST SP 800-38D]: http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf
|
||||
[`REPLServer.clearBufferedCommand()`]: repl.html#repl_replserver_clearbufferedcommand
|
||||
|
@ -3157,10 +3157,11 @@ void CipherBase::SetAuthTag(const FunctionCallbackInfo<Value>& args) {
|
||||
// Restrict GCM tag lengths according to NIST 800-38d, page 9.
|
||||
unsigned int tag_len = Buffer::Length(args[0]);
|
||||
if (tag_len > 16 || (tag_len < 12 && tag_len != 8 && tag_len != 4)) {
|
||||
ProcessEmitWarning(cipher->env(),
|
||||
char msg[125];
|
||||
snprintf(msg, sizeof(msg),
|
||||
"Permitting authentication tag lengths of %u bytes is deprecated. "
|
||||
"Valid GCM tag lengths are 4, 8, 12, 13, 14, 15, 16.",
|
||||
tag_len);
|
||||
"Valid GCM tag lengths are 4, 8, 12, 13, 14, 15, 16.", tag_len);
|
||||
ProcessEmitDeprecationWarning(cipher->env(), msg, "DEP0090");
|
||||
}
|
||||
|
||||
// Note: we don't use std::max() here to work around a header conflict.
|
||||
|
@ -335,13 +335,17 @@ const errMessages = {
|
||||
|
||||
const ciphers = crypto.getCiphers();
|
||||
|
||||
common.expectWarning('Warning', (common.hasFipsCrypto ? [] : [
|
||||
'Use Cipheriv for counter mode of aes-192-gcm'
|
||||
]).concat(
|
||||
[0, 1, 2, 6, 9, 10, 11, 17]
|
||||
const expectedWarnings = common.hasFipsCrypto ?
|
||||
[] : ['Use Cipheriv for counter mode of aes-192-gcm'];
|
||||
|
||||
const expectedDeprecationWarnings = [0, 1, 2, 6, 9, 10, 11, 17]
|
||||
.map((i) => `Permitting authentication tag lengths of ${i} bytes is ` +
|
||||
'deprecated. Valid GCM tag lengths are 4, 8, 12, 13, 14, 15, 16.')
|
||||
));
|
||||
'deprecated. Valid GCM tag lengths are 4, 8, 12, 13, 14, 15, 16.');
|
||||
|
||||
common.expectWarning({
|
||||
Warning: expectedWarnings,
|
||||
DeprecationWarning: expectedDeprecationWarnings
|
||||
});
|
||||
|
||||
for (const test of TEST_CASES) {
|
||||
if (!ciphers.includes(test.algo)) {
|
||||
|
Loading…
x
Reference in New Issue
Block a user