profile
viewpoint
James M Snell jasnell @nearform Clovis, California http://jasnell.me "I can't breathe" #bidenharris202 #blacklivesmatter #notmypresident

jasnell/activitystrea.ms 140

Activity Streams 2.0 for Node.js (this package is not actively maintained, if you'd like to help, let me know)

Fishrock123/bob 68

🚰 binary data "streams+" via data producers, data consumers, and pull flow.

davidmarkclements/proffer 12

Realtime V8 Tick Profiler

jasnell/activitystreams 5

Activity Streams 2.0 Java Reference Implementation

jasnell/activitystreams.jsonld 5

http://asjsonld.mybluemix.net

addaleax/node 4

Node.js JavaScript runtime :sparkles::turtle::rocket::sparkles:

jasnell/as2-schema 4

activitystrea.ms schema.org extensions

issue commentnodejs/admin

Proposal to transfer the Corepack repo into the Node.js organization

Well, let's keep in mind that moving the repo in to the node.js org is a separate matter than deciding to ship it in core. We can decide one long before deciding the other.

arcanis

comment created time in 5 hours

issue commentnodejs/admin

Proposal to transfer the Corepack repo into the Node.js organization

What's the concern about using typescript?

@Qard ... I'm curious what additional overhead you're concerned about. There should be very little regular maintenance required... At least, definitely no more so than our current npm maintenance.

arcanis

comment created time in 5 hours

pull request commentnodejs/node

deps: Experiments with Corepack

What's the story for self-updating

Well, to be clear, corepack does not currently replace the npm binary. So there's no immediate risk there. That said, the corepack prepare and corepack hydrate commands cover updating the package manager versions. Newer versions can also be pinned in the package.json for a project.

What's the story for updating the version that pmm has in its "known good" set?

Pull request... No different really than updating the npm client version in core.

How is this better than just shipping all three package managers,

People who do not want yarn installed should not ever need to have it. Shipping all three would bloat the installer image needlessly, and providing an option to download on install is really no different. This gives the additional benefit of allowing different projects to select which package manager they require, which an install time only option would not provide.

arcanis

comment created time in 5 hours

pull request commentnodejs/node

deps: Experiments with Corepack

To some of @bnb's questions:

what are the criteria for adding package managers to corepack what are the criteria for removing package mangers to corepack what are the criteria for evolutions of package managers (like Berry) being added to corepack do all the current package managers meet all those criteria are there any package managers that are left out despite meeting that criteria

I do not believe that these need to be answered before this lands and while it is still marked experimental. I would agree that these are exit criteria to graduate from experimental, however.

have we measured the impact on our consumers, like FaaS platforms or end-user developers what is that impact on our users, beyond speculation

We really won't know until it's in user's hands, for that, we should land it as opt-in experimental.

can users turn this off

They should be able to, yes.

are we comfortable adding something this fundamental that has a single maintainer are we as the Node.js willing and 100% able to commit, without question, to supporting this for the next decade

We haven't applied that strict of reasoning to other things and we shouldn't now. There's no guarantee that anything we add to Node.js is going to have people willing and able "without question" to support it for the next decade. That said, this is the whole reason for wanting to bring the project into Node.js and encourage additional maintainers. That said, this thing is really small and shouldn't need much effort to maintain.

if we land this, shouldn't it be behind a flag

Given that it's an install-time thing and not a Node.js runtime thing, the "flag" would be an option in the interactive installer to omit it, which absolutely should be the case.

arcanis

comment created time in 9 hours

push eventjasnell/node

James M Snell

commit sha 972284dc2a8867211910253f6823d132da8d41f1

...

view details

push time in 10 hours

push eventjasnell/node

James M Snell

commit sha 30b7eddf8611148fa57b591dde287691a7936794

...

view details

push time in 10 hours

push eventjasnell/node

James M Snell

commit sha 687aa08eabed2da07c26e85c116e743e47080eee

fixup! fixup! crypto: refactoring internals, add WebCrypto

view details

push time in 10 hours

push eventjasnell/node

James M Snell

commit sha c373d39500d0efac452fbcd6e6dc0aeaa75cb117

crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com>

view details

James M Snell

commit sha 4fb5849f1a85525879b966a97acde725cfebfc63

fixup! crypto: refactoring internals, add WebCrypto

view details

James M Snell

commit sha 7ffd1c599e4cd4d8964ee9a52b901ec2b87b88ae

fixup! fixup! crypto: refactoring internals, add WebCrypto

view details

push time in 10 hours

push eventjasnell/node

James M Snell

commit sha fb639574d3a46dc6d9341026fd41be3164a00667

fixup! fixup! ...

view details

push time in 12 hours

push eventjasnell/node

James M Snell

commit sha 0c5846b6eb55c3d71b7304a929e04355e454173c

fixup! ...

view details

push time in 12 hours

push eventjasnell/node

James M Snell

commit sha 0c801dd294cbca7f8345bfbc198f582a33235287

...

view details

push time in 12 hours

push eventjasnell/node

James M Snell

commit sha 9b20cf9337428e7026823f060c4675d181202ea6

crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com>

view details

push time in 13 hours

Pull request review commentnodejs/node

deps: Experiments with Corepack

+#!/usr/bin/env node

I'm not sure if it's implemented yet or not, but there was also discussion around being able to set configuration options to disable the download. It would likely be possible to have the tool remove the jumpers from the path when requested to do so. For interactive installers, it should be possible to make that configurable (e.g. by default install all jumpers but give the user the option to select them during the install)

arcanis

comment created time in 14 hours

PullRequestReviewEvent

Pull request review commentnodejs/node

deps: Experiments with Corepack

+#!/usr/bin/env node

@devsnek ... this would not install the binaries by default. It installs jumpers that would download the binaries on demand if needed and it would be possible to block it via configuration.

arcanis

comment created time in 16 hours

PullRequestReviewEvent

pull request commentnodejs/node

deps: Experiments with Corepack

Fantastic to see progress on this!

With regards to the questions:

Should I add Windows support?

I'd say that's a requirement, yes.

Should I transfer the Corepack repository to the Node org? If so, how?

To do so, we'd need an issue opened in the nodejs/admin repo proposing the change. Assuming there are no objections after a few days, it's considered accepted and we just move it in. There's no real fanfare here.

What testing strategy do you recommend? Corepack itself is tested on its repository: here

Take a look at the test/parallel/test-npm-* tests and follow a similar pattern. The testing does not have to be comprehensive but should be enough to be reasonably certain that changes in core haven't broken something in corepack.

arcanis

comment created time in 16 hours

pull request commentnodejs/node

crypto: add simple getCipherInfo

@bnoordhuis ... yeah, I've done the same before. I think the key difference here is just fewer possible allocations but you're right that it duplicates the behavior just a bit. The key question is whether that is ok. Another approach we can take here is to populate the createCipherInfo() return object with the known acceptable ranges for key and iv length for ciphers that are known to be variable.

For instance, something like...

{
  name: 'rc4',
  // ...
  keyLength: { min: 1 }  // no max
}

or

{
  name: 'aes-192-ocb',
  // ...
  ivLength: { min: 7, max: 15 }
}

The other question I would have is: would it be better for the lengths to be expressed in terms of bits? For instance, max iv for ocb modes is anything less than 128 bits.... so a 127 bit iv is allowed but not expressed properly in the info object if we align everything on number of bytes.

jasnell

comment created time in 17 hours

push eventjasnell/node

James M Snell

commit sha f229b56b14262de80c5c12963b7d0cb5b3a51559

fixup! crypto: refactoring internals, add WebCrypto

view details

push time in 2 days

pull request commentnodejs/node

crypto: add simple getCipherInfo

Ok, @tniessen, I've extended this API to make it a bit more useful for variable key length and iv length ciphers. Specifically, the getCipherInfo() can include keyLength and ivLength options that will be tested against the given cipher. If they are acceptable, then the info is returned, if they are not undefined is returned. The tests are applied for OCB, GCM, and CCM mode ciphers.

So, for instance,

crypto.getCipherInfo('aes-192-ocb', { ivLength: 10 });  // works!
crypto.getCipherInfo('aes-192-ocb', { ivLength: 18 });  // returns undefined

crypto.getCipherInfo('rc4', { keyLength: 10 }); // works!
crypto.getCipherInfo('aes-192-ccm', { keyLength: 18 }); // returns undefined

This way we can at least test to see if given parameters are usable for the given cipher.

Other changes:

  1. I've removed the type property
  2. For stream ciphers, the blockSize property is omitted
  3. For ciphers that do not use an iv, the ivLength property is omitted
jasnell

comment created time in 2 days

push eventjasnell/node

James M Snell

commit sha 0245e9d81e1649c91ff872ac2d5d848c54dbdfe7

crypto: add getCipherInfo method Simple method for retrieving basic information about a cipher (such as block length, expected or default iv length, key length, etc) Signed-off-by: James M Snell <jasnell@gmail.com> Fixes: https://github.com/nodejs/node/issues/22304

view details

push time in 2 days

Pull request review commentnodejs/node

crypto: add simple getCipherInfo

 const ciphers = crypto.getCiphers(); console.log(ciphers); // ['aes-128-cbc', 'aes-128-ccm', ...] ``` +### `crypto.getCipherInfo(nameOrNid)`+<!-- YAML+added: REPLACEME+-->++* `nameOrNid`: {string|number} The name or nid of the cipher to query.+* Returns: {Object}+  * `name` {string} The name of the cipher+  * `nid` {number} The nid of the cipher+  * `blockSize` {number} The block size of the cipher.

For all the stream ciphers, blockSize returns 1, let's actually omit this property for stream ciphers.

jasnell

comment created time in 2 days

PullRequestReviewEvent

Pull request review commentnodejs/node

crypto: add simple getCipherInfo

 bool IsSupportedAuthenticatedMode(const EVP_CIPHER_CTX* ctx) { bool IsValidGCMTagLength(unsigned int tag_len) {   return tag_len == 4 || tag_len == 8 || (tag_len >= 12 && tag_len <= 16); }++// Collects and returns information on the given cipher+void GetCipherInfo(const FunctionCallbackInfo<Value>& args) {+  Environment* env = Environment::GetCurrent(args);+  CHECK(args[0]->IsObject());+  Local<Object> info = args[0].As<Object>();++  CHECK(args[1]->IsString() || args[1]->IsInt32());++  const EVP_CIPHER* cipher;+  if (args[1]->IsString()) {+    Utf8Value name(env->isolate(), args[1]);+    cipher = EVP_get_cipherbyname(*name);+  } else {+    int nid = args[1].As<Int32>()->Value();+    if (nid < 0) return;+    cipher = EVP_get_cipherbynid(nid);+  }++  if (cipher == nullptr)+    return;++  USE(info->Set(+      env->context(),+      env->name_string(),+      OneByteString(env->isolate(), EVP_CIPHER_name(cipher))));++  USE(info->Set(+      env->context(),+      FIXED_ONE_BYTE_STRING(env->isolate(), "nid"),+      Int32::New(env->isolate(), EVP_CIPHER_nid(cipher))));++  USE(info->Set(+      env->context(),+      FIXED_ONE_BYTE_STRING(env->isolate(), "blockSize"),+      Int32::New(env->isolate(), EVP_CIPHER_block_size(cipher))));++  USE(info->Set(+      env->context(),+      FIXED_ONE_BYTE_STRING(env->isolate(), "ivLength"),+      Int32::New(env->isolate(), EVP_CIPHER_iv_length(cipher))));++  USE(info->Set(+      env->context(),+      FIXED_ONE_BYTE_STRING(env->isolate(), "keyLength"),+      Int32::New(env->isolate(), EVP_CIPHER_key_length(cipher))));++  int mode = EVP_CIPHER_mode(cipher);+  const char* mode_label = nullptr;+  switch (mode) {+    case EVP_CIPH_ECB_MODE: mode_label = "ecb"; break;+    case EVP_CIPH_CBC_MODE: mode_label = "cbc"; break;+    case EVP_CIPH_CFB_MODE: mode_label = "cfb"; break;+    case EVP_CIPH_CTR_MODE: mode_label = "ctr"; break;+    case EVP_CIPH_OFB_MODE: mode_label = "ofb"; break;+    case EVP_CIPH_WRAP_MODE: mode_label = "wrap"; break;+    case EVP_CIPH_STREAM_CIPHER: mode_label = "stream"; break;+  }

Both chacha20 and chacha20-poly1305 are indeed classified as stream ciphers.

jasnell

comment created time in 2 days

PullRequestReviewEvent

Pull request review commentnodejs/node

crypto: add simple getCipherInfo

 const ciphers = crypto.getCiphers(); console.log(ciphers); // ['aes-128-cbc', 'aes-128-ccm', ...] ``` +### `crypto.getCipherInfo(nameOrNid)`+<!-- YAML+added: REPLACEME+-->++* `nameOrNid`: {string|number} The name or nid of the cipher to query.+* Returns: {Object}+  * `name` {string} The name of the cipher+  * `nid` {number} The nid of the cipher+  * `blockSize` {number} The block size of the cipher.+  * `ivLength` {number} The expected or default initialization vector length or+    zero if the cipher does not use an initialization vector.+  * `keyLength` {number} The expected or default key length.+  * `mode` {string} The cipher mode. One of `'ecb'`, `'cbc'`, `'cfb'`, `'ctr'`,+    `'ofb'`, `'wrap'`, or `'stream'`.+  * `type` {string} The cipher type.

Yeah, I was considering dropping it as I'm not really convinced it's needed.

jasnell

comment created time in 2 days

PullRequestReviewEvent

Pull request review commentnodejs/node

crypto: add simple getCipherInfo

 bool IsSupportedAuthenticatedMode(const EVP_CIPHER_CTX* ctx) { bool IsValidGCMTagLength(unsigned int tag_len) {   return tag_len == 4 || tag_len == 8 || (tag_len >= 12 && tag_len <= 16); }++// Collects and returns information on the given cipher+void GetCipherInfo(const FunctionCallbackInfo<Value>& args) {+  Environment* env = Environment::GetCurrent(args);+  CHECK(args[0]->IsObject());+  Local<Object> info = args[0].As<Object>();++  CHECK(args[1]->IsString() || args[1]->IsInt32());++  const EVP_CIPHER* cipher;+  if (args[1]->IsString()) {+    Utf8Value name(env->isolate(), args[1]);+    cipher = EVP_get_cipherbyname(*name);+  } else {+    int nid = args[1].As<Int32>()->Value();+    if (nid < 0) return;+    cipher = EVP_get_cipherbynid(nid);+  }++  if (cipher == nullptr)+    return;++  USE(info->Set(+      env->context(),+      env->name_string(),+      OneByteString(env->isolate(), EVP_CIPHER_name(cipher))));++  USE(info->Set(+      env->context(),+      FIXED_ONE_BYTE_STRING(env->isolate(), "nid"),+      Int32::New(env->isolate(), EVP_CIPHER_nid(cipher))));++  USE(info->Set(+      env->context(),+      FIXED_ONE_BYTE_STRING(env->isolate(), "blockSize"),+      Int32::New(env->isolate(), EVP_CIPHER_block_size(cipher))));++  USE(info->Set(+      env->context(),+      FIXED_ONE_BYTE_STRING(env->isolate(), "ivLength"),+      Int32::New(env->isolate(), EVP_CIPHER_iv_length(cipher))));++  USE(info->Set(+      env->context(),+      FIXED_ONE_BYTE_STRING(env->isolate(), "keyLength"),+      Int32::New(env->isolate(), EVP_CIPHER_key_length(cipher))));

Indeed, I was investigating whether openssl provided a way of determining that and it appears there's not. We'll likely need a lookup table to augment the information returned.

jasnell

comment created time in 2 days

PullRequestReviewEvent

PR opened nodejs/node

crypto: add simple getCipherInfo

This builds on https://github.com/nodejs/node/pull/35093 which has to land first.

Checklist

<!-- Remove items that do not apply. For completed items, change [ ] to [x]. -->

  • [ ] make -j4 test (UNIX), or vcbuild test (Windows) passes
  • [ ] tests and/or benchmarks are included
  • [ ] documentation is changed or added
  • [ ] commit message follows commit guidelines

<!-- Developer's Certificate of Origin 1.1

By making a contribution to this project, I certify that:

(a) The contribution was created in whole or in part by me and I have the right to submit it under the open source license indicated in the file; or

(b) The contribution is based upon previous work that, to the best of my knowledge, is covered under an appropriate open source license and I have the right under that license to submit that work with modifications, whether created in whole or in part by me, under the same open source license (unless I am permitted to submit under a different license), as indicated in the file; or

(c) The contribution was provided directly to me by some other person who certified (a), (b) or (c) and I have not modified it.

(d) I understand and agree that this project and the contribution are public and that a record of the contribution (including all personal information I submit with it, including my sign-off) is maintained indefinitely and may be redistributed consistent with this project or the open source license(s) involved. -->

+27727 -8549

0 comment

149 changed files

pr created time in 2 days

create barnchjasnell/node

branch : subcrypto-cipherinfo

created branch time in 2 days

push eventjasnell/node

James M Snell

commit sha d44075d942c69afebcdfc399a4c4a7e60068f1ae

crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com>

view details

push time in 2 days

push eventjasnell/node

James M Snell

commit sha 0d8f1e13a1bd2bd1d79fbd16cff20f34f1d6548f

crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com>

view details

push time in 2 days

push eventjasnell/node

James M Snell

commit sha 138a24b3087eed51658e336361c8a2748b4ebf00

crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com>

view details

push time in 2 days

push eventjasnell/node

James M Snell

commit sha 8e5c75b4ca8a4d9669eeba029b534ba1979b309f

crypto: add NODE-DSA extension alg to WebCrypto The WebCrypto API does not include support for DSA, but it's been a long standing part of Node.js. This introduces the `'NODE-DSA'` extension algorithm. Signed-off-by: James M Snell <jasnell@gmail.com>

view details

James M Snell

commit sha 69376ec6b18cb4c1c761d0e564aad7fcdae480d7

crypto: add NODE-DH extension for WebCrypto Extends the WebCrypto API to support traditional diffie-hellman Signed-off-by: James M Snell <jasnell@gmail.com>

view details

push time in 3 days

push eventjasnell/node

James M Snell

commit sha 08eb9259e270ff95a3f1089537be71410e95efc3

crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com>

view details

James M Snell

commit sha 51bbe3fbcd262202766cfed481e436252e011bf8

crypto: add NODE-DSA extension alg to WebCrypto The WebCrypto API does not include support for DSA, but it's been a long standing part of Node.js. This introduces the `'NODE-DSA'` extension algorithm.

view details

push time in 3 days

issue closednodejs/node

Crash on Promise rejections exits repl

@nodejs/tsc ... (particularly @mmarchini and @BridgeAR )

I don't know if this really is the behavior that was intended, however, with the recent change to unhandled promise rejections, an unhandled rejection in the repl will cause it to exit.

For instance, prior behavior:

james@ubuntu:~/node/node$ node
Welcome to Node.js v14.11.0.
Type ".help" for more information.
> Promise.reject(new Error('foo'))
Promise {
  <rejected> Error: foo
      at REPL1:1:16
      at Script.runInThisContext (vm.js:132:18)
      at REPLServer.defaultEval (repl.js:479:29)
      at bound (domain.js:430:14)
      at REPLServer.runBound [as eval] (domain.js:443:12)
      at REPLServer.onLine (repl.js:809:10)
      at REPLServer.emit (events.js:326:22)
      at REPLServer.EventEmitter.emit (domain.js:486:12)
      at REPLServer.Interface._onLine (readline.js:337:10)
      at REPLServer.Interface._line (readline.js:666:8)
}
> (node:15870) UnhandledPromiseRejectionWarning: Error: foo
    at REPL1:1:16
    at Script.runInThisContext (vm.js:132:18)
    at REPLServer.defaultEval (repl.js:479:29)
    at bound (domain.js:430:14)
    at REPLServer.runBound [as eval] (domain.js:443:12)
    at REPLServer.onLine (repl.js:809:10)
    at REPLServer.emit (events.js:326:22)
    at REPLServer.EventEmitter.emit (domain.js:486:12)
    at REPLServer.Interface._onLine (readline.js:337:10)
    at REPLServer.Interface._line (readline.js:666:8)
(Use `node --trace-warnings ...` to show where the warning was created)
(node:15870) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). To terminate the node process on unhandled promise rejection, use the CLI flag `--unhandled-rejections=strict` (see https://nodejs.org/api/cli.html#cli_unhandled_rejections_mode). (rejection id: 1)
(node:15870) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.

>

Current behavior:

james@ubuntu:~/node/node$ ./node
Welcome to Node.js v15.0.0-pre.
Type ".help" for more information.
> Promise.reject(new Error('foo'))
Promise {
  <rejected> Error: foo
      at REPL1:1:16
      at Script.runInThisContext (vm.js:132:18)
      at REPLServer.defaultEval (repl.js:469:29)
      at bound (domain.js:430:14)
      at REPLServer.runBound [as eval] (domain.js:443:12)
      at REPLServer.onLine (repl.js:785:10)
      at REPLServer.emit (events.js:338:22)
      at REPLServer.EventEmitter.emit (domain.js:486:12)
      at REPLServer.Interface._onLine (readline.js:337:10)
      at REPLServer.Interface._line (readline.js:666:8)
}
> internal/process/promises.js:218
          triggerUncaughtException(err, true /* fromPromise */);
          ^

Error: foo
    at REPL1:1:16
    at Script.runInThisContext (vm.js:132:18)
    at REPLServer.defaultEval (repl.js:469:29)
    at bound (domain.js:430:14)
    at REPLServer.runBound [as eval] (domain.js:443:12)
    at REPLServer.onLine (repl.js:785:10)
    at REPLServer.emit (events.js:338:22)
    at REPLServer.EventEmitter.emit (domain.js:486:12)
    at REPLServer.Interface._onLine (readline.js:337:10)
    at REPLServer.Interface._line (readline.js:666:8)
james@ubuntu:~/node/node$

Given that unhandled exceptions do not typically crash the repl, I'm thinking that the current behavior is too rigid for the repl and we should not crash the process.

closed time in 3 days

jasnell

issue commentnodejs/node

Crash on Promise rejections exits repl

Ah, thanks @targos, I hadn't spotted that one

jasnell

comment created time in 3 days

issue openednodejs/node

Crash on Promise rejections exits repl

@nodejs/tsc ... (particularly @mmarchini and @BridgeAR )

I don't know if this really is the behavior that was intended, however, with the recent change to unhandled promise rejections, an unhandled rejection in the repl will cause it to exit.

For instance, prior behavior:

james@ubuntu:~/node/node$ node
Welcome to Node.js v14.11.0.
Type ".help" for more information.
> Promise.reject(new Error('foo'))
Promise {
  <rejected> Error: foo
      at REPL1:1:16
      at Script.runInThisContext (vm.js:132:18)
      at REPLServer.defaultEval (repl.js:479:29)
      at bound (domain.js:430:14)
      at REPLServer.runBound [as eval] (domain.js:443:12)
      at REPLServer.onLine (repl.js:809:10)
      at REPLServer.emit (events.js:326:22)
      at REPLServer.EventEmitter.emit (domain.js:486:12)
      at REPLServer.Interface._onLine (readline.js:337:10)
      at REPLServer.Interface._line (readline.js:666:8)
}
> (node:15870) UnhandledPromiseRejectionWarning: Error: foo
    at REPL1:1:16
    at Script.runInThisContext (vm.js:132:18)
    at REPLServer.defaultEval (repl.js:479:29)
    at bound (domain.js:430:14)
    at REPLServer.runBound [as eval] (domain.js:443:12)
    at REPLServer.onLine (repl.js:809:10)
    at REPLServer.emit (events.js:326:22)
    at REPLServer.EventEmitter.emit (domain.js:486:12)
    at REPLServer.Interface._onLine (readline.js:337:10)
    at REPLServer.Interface._line (readline.js:666:8)
(Use `node --trace-warnings ...` to show where the warning was created)
(node:15870) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). To terminate the node process on unhandled promise rejection, use the CLI flag `--unhandled-rejections=strict` (see https://nodejs.org/api/cli.html#cli_unhandled_rejections_mode). (rejection id: 1)
(node:15870) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.

>

Current behavior:

james@ubuntu:~/node/node$ ./node
Welcome to Node.js v15.0.0-pre.
Type ".help" for more information.
> Promise.reject(new Error('foo'))
Promise {
  <rejected> Error: foo
      at REPL1:1:16
      at Script.runInThisContext (vm.js:132:18)
      at REPLServer.defaultEval (repl.js:469:29)
      at bound (domain.js:430:14)
      at REPLServer.runBound [as eval] (domain.js:443:12)
      at REPLServer.onLine (repl.js:785:10)
      at REPLServer.emit (events.js:338:22)
      at REPLServer.EventEmitter.emit (domain.js:486:12)
      at REPLServer.Interface._onLine (readline.js:337:10)
      at REPLServer.Interface._line (readline.js:666:8)
}
> internal/process/promises.js:218
          triggerUncaughtException(err, true /* fromPromise */);
          ^

Error: foo
    at REPL1:1:16
    at Script.runInThisContext (vm.js:132:18)
    at REPLServer.defaultEval (repl.js:469:29)
    at bound (domain.js:430:14)
    at REPLServer.runBound [as eval] (domain.js:443:12)
    at REPLServer.onLine (repl.js:785:10)
    at REPLServer.emit (events.js:338:22)
    at REPLServer.EventEmitter.emit (domain.js:486:12)
    at REPLServer.Interface._onLine (readline.js:337:10)
    at REPLServer.Interface._line (readline.js:666:8)
james@ubuntu:~/node/node$

Given that unhandled exceptions do not typically crash the repl, I'm thinking that the current behavior is too rigid for the repl and we should not crash the process.

created time in 3 days

push eventjasnell/node

James M Snell

commit sha 6c1e2fedfba6c2c63b0c1423c989606dfbd952ff

crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com>

view details

push time in 3 days

push eventjasnell/node

Gerhard Stöbich

commit sha a63b90e8b1e2fd35afe3f7994207da66a315fc1e

doc: update attributes used by n-api samples (#35220) Update n-api samples to create object properties matching to the JS defaults. Using non configurable, non writable properties has its usecases but the JS default for class methods is `configurable` and `writable`. Js properties set by JS code `obj.prop = val` are `configurable`, `writable` and `enumerable`.

view details

Michael Dawson

commit sha f4586c902a721164c8af3c0e11db859f102dfe2e

doc: clarify use of NAPI_EXPERIMENTAL We've had a few questions about APIs not being available which were related to not having specified `NAPI_EXPERIMENTAL`. Add some additional documentation to explain this common issue: Refs: https://github.com/nodejs/node-addon-api/issues/810 Signed-off-by: Michael Dawson <mdawson@devrus.com> PR-URL: https://github.com/nodejs/node/pull/35195 Reviewed-By: Jiawen Geng <technicalcute@gmail.com> Reviewed-By: Gabriel Schulhof <gabriel.schulhof@intel.com> Reviewed-By: Chengzhong Wu <legendecas@gmail.com>

view details

Gabriel Schulhof

commit sha 31b3202d5902e7fa105949758677ea09643d8c5f

n-api: create N-API version 7 Mark `napi_detach_arraybuffer` and `napi_is_detached_arraybuffer` as stable. Signed-off-by: Gabriel Schulhof <gabriel.schulhof@intel.com> PR-URL: https://github.com/nodejs/node/pull/35199 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Jiawen Geng <technicalcute@gmail.com> Reviewed-By: Chengzhong Wu <legendecas@gmail.com> Reviewed-By: Michael Dawson <mdawson@devrus.com>

view details

Rich Trott

commit sha 448834c9504b8e6bcf44716b1f512da25fee8147

doc: relax prohibition on personal pronouns Our personal pronoun prohibition is contrary to most current technical documentation style guides. The prohibition on personal pronouns comes from academic style guides. It results in an unnecessary formal tone. It encourages wordiness and the overuse of passive voice. This change to our style guide more closely aligns us with the style guides of companies like Google, IBM, and Microsoft. Google's style guide suggests avoiding first-person pronouns and suggests: "Use the second-person pronoun (_you_) whenever possible." Refs: https://developers.google.com/style/pronouns#personal-pronouns IBM's style guide also recommends second-person voice ("Use second person ('you')"). Refs: https://www.ibm.com/developerworks/library/styleguidelines/index.html Similarly, Microsoft's style guide recommends using first person sparingly and avoiding first-person plural. "In general, use second person". Refs: https://docs.microsoft.com/en-us/style-guide/grammar/person#in-general-use-second-person PR-URL: https://github.com/nodejs/node/pull/34353 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Richard Lau <riclau@uk.ibm.com> Reviewed-By: Mary Marchini <oss@mmarchini.me> Reviewed-By: Denys Otrishko <shishugi@gmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>

view details

Rich Trott

commit sha 4c5bb1a1c7263f3b3619edb4e689fa7f5e9997d0

doc: sort repl references in ASCII order PR-URL: https://github.com/nodejs/node/pull/35230 Reviewed-By: Daijiro Wachi <daijiro.wachi@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Masashi Hirano <shisama07@gmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net>

view details

Rich Trott

commit sha 770ad3a52dad9aa9977fae19221c6701352c1110

doc: remove excessive formatting in dgram.md PR-URL: https://github.com/nodejs/node/pull/35234 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>

view details

Daijiro Wachi

commit sha a8971f87d3573ac247110e6afde0dc475fe21264

url: support non-special URLs Fixes: https://github.com/nodejs/node/issues/34899 Refs: https://github.com/whatwg/url/pull/505 Refs: https://github.com/web-platform-tests/wpt/pull/25113 PR-URL: https://github.com/nodejs/node/pull/34925 Reviewed-By: Tiancheng "Timothy" Gu <timothygu99@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>

view details

Rich Trott

commit sha 62ff6912c3f8d364a616308fc2fbd301f6853a37

doc: clarify napi_property_attributes text * Rearrange sentence to avoid ambiguity whether the entire sentence applies to a method in a JS class or just the "but not" part * Use serial comma * Correct spelling of _configurable_ PR-URL: https://github.com/nodejs/node/pull/35253 Reviewed-By: Chengzhong Wu <legendecas@gmail.com> Reviewed-By: Michael Dawson <midawson@redhat.com> Reviewed-By: Gerhard Stöbich <deb2001-github@yahoo.de> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net>

view details

Rich Trott

commit sha 87c433e120604b2c44b87d5f6bcd8f8e00da6af6

test: improve assertions in pummel/test-timers * Timers should not fire early. Check for that. * Allow the wiggle-room to increase on subsequent iterations of intervals. PR-URL: https://github.com/nodejs/node/pull/35216 Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: Andrey Pechkurov <apechkurov@gmail.com> Reviewed-By: Anto Aravinth <anto.aravinth.cse@gmail.com>

view details

Rich Trott

commit sha c31ef9827e5b2edf44734bc2eac6ea0f7989e914

doc: revise stability section of values doc Make the section a bit shorter and comply with minor elements of Microsoft Style Guide. PR-URL: https://github.com/nodejs/node/pull/35242 Reviewed-By: Mary Marchini <oss@mmarchini.me> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Daijiro Wachi <daijiro.wachi@gmail.com>

view details

Rich Trott

commit sha 039c274dded372ec3f59b31dafa8cab75277d44f

doc: standardize on _backward_ We use _backward incompatible_ and _backwards incompatible_ with no discernible pattern in the docs. Follow Chicago Manual of Style and also our standardization on US English and favor _backward_. PR-URL: https://github.com/nodejs/node/pull/35243 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Michael Dawson <midawson@redhat.com>

view details

Matteo Collina

commit sha 9c62e0e384e2ea5a45a4011f31c97be60f2a0737

stream: move to internal/streams Move all the streams constructors to internal/streams and avoid a circular dependencies between the modules. See: https://github.com/nodejs/readable-stream/issues/348 PR-URL: https://github.com/nodejs/node/pull/35239 Reviewed-By: Robert Nagy <ronagy@icloud.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Daijiro Wachi <daijiro.wachi@gmail.com>

view details

Rich Trott

commit sha 98768f3b5b9db2cb384e67acd96713a6ac931df7

doc: edit subpath export patterns introduction * Use parallel construction in the two sentences * Backticks around _package.json_ to match rest of file * Add comma for readability * Own the recommendation ("we recommend") PR-URL: https://github.com/nodejs/node/pull/35254 Reviewed-By: Jan Krems <jan.krems@gmail.com> Reviewed-By: Michael Dawson <midawson@redhat.com> Reviewed-By: Guy Bedford <guybedford@gmail.com>

view details

DrunkenPoney

commit sha 17ebd464ccdf12a4fb46334ff5d7a71f0f2e70a9

readline: fix key name for function keys with modifiers Fixes: https://github.com/nodejs/node/issues/35251 PR-URL: https://github.com/nodejs/node/pull/35268 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com>

view details

Robert Nagy

commit sha 5461794b12ca3f907a03396f56d5c0e070cca0b1

https: set requestTimeout default to 0 Fixes: https://github.com/nodejs/node/issues/35261 PR-URL: https://github.com/nodejs/node/pull/35264 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Richard Lau <riclau@uk.ibm.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Beth Griggs <Bethany.Griggs@uk.ibm.com> Reviewed-By: Rich Trott <rtrott@gmail.com>

view details

Robert Nagy

commit sha 2b9003b165d5d1855fced685444c397a06affd90

stream: don't destroy on async iterator success Destroying on async iterator completion ignores autoDestroy. PR-URL: https://github.com/nodejs/node/pull/35122 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>

view details

Myles Borins

commit sha d71b467bbe8ffa5cacb54ff70b7329256b7f9c0a

doc: put release script specifics in details Listing all the steps can be confusing an make it seem like the releaser is meant to run each of these steps manually. In fact I personally did that my first release. Let's put those steps in a details block to make it more obvious that it is informational and not steps to follow PR-URL: https://github.com/nodejs/node/pull/35260 Reviewed-By: Richard Lau <riclau@uk.ibm.com> Reviewed-By: Ruy Adorno <ruyadorno@github.com> Reviewed-By: Daijiro Wachi <daijiro.wachi@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Michaël Zasso <targos@protonmail.com>

view details

Filip Skokan

commit sha fb88257b72bb6aba8f7c30cf78917299647697fe

doc: update crypto.createSecretKey accepted types PR-URL: https://github.com/nodejs/node/pull/35246 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com>

view details

Christoph Tavan

commit sha 219e9fe600339cf0b1773ef9e6d84bff94890402

module: fix crash on multiline named cjs imports The node process crashes when trying to parse a multiline import statement for named exports of a CommonJS module: TypeError: Cannot read property '0' of null at ModuleJob._instantiate (internal/modules/esm/module_job.js:112:77) at async ModuleJob.run (internal/modules/esm/module_job.js:137:5) at async Loader.import (internal/modules/esm/loader.js:165:24) at async rejects.name (file:///***/node/test/es-module/test-esm-cjs-named-error.mjs:56:3) at async waitForActual (assert.js:721:5) at async rejects (assert.js:830:25), The reason is that the regexp that is currently used to decorate the original error fails for multi line import statements. Unfortunately the undecorated error stack only contains the single line which causes the import to fail: file:///***/node/test/fixtures/es-modules/package-cjs-named-error/multi-line.mjs:2 comeOn, ^^^^^^ SyntaxError: The requested module './fail.cjs' does not provide an export named 'comeOn' at ModuleJob._instantiate (internal/modules/esm/module_job.js:98:21) at async ModuleJob.run (internal/modules/esm/module_job.js:141:5) at async Loader.import (internal/modules/esm/loader.js:165:24) at async rejects.name (file:///***/node/test/es-module/test-esm-cjs-named-error.mjs:56:3) at async waitForActual (assert.js:721:5) at async rejects (assert.js:830:25) Hence, for multiline import statements we cannot create an equivalent piece of code that uses default import followed by an object destructuring assignment. In any case the node process should definitely not crash. So until we have a more sophisticated way of extracting the entire problematic multiline import statement, show the code example only for single-line imports where the current regexp approach works well. Refs: https://github.com/nodejs/node/issues/35259 PR-URL: https://github.com/nodejs/node/pull/35275 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Myles Borins <myles.borins@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com>

view details

Antoine du Hamel

commit sha 0b8fdb70acc2fbd47c2c89755585e042baf9588a

tools,doc: upgrade dependencies PR-URL: https://github.com/nodejs/node/pull/35244 Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Shelley Vohr <codebytere@gmail.com>

view details

push time in 4 days

push eventjasnell/node

James M Snell

commit sha 87c7c08764aba04e216e4557ca760e53c6f7d09f

crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com>

view details

push time in 4 days

push eventjasnell/node

James M Snell

commit sha a272515d7520cc50b20045e1ec2f6e4a500f836a

crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com>

view details

push time in 4 days

push eventjasnell/node

James M Snell

commit sha f439755dca9ee27a3a813d530b196ead662323ca

crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com>

view details

push time in 5 days

push eventjasnell/node

James M Snell

commit sha f78a797597f09e4e8e588b1a1e5522fd38c5ab54

crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com>

view details

push time in 5 days

push eventjasnell/node

James M Snell

commit sha 7777c210e45e7b4ed03f6a7d3c75615e344fded2

crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com>

view details

push time in 5 days

issue commentnodejs/node

Relative URLs in WHATWG URL API

That would be a non spec compatible breaking change, unfortunately. However, something like new URL('/a/path', 'https://base/') would work assuming your code can ignore or alter the host later.

TimothyGu

comment created time in 5 days

push eventjasnell/node

James M Snell

commit sha 4c009b91301eb8f5619b9a2e552eae5297e79484

crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com>

view details

push time in 5 days

push eventjasnell/node

James M Snell

commit sha eadf1a7c1364645ac0f6681eec8d1393d1d8e453

crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com>

view details

push time in 5 days

push eventjasnell/node

James M Snell

commit sha 68054e4f265521c402296a42f0db246102ff2529

...

view details

James M Snell

commit sha 8d19a821fb460970430ef6ba04301cfc20ba0349

...

view details

James M Snell

commit sha 594fec8886e7c071616e69291adfd696188edf3f

...

view details

push time in 5 days

push eventjasnell/node

James M Snell

commit sha b0affbf7f8c90bf7299a09c41dd46da5cec144e9

crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com>

view details

push time in 5 days

push eventjasnell/node

James M Snell

commit sha a6319870c9d3d3a4eccbb04f17f83dd087a497aa

crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com>

view details

push time in 6 days

PullRequestReviewEvent

Pull request review commentnodejs/node

doc: move DEP0018 to End-of-Life

 changes:   - version: v7.0.0     pr-url: https://github.com/nodejs/node/pull/8217     description: Runtime deprecation.+  - version: REPLACEME+    pr-url: https://github.com/nodejs/node/pull/35316+    description: End-of-Life. --> -Type: Runtime+Type: End-of-Life -Unhandled promise rejections are deprecated. In the future, promise rejections-that are not handled will terminate the Node.js process with a non-zero exit+Unhandled promise rejections are deprecated. Promise rejections+that are not handled terminate the Node.js process with a non-zero exit

It might be good to discuss the command line flag to alter behavior here. At the very least, include a reference to the relevant docs

Trott

comment created time in 6 days

push eventjasnell/node

James M Snell

commit sha 4537c1de5a586ad70c1ba63cff72c979ce20e662

crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com>

view details

push time in 7 days

push eventjasnell/node

James M Snell

commit sha d40a99c801f81991c30a2b06a0b373ddf9e5f05b

crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com>

view details

push time in 7 days

push eventjasnell/node

James M Snell

commit sha 31dfbd500e6242b8cd4aa0fd4b19d955eb37a4a1

crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com>

view details

push time in 7 days

PullRequestReviewEvent

push eventjasnell/node

James M Snell

commit sha 6ee370370b7b5ac4d5a5d8980b26f9b47d5301f9

crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com>

view details

push time in 7 days

push eventjasnell/node

James M Snell

commit sha 9b614fe70f4b0329644a00c371a9d705c2ab0b4e

crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com>

view details

push time in 7 days

push eventjasnell/node

James M Snell

commit sha 643143c61516ccecf7fdbf769e6fd09fe02c8179

crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com>

view details

push time in 7 days

push eventjasnell/node

James M Snell

commit sha 208c41e484eb573620bc13be88d5b548433e0dee

crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com>

view details

push time in 8 days

issue commentnodejs/node

npm run fails on Windows10 with WSL2

I agree. This is not a Node.js issue. The npm client is the one that manages the .bin directory and attempts to invoke those. I recommend opening an issue with npm instead and agree that this is a wontfix.

wgorski

comment created time in 9 days

issue commentnodejs/node

workers, crypto: passing KeyObject as workerData crashes

I was going to work up the fix this next week as part of #35093 but if someone wants to pick it up, feel free!

jasnell

comment created time in 9 days

push eventjasnell/node

James M Snell

commit sha cd67a0d476a4f47c2274192c1aa60e7ad1c67ebb

crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com>

view details

push time in 9 days

PullRequestReviewEvent
PullRequestReviewEvent

push eventjasnell/node

James M Snell

commit sha 41928639df3656fb1b0e384feaa40ac37bc43eb9

crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com>

view details

push time in 10 days

issue openednodejs/node

workers: insufficient detail when cloneable deserialization fails

Suppose we have an internal object that we want to make cloneable to a Worker..

class MyObject extends JSTransferable {
  constructor() {}

  [kClone]() {
    return {
      data: {},
      deserializeInfo: 'internal/whatever'
    };
  }

  [kDeserialize]({}) {}
}

If the deserializeInfo property is missing or incorrect, the deserialization of the object fails silently with no information about the failure given.

created time in 10 days

issue commentnodejs/node

workers, crypto: passing KeyObject as workerData crashes

Ok... yeah, it's what I suspected... KeyObjectHandle::Create() depends on env->crypto_key_object_handle_constructor() being set, which it is not until internalBinding('crypto') is called... so when the attempt is made to deserialize the KeyObject in the Worker, we get a crash.

jasnell

comment created time in 10 days

issue openednodejs/node

workers, crypto: passing KeyObject as workerData crashes

@addaleax ... The following segfaults on master and 14.x ...

I'll be investigating shortly...

'use strict';

const { createSecretKey } = require('crypto');

const { Worker, isMainThread, workerData } = require('worker_threads');

if (isMainThread) {
  const key = createSecretKey(Buffer.from('hello'));
  new Worker(__filename, { workerData: key });
} else {
  console.log(workerData);
}

lldb yields...

james@ubuntu:~/node/node$ lldb -- node ../tmp/test
(lldb) target create "node"
Current executable set to 'node' (x86_64).
(lldb) settings set -- target.run-args  "../tmp/test"
(lldb) r
Process 20852 launched: '/home/james/node/node/node' (x86_64)
Process 20852 stopped
* thread #2, name = 'node', stop reason = signal SIGSEGV: invalid address (fault address: 0x0)
    frame #0: 0x00005555560fb837 node`v8::internal::(anonymous namespace)::Invoke(v8::internal::Isolate*, v8::internal::(anonymous namespace)::InvokeParams const&) + 103
node`v8::internal::(anonymous namespace)::Invoke:
->  0x5555560fb837 <+103>: movq   (%r13), %rax
    0x5555560fb83b <+107>: testb  $0x1, %al
    0x5555560fb83d <+109>: jne    0x5555560fba10            ; <+576>
    0x5555560fb843 <+115>: movl   0x3320(%rbx), %r13d
(lldb) bt
* thread #2, name = 'node', stop reason = signal SIGSEGV: invalid address (fault address: 0x0)
  * frame #0: 0x00005555560fb837 node`v8::internal::(anonymous namespace)::Invoke(v8::internal::Isolate*, v8::internal::(anonymous namespace)::InvokeParams const&) + 103
    frame #1: 0x00005555560fcb7d node`v8::internal::Execution::New(v8::internal::Isolate*, v8::internal::Handle<v8::internal::Object>, v8::internal::Handle<v8::internal::Object>, int, v8::internal::Handle<v8::internal::Object>*) + 109
    frame #2: 0x0000555555f8f01f node`v8::Function::NewInstanceWithSideEffectType(v8::Local<v8::Context>, int, v8::Local<v8::Value>*, v8::SideEffectType) const + 415
    frame #3: 0x0000555555ee51d8 node`node::crypto::KeyObjectHandle::Create(node::Environment*, std::shared_ptr<node::crypto::KeyObjectData>) + 40
    frame #4: 0x0000555555ee6f91 node`node::crypto::NativeKeyObject::KeyObjectTransferData::Deserialize(node::Environment*, v8::Local<v8::Context>, std::unique_ptr<node::worker::TransferData, std::default_delete<node::worker::TransferData> >) + 385
    frame #5: 0x0000555555d73130 node`node::worker::Message::Deserialize(node::Environment*, v8::Local<v8::Context>) + 464
    frame #6: 0x0000555555d78335 node`node::worker::MessagePort::ReceiveMessage(v8::Local<v8::Context>, bool) + 1605
    frame #7: 0x0000555555d788b8 node`node::worker::MessagePort::OnMessage() + 312
    frame #8: 0x000055555686c8c6 node`uv__async_io(loop=0x00007ffff447ba48, w=<unavailable>, events=<unavailable>) at async.c:163
    frame #9: 0x0000555556880f84 node`uv__io_poll(loop=0x00007ffff447ba48, timeout=<unavailable>) at linux-core.c:461
    frame #10: 0x000055555686d1fa node`uv_run(loop=0x00007ffff447ba48, mode=UV_RUN_DEFAULT) at core.c:385
    frame #11: 0x0000555555e00336 node`node::worker::Worker::Run() + 5766
    frame #12: 0x0000555555e00707 node`node::worker::Worker::StartThread(v8::FunctionCallbackInfo<v8::Value> const&)::'lambda'(void*)::_FUN(void*) + 71
    frame #13: 0x00007ffff707a6db libpthread.so.0`start_thread + 219
    frame #14: 0x00007ffff6da3a3f libc.so.6`__GI___clone at clone.S:95
(lldb)

created time in 10 days

push eventjasnell/node

James M Snell

commit sha 35631fccb97c6022f4095de4f38e664cdb075b71

crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com>

view details

push time in 10 days

push eventjasnell/node

James M Snell

commit sha 96d4323c35c180a1c40620c00595d9ca4498cae6

crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com>

view details

push time in 10 days

push eventjasnell/node

James M Snell

commit sha 07bb2c27233f99d51f14273f18901fff9df3a5a0

fixup! crypto: refactoring internals, add WebCrypto

view details

push time in 11 days

push eventjasnell/node

James M Snell

commit sha 3fd9ff38192dd0b171232f55a07a052634960da3

crypto: move node_crypto files to src/crypto Signed-off-by: James M Snell <jasnell@gmail.com>

view details

James M Snell

commit sha feea78f546134b21b814a93c5ab9ab0e27eb27b2

crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com>

view details

push time in 11 days

issue closednodejs/node

[discuss] event loop idle metrics

@trevnorris is working on landing a change to libuv that will track and report the amount of time the event loop spends in idle time. It's an extremely useful metric that can provide for us a measurement of "event loop utilization". In a world of worker threads, monitoring CPU no longer becomes an effective way of monitoring performance and event loop delay is not enough on it's own, so having a built in mechanism for measuring event loop utilization would be fantastic. While there is some work still to be done to get the PR landed in libuv and get that new libuv version landed in core, I did want to briefly discuss how the new metric should be exposed in core.

In this comment @trevnorris suggests a simple performance.idleTime() that returns the direct value of this metric, which records the cumulative time spent in idle since the loop was configured to track. To calculate event loop utilization, however, we also need to know how long the event loop has been running (well, to be specific, how long it's been since the loop was configured to collect the data, which can be turned on but not turned off). Assuming we started the loop and started collecting the metric from the start, we do already record the start time of the event loop (using the performance milestones) so someone could calculate the utilization on their own by accessing those values. However, I think it might make more sense for us to just do the calculation for users and provide an API like performance.idleTime() that returns an object with two values { idle: n, utilization: y } where idle is the raw idle time and utilization is the calculated utilization value. The API should be very low cost to sample using AliasedArray or AliasedStruct as a backing.

/cc @nodejs/diagnostics @addaleax @mcollina

closed time in 11 days

jasnell

push eventjasnell/node

Michael Dawson

commit sha fe293e914c3b9a65d2024971ebbefcf8a93dc549

doc: add technical values document As part of the [next-10](https://github.com/nodejs/next-10) we found we needed to capture the project's technical values/priorities as a starting point before discussing key technologies/areas for the next 10 years of Node.js This is a first cut that the team put together. The discussion took place in a few meetings as well as this [PR](https://github.com/nodejs/next-10/pull/11). We believe the doc should live in the core node repository as it is intended to reflect the agreement of the collaborator base. I think this is a good starting point but we also acknowledge that only a small subset of the Node.js collaborators have participated/commented so far. This PR should be a good way to get additional review/input from the larger set of Node.js collaborators. Signed-off-by: Michael Dawson <mdawson@devrus.com> PR-URL: https://github.com/nodejs/node/pull/35145 Reviewed-By: Christopher Hiller <boneskull@boneskull.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Richard Lau <riclau@uk.ibm.com> Reviewed-By: Beth Griggs <Bethany.Griggs@uk.ibm.com> Reviewed-By: Anto Aravinth <anto.aravinth.cse@gmail.com> Reviewed-By: Daijiro Wachi <daijiro.wachi@gmail.com> Reviewed-By: Stephen Belanger <admin@stephenbelanger.com> Reviewed-By: Ruy Adorno <ruyadorno@github.com> Reviewed-By: Andrey Pechkurov <apechkurov@gmail.com> Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com> Reviewed-By: Ash Cripps <acripps@redhat.com> Reviewed-By: Ben Coe <bencoe@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com> Reviewed-By: Pranshu Srivastava <rexagod@gmail.com>

view details

Phillip Johnsen

commit sha c24ad832bbc6476eeb90deafdebb758ecd68d0de

build: increase API requests for stale action The second attempt at getting the auto closing of issues & PRs to work as expected without hitting a maximum operations allowed error we've been seeing. Recently discovered that the mentioned error is actually self imposed by the stale action itself. It keeps track of how many outgoing GitHub API requests it performs, and if that count exceeds the configured `operations-per-run` option, it exits to avoid hitting API rate limits. Default `operations-per-run` value is set to `30`. That's a very low limit and we're not at all concerned hitting that rate limit as of now, so we're bumping `operations-per-run` to `500` with these changes. Refs https://github.com/nodejs/node/issues/35144 PR-URL: https://github.com/nodejs/node/pull/35235 Reviewed-By: Mary Marchini <oss@mmarchini.me> Reviewed-By: Daijiro Wachi <daijiro.wachi@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>

view details

cjihrig

commit sha c314c04079bbf93d786a5855d0eaaed30d36820e

test: add wasi readdir() test This commit provides coverage for __wasi_fd_readdir(). PR-URL: https://github.com/nodejs/node/pull/35202 Reviewed-By: Gus Caplan <me@gus.host> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Jiawen Geng <technicalcute@gmail.com>

view details

Turner Jabbour

commit sha 59ca56eddefc78bab87d7e8e074b3af843ab1bc3

doc: fix small grammatical issues in timers.md PR-URL: https://github.com/nodejs/node/pull/35203 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Rich Trott <rtrott@gmail.com>

view details

Gerhard Stoebich

commit sha c9506a8f3e9bc5c679151feb39198023154464ab

n-api: add more property defaults Add a default value for class method and js like property in enum napi_property_attributes. n-api currently offers only one default which is non configurable, non writable, non enumerable - like Object.defineProperty(). While this is formal correct the usual way to create properties in JS is either by defining a class or use obj.prop = value. The defaults from these variants are now backed into enum values. PR-URL: https://github.com/nodejs/node/pull/35214 Refs: https://github.com/nodejs/node-addon-api/issues/811 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Gabriel Schulhof <gabriel.schulhof@intel.com>

view details

Guy Bedford

commit sha 2d868fe822af00c65c9487546e0f313ef3d04564

module: exports pattern support PR-URL: https://github.com/nodejs/node/pull/34718 Reviewed-By: Jan Krems <jan.krems@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com>

view details

Rich Trott

commit sha 018a6a4ab13247958a2db3203e15e4338f87c6dc

doc: fix header level for error code PR-URL: https://github.com/nodejs/node/pull/35219 Reviewed-By: Daijiro Wachi <daijiro.wachi@gmail.com> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>

view details

Rich Trott

commit sha 14e98825a1e35f17b03aab22db52bc81e3a3ec94

doc: alphabetize error list PR-URL: https://github.com/nodejs/node/pull/35219 Reviewed-By: Daijiro Wachi <daijiro.wachi@gmail.com> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>

view details

Michaël Zasso

commit sha ed8af4e93831d3cf21d5562e900371d796b5fa20

doc: add issue labels sections to release guide PR-URL: https://github.com/nodejs/node/pull/35224 Reviewed-By: Beth Griggs <Bethany.Griggs@uk.ibm.com> Reviewed-By: Richard Lau <riclau@uk.ibm.com> Reviewed-By: Daijiro Wachi <daijiro.wachi@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Rich Trott <rtrott@gmail.com>

view details

James M Snell

commit sha 0dbdd2921a44f01bbd4efa4bb8f484ccb35d9d5e

crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com>

view details

push time in 11 days

push eventjasnell/node

push time in 11 days

Pull request review commentnodejs/node

[WIP] crypto: refactor crypto subsystem and introduce WebCrypto API

 using v8::Value; namespace crypto { namespace Timing { +struct BigIntInfo {+  int sign_bit;+  int word_count;+  std::unique_ptr<uint64_t> words;+};++void TimingSafeEqualBigInt(const FunctionCallbackInfo<Value>& args) {+  Environment* env = Environment::GetCurrent(args);+  if (!args[0]->IsBigInt()) {+    THROW_ERR_INVALID_ARG_TYPE(+      env, "The \"val1\" argument must be a bigint.");+    return;+  }+  if (!args[1]->IsBigInt()) {+    THROW_ERR_INVALID_ARG_TYPE(+      env, "The \"val2\" argument must be a bigint.");+    return;+  }++  BigIntInfo inf1 {};+  BigIntInfo inf2 {};++  Local<v8::BigInt> b1 = args[0].As<v8::BigInt>();+  Local<v8::BigInt> b2 = args[1].As<v8::BigInt>();++  inf1.word_count = b1->WordCount();+  inf2.word_count = b2->WordCount();++  if (inf1.word_count != inf2.word_count)+    return args.GetReturnValue().Set(false);++  inf1.words.reset(Malloc<uint64_t>(inf1.word_count));+  inf2.words.reset(Malloc<uint64_t>(inf1.word_count));++  b1->ToWordsArray(&inf1.sign_bit, &inf1.word_count, inf1.words.get());+  b2->ToWordsArray(&inf2.sign_bit, &inf2.word_count, inf2.words.get());

Tell you what, I don't want this PR to be held up on this particular point so I'm going to remove this commit and push it to a separate PR after we get the rest of the changes here resolved

jasnell

comment created time in 11 days

PullRequestReviewEvent

push eventjasnell/node

James M Snell

commit sha 1e79dbf827654d5813d97bddc9fb9819b0075aff

crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com>

view details

James M Snell

commit sha 8ed1601508f6140ff77bb375e1fe51eb3eadfef6

crypto: add timingSafeEqual.bigint Variation on timingSafeEqual that uses a constant time algorithm to compare bigints.

view details

push time in 11 days

Pull request review commentnodejs/node

[WIP] crypto: refactor crypto subsystem and introduce WebCrypto API

 using v8::Value; namespace crypto { namespace Timing { +struct BigIntInfo {+  int sign_bit;+  int word_count;+  std::unique_ptr<uint64_t> words;+};++void TimingSafeEqualBigInt(const FunctionCallbackInfo<Value>& args) {+  Environment* env = Environment::GetCurrent(args);+  if (!args[0]->IsBigInt()) {+    THROW_ERR_INVALID_ARG_TYPE(+      env, "The \"val1\" argument must be a bigint.");+    return;+  }+  if (!args[1]->IsBigInt()) {+    THROW_ERR_INVALID_ARG_TYPE(+      env, "The \"val2\" argument must be a bigint.");+    return;+  }++  BigIntInfo inf1 {};+  BigIntInfo inf2 {};++  Local<v8::BigInt> b1 = args[0].As<v8::BigInt>();+  Local<v8::BigInt> b2 = args[1].As<v8::BigInt>();++  inf1.word_count = b1->WordCount();+  inf2.word_count = b2->WordCount();++  if (inf1.word_count != inf2.word_count)+    return args.GetReturnValue().Set(false);++  inf1.words.reset(Malloc<uint64_t>(inf1.word_count));+  inf2.words.reset(Malloc<uint64_t>(inf1.word_count));++  b1->ToWordsArray(&inf1.sign_bit, &inf1.word_count, inf1.words.get());+  b2->ToWordsArray(&inf2.sign_bit, &inf2.word_count, inf2.words.get());

It just passes along whatever is stored in the internal representation – I know that because I wrote it. ;)

Heh... yeah I figured you may have. I was speaking more about the contract of the call and not necessarily how it's implemented internally, but we definitely should get clarity on this. Btw, this kind of thing is exactly why this is in a separate commit ;-)

jasnell

comment created time in 11 days

PullRequestReviewEvent

push eventjasnell/node

James M Snell

commit sha d4294933e3167b83420886f2ddd018af40be77e9

crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com>

view details

James M Snell

commit sha e9000ae677dd02cd21960703421b41459b62bccc

crypto: add timingSafeEqual.bigint Variation on timingSafeEqual that uses a constant time algorithm to compare bigints.

view details

push time in 11 days

Pull request review commentnodejs/node

[WIP] crypto: refactor crypto subsystem and introduce WebCrypto API

 using v8::Value; namespace crypto { namespace Timing { +struct BigIntInfo {+  int sign_bit;+  int word_count;+  std::unique_ptr<uint64_t> words;+};++void TimingSafeEqualBigInt(const FunctionCallbackInfo<Value>& args) {+  Environment* env = Environment::GetCurrent(args);+  if (!args[0]->IsBigInt()) {+    THROW_ERR_INVALID_ARG_TYPE(+      env, "The \"val1\" argument must be a bigint.");+    return;+  }+  if (!args[1]->IsBigInt()) {+    THROW_ERR_INVALID_ARG_TYPE(+      env, "The \"val2\" argument must be a bigint.");+    return;+  }++  BigIntInfo inf1 {};+  BigIntInfo inf2 {};++  Local<v8::BigInt> b1 = args[0].As<v8::BigInt>();+  Local<v8::BigInt> b2 = args[1].As<v8::BigInt>();++  inf1.word_count = b1->WordCount();+  inf2.word_count = b2->WordCount();++  if (inf1.word_count != inf2.word_count)+    return args.GetReturnValue().Set(false);++  inf1.words.reset(Malloc<uint64_t>(inf1.word_count));+  inf2.words.reset(Malloc<uint64_t>(inf1.word_count));++  b1->ToWordsArray(&inf1.sign_bit, &inf1.word_count, inf1.words.get());+  b2->ToWordsArray(&inf2.sign_bit, &inf2.word_count, inf2.words.get());

Let's see if we can get clarification from @nodejs/v8, however, I still think we're fine. Regardless of what V8 chooses to do internally, BigInt::WordCount() should still return the minimal number of words necessary to encode the value and a quick test shows that it does.

jasnell

comment created time in 11 days

PullRequestReviewEvent

push eventjasnell/node

James M Snell

commit sha c81dd200599a24b17ed8bd08ef2cf44717a75228

crypto: refactoring internals, add WebCrypto Fixes: https://github.com/nodejs/node/issues/678 Refs: https://github.com/nodejs/node/issues/26854 Signed-off-by: James M Snell <jasnell@gmail.com>

view details

James M Snell

commit sha 5debc854640205fedd9418a796c62a3cb4f5d315

crypto: add timingSafeEqual.bigint Variation on timingSafeEqual that uses a constant time algorithm to compare bigints.

view details

push time in 11 days

Pull request review commentnodejs/node

[WIP] crypto: refactor crypto subsystem and introduce WebCrypto API

 crypto.randomFill(buf, 5, 5, (err, buf) => { }); ``` -Any `TypedArray` or `DataView` instance may be passed as `buffer`.+Any `ArrayBuffer` `TypedArray` or `DataView` instance may be passed as

Note also that nearly all of the WebCrypto API promises that do not resolve as CryptoKey or boolean resolve as ArrayBuffer.

jasnell

comment created time in 11 days

PullRequestReviewEvent

Pull request review commentnodejs/node

[WIP] crypto: refactor crypto subsystem and introduce WebCrypto API

 inline void NODE_SET_PROTOTYPE_METHOD(v8::Local<v8::FunctionTemplate> recv, #define NODE_SET_PROTOTYPE_METHOD node::NODE_SET_PROTOTYPE_METHOD  // BINARY is a deprecated alias of LATIN1.-enum encoding {ASCII, UTF8, BASE64, UCS2, BINARY, HEX, BUFFER, LATIN1 = BINARY};+// BASE64URL is not currently exposed to the JavaScript side.+enum encoding {+  ASCII,+  UTF8,+  BASE64,+  BASE64URL,

Yeah.. unfortunately because that's a bit messy because of the LATIN1 = BINARY ... I'm not 100% clear, is the following ABI breaking also or do we have to put BASE64URL after LATIN1?

// Can we do this without breaking ABI...
enum encoding {
  ASCII,
  UTF8,
  BASE64,
  UCS2,
  BINARY,
  HEX,
  BUFFER,
  BASE64URL,
  LATIN1 = BINARY,
};
// Or does it have to be this
enum encoding {
  ASCII,
  UTF8,
  BASE64,
  UCS2,
  BINARY,
  HEX,
  BUFFER,
  LATIN1 = BINARY,
  // Because LATIN1 is set explicitly to equal BINARY, we
  // have to explicitly set BASE64URL to a value to continue
  // on, otherwise it will be set to BINARY + 1...
  BASE64URL = 7
};
jasnell

comment created time in 11 days

PullRequestReviewEvent

Pull request review commentnodejs/node

[WIP] crypto: refactor crypto subsystem and introduce WebCrypto API

+# WebCrypto API++<!-- introduced_in=REPLACEME -->++> Stability: 0 - Experimental++<!-- source_link=lib/crypto/promises.js -->++The `crypto/promises` module provides an implementation of the standard+[WebCrypto API][].++Use `require('crypto/promises')` to access this module.++```js+const { subtle } = require('crypto/promises');++(async function() {++  const key = await subtle.generateKey({+    name: 'hmac',+    length: 123+  }, true, ['sign', 'verify']);++  const digest = await subtle.sign({+    name: 'hmac'+  }, key, 'I love cupcakes');++})();+```++## Determining if WebCrypto API support is unavailable++It is possible for Node.js to be built without including support for the+`crypto/promises` module. In such cases, calling `require('crypto/promises')`+will result in an error being thrown.++```js+let crypto;+try {+  crypto = require('crypto/promises');+} catch (err) {+  console.log('crypto support is disabled!');+}+```++## Examples++### Generating keys++The {SubtleCrypto} class can be used to generate symmetric (secret) keys+or asymmetric key pairs (public key and private key).++#### AES keys++```js+const { subtle } = require('crypto/promises');++async function generateAesKey(length = 256) {+  const key = await subtle.generateKey({+    name: 'AES-CBC',+    length+  }, true, ['encrypt', 'decrypt']);++  return key;+}+```++#### Elliptic curve key pairs++```js+const { subtle } = require('crypto/promises');++async function generateEcKey(namedCurve = 'P-521') {+  const {+    publicKey,+    privateKey+  } = await subtle.generateKey({+    name: 'ECDSA',+    namedCurve,+  }, true, ['sign', 'verify']);++  return { publicKey, privateKey };+}+```++#### HMAC keys++```js+const { subtle } = require('crypto/promises');++async function generateAesKey(hash = 'SHA-256') {+  const key = await subtle.generateKey({+    name: 'HMAC',+    hash+  }, true, ['sign', 'verify']);++  return key;+}+```++#### RSA key pairs++```js+const { subtle } = require('crypto/promises');+const publicExponent = new Uint8Array([1, 0, 1]);++async function generateRsaKey(modulusLength = 2048, hash = 'SHA-256') {+  const {+    publicKey,+    privateKey+  } = await subtle.generateKey({+    name: 'RSASSA-PKCS1-v1_5',+    modulusLength,+    publicExponent,+    hash,+  }, true, ['encrypt', 'decrypt']);++  return { publicKey, privateKey };+}+```++### Encryption and decryption++```js+const { subtle, getRandomValues } = require('crypto/promises');++async function aesEncrypt(plaintext) {+  const ec = new TextEncoder();+  const key = await generateAesKey();+  const iv = getRandomValues(new Uint8Array(16));++  const ciphertext = await subtle.encrypt({+    name: 'AES-CBC',+    iv,+  }, key, ec.encode(plaintext));++  return {+    key,+    iv,+    ciphertext+  };+}++async function aesDecrypt(ciphertext, key, iv) {+  const dec = new TextDecoder();+  const plaintext = await subtle.decrypt({+    name: 'AES-CBC',+    iv,+  }, key, ciphertext);++  return dec.decode(plaintext);+}+```++### Exporting and importing keys++```js+const { subtle } = require('crypto/promises');++async function generateAndExportHmacKey(format = 'jwk', hash = 'SHA-512') {+  const key = await subtle.generateKey({+    name: 'HMAC',+    hash+  }, true, ['sign', 'verify']);++  return subtle.exportKey(format, key);+}++async function importHmacKey(keyData, format = 'jwk', hash = 'SHA-512') {+  const key = await subtle.importKey(format, keyData, {+    name: 'HMAC',+    hash+  }, true, ['sign', 'verify']);++  return key;+}+```++### Wrapping and unwrapping keys++```js+const { subtle } = require('crypto/promises');++async function generateAndWrapHmacKey(format = 'jwk', hash = 'SHA-512') {+  const [+    key,+    wrappingKey+  ] = await Promise.all([+    subtle.generateKey({+      name: 'HMAC', hash+    }, true, ['sign', 'verify']),+    subtle.generateKey({+      name: 'AES-KW',+      length: 256+    }, true, ['wrapKey', 'unwrapKey'])+  ]);++  const wrappedKey = await subtle.wrapKey(format, key, wrappingKey, 'AES-KW');++  return wrappedKey;+}++async function unwrapHmacKey(+  wrappedKey,+  wrappingKey,+  format = 'jwk',+  hash = 'SHA-512') {++  const key = await subtle.unwrapKey(+    format,+    wrappedKey,+    unwrappingKey,+    'AES-KW',+    { name: 'HMAC', hash },+    true,+    ['sign', 'verify']);++  return key;+}+```++### Sign and verify++```js+const { subtle } = require('crypto/promises');++async function sign(key, data) {+  const ec = new TextEncoder();+  const signature =+    await subtle.sign('RSASSA-PKCS1-v1_5', key, ec.encode(data));+  return signature;+}++async function verify(key, signature, data) {+  const ec = new TextEncoder();+  const verified =+    await subtle.verify(+      'RSASSA-PKCS1-v1_5',+      key,+      signature,+      ec.encode(data));+  return verified;+}+```++### Deriving bits and keys++```js+const { subtle } = require('crypto/promises');++async function pbkdf2(pass, salt, iterations = 1000, length = 256) {+  const ec = new TextEncoder();+  const key = await subtle.importKey(+    'raw',+    ec.encode(pass),+    'PBKDF2',+    false,+    ['deriveBits']);+  const bits = await subtle.deriveBits({+    name: 'PBKDF2',+    hash: 'SHA-512',+    salt: ec.encode(salt),+    iterations+  }, key, length);+  return bits;+}++async function pbkdf2Key(pass, salt, iterations = 1000, length = 256) {+  const ec = new TextEncoder();+  const keyMaterial = await subtle.importKey(+    'raw',+    ec.encode(pass),+    'PBKDF2',+    false,+    ['deriveBits']);+  const key = await subtle.deriveKey({+    name: 'PBKDF2',+    hash: 'SHA-512',+    salt: ec.encode(salt),+    iterations+  }, keyMaterial, {+    name: 'AES-GCM',+    length: 256+  }, true, ['encrypt', 'decrypt']);+  return key;+}+```++### Digest++```js+const { subtle } = require('crypto/promises');++async function digest(data, algorithm = 'SHA-512') {+  const ec = new TextEncoder();+  const digest = await subtle.digest(algorithm, ec.encode(data));+  return digest;+}+```++## Class: `Crypto`

I'll be going through and adding all of the necessary YAML metadata throughout the document soon.

jasnell

comment created time in 11 days

PullRequestReviewEvent

Pull request review commentnodejs/node

[WIP] crypto: refactor crypto subsystem and introduce WebCrypto API

 constexpr size_t kFsStatsBufferLength =   V(isclosing_string, "isClosing")                                             \   V(issuer_string, "issuer")                                                   \   V(issuercert_string, "issuerCertificate")                                    \+  V(jwk_d_string, "d")                                                         \+  V(jwk_dp_string, "dp")                                                       \+  V(jwk_dq_string, "dq")                                                       \+  V(jwk_dsa_string, "DSA")                                                     \+  V(jwk_e_string, "e")                                                         \+  V(jwk_ec_string, "EC")                                                       \+  V(jwk_g_string, "g")                                                         \+  V(jwk_k_string, "k")                                                         \+  V(jwk_p_string, "p")                                                         \+  V(jwk_q_string, "q")                                                         \+  V(jwk_qi_string, "qi")                                                       \+  V(jwk_kty_string, "kty")                                                     \+  V(jwk_n_string, "n")                                                         \+  V(jwk_oct_string, "oct")                                                     \+  V(jwk_rsa_string, "RSA")                                                     \+  V(jwk_x_string, "x")                                                         \+  V(jwk_y_string, "y")                                                         \

FWIW, longer term, I'd prefer to move these very specific strings out of the Environment and into the module-specific state binding.

jasnell

comment created time in 11 days

PullRequestReviewEvent

Pull request review commentnodejs/node

[WIP] crypto: refactor crypto subsystem and introduce WebCrypto API

 constexpr size_t kFsStatsBufferLength =   V(isclosing_string, "isClosing")                                             \   V(issuer_string, "issuer")                                                   \   V(issuercert_string, "issuerCertificate")                                    \+  V(jwk_d_string, "d")                                                         \+  V(jwk_dp_string, "dp")                                                       \+  V(jwk_dq_string, "dq")                                                       \+  V(jwk_dsa_string, "DSA")                                                     \+  V(jwk_e_string, "e")                                                         \+  V(jwk_ec_string, "EC")                                                       \+  V(jwk_g_string, "g")                                                         \+  V(jwk_k_string, "k")                                                         \+  V(jwk_p_string, "p")                                                         \+  V(jwk_q_string, "q")                                                         \+  V(jwk_qi_string, "qi")                                                       \+  V(jwk_kty_string, "kty")                                                     \+  V(jwk_n_string, "n")                                                         \+  V(jwk_oct_string, "oct")                                                     \+  V(jwk_rsa_string, "RSA")                                                     \+  V(jwk_x_string, "x")                                                         \+  V(jwk_y_string, "y")                                                         \

Well... yes and no... there are plenty of examples in that list like crypto_*_string(), dns_*_string() that don't follow that pattern, and having the prefix makes it much easier to understand the intended context. I'd prefer to keep the prefixes.

jasnell

comment created time in 11 days

PullRequestReviewEvent

Pull request review commentnodejs/node

[WIP] crypto: refactor crypto subsystem and introduce WebCrypto API

+#ifndef SRC_CRYPTO_CRYPTO_UTIL_H_+#define SRC_CRYPTO_CRYPTO_UTIL_H_++#if defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS++#include "env.h"+#include "async_wrap.h"+#include "allocated_buffer.h"+#include "node_errors.h"+#include "node_internals.h"+#include "util.h"+#include "v8.h"+#include "string_bytes.h"++#include <openssl/err.h>+#include <openssl/evp.h>+#include <openssl/ec.h>+#include <openssl/kdf.h>+#include <openssl/rsa.h>+#include <openssl/dsa.h>+#include <openssl/ssl.h>+#ifndef OPENSSL_NO_ENGINE+#  include <openssl/engine.h>+#endif  // !OPENSSL_NO_ENGINE++#include <memory>+#include <string>+#include <vector>+#include <climits>+#include <cstdio>++namespace node {+namespace crypto {++// Currently known sizes of commonly used OpenSSL struct sizes.+// OpenSSL considers it's various structs to be opaque and the+// sizes may change from one version of OpenSSL to another, so+// these values should not be trusted to remain static. These+// are provided to allow for some close to reasonable memory+// tracking.+constexpr size_t kSizeOf_DH = 144;+constexpr size_t kSizeOf_EC_KEY = 80;+constexpr size_t kSizeOf_EVP_CIPHER_CTX = 168;+constexpr size_t kSizeOf_EVP_MD_CTX = 48;+constexpr size_t kSizeOf_EVP_PKEY = 72;+constexpr size_t kSizeOf_EVP_PKEY_CTX = 80;+constexpr size_t kSizeOf_HMAC_CTX = 32;++// Define smart pointers for the most commonly used OpenSSL types:+using X509Pointer = DeleteFnPtr<X509, X509_free>;+using BIOPointer = DeleteFnPtr<BIO, BIO_free_all>;+using SSLCtxPointer = DeleteFnPtr<SSL_CTX, SSL_CTX_free>;+using SSLSessionPointer = DeleteFnPtr<SSL_SESSION, SSL_SESSION_free>;+using SSLPointer = DeleteFnPtr<SSL, SSL_free>;+using PKCS8Pointer = DeleteFnPtr<PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_free>;+using EVPKeyPointer = DeleteFnPtr<EVP_PKEY, EVP_PKEY_free>;+using EVPKeyCtxPointer = DeleteFnPtr<EVP_PKEY_CTX, EVP_PKEY_CTX_free>;+using EVPMDPointer = DeleteFnPtr<EVP_MD_CTX, EVP_MD_CTX_free>;+using RSAPointer = DeleteFnPtr<RSA, RSA_free>;+using ECPointer = DeleteFnPtr<EC_KEY, EC_KEY_free>;+using BignumPointer = DeleteFnPtr<BIGNUM, BN_free>;+using NetscapeSPKIPointer = DeleteFnPtr<NETSCAPE_SPKI, NETSCAPE_SPKI_free>;+using ECGroupPointer = DeleteFnPtr<EC_GROUP, EC_GROUP_free>;+using ECPointPointer = DeleteFnPtr<EC_POINT, EC_POINT_free>;+using ECKeyPointer = DeleteFnPtr<EC_KEY, EC_KEY_free>;+using DHPointer = DeleteFnPtr<DH, DH_free>;+using ECDSASigPointer = DeleteFnPtr<ECDSA_SIG, ECDSA_SIG_free>;+using HMACCtxPointer = DeleteFnPtr<HMAC_CTX, HMAC_CTX_free>;+using CipherCtxPointer = DeleteFnPtr<EVP_CIPHER_CTX, EVP_CIPHER_CTX_free>;+using RsaPointer = DeleteFnPtr<RSA, RSA_free>;+using DsaPointer = DeleteFnPtr<DSA, DSA_free>;++// Our custom implementation of the certificate verify callback+// used when establishing a TLS handshake. Because we cannot perform+// I/O quickly enough with X509_STORE_CTX_ APIs in this callback,+// we ignore preverify_ok errors here and let the handshake continue.+// In other words, this VerifyCallback is a non-op. It is imperative+// that the user user Connection::VerifyError after the `secure`+// callback has been made.+extern int VerifyCallback(int preverify_ok, X509_STORE_CTX* ctx);++void InitCryptoOnce();++void InitCrypto(v8::Local<v8::Object> target);++extern void UseExtraCaCerts(const std::string& file);++unsigned long SetFips(bool on = true);  // NOLINT(runtime/int)++// Forcibly clear OpenSSL's error stack on return. This stops stale errors+// from popping up later in the lifecycle of crypto operations where they+// would cause spurious failures. It's a rather blunt method, though.+// ERR_clear_error() isn't necessarily cheap either.+struct ClearErrorOnReturn {+  inline ~ClearErrorOnReturn() { ERR_clear_error(); }+};++// Pop errors from OpenSSL's error stack that were added+// between when this was constructed and destructed.+struct MarkPopErrorOnReturn {+  inline MarkPopErrorOnReturn() { ERR_set_mark(); }+  inline ~MarkPopErrorOnReturn() { ERR_pop_to_mark(); }+};++// Ensure that OpenSSL has enough entropy (at least 256 bits) for its PRNG.+// The entropy pool starts out empty and needs to fill up before the PRNG+// can be used securely.  Once the pool is filled, it never dries up again;+// its contents is stirred and reused when necessary.+//+// OpenSSL normally fills the pool automatically but not when someone starts+// generating random numbers before the pool is full: in that case OpenSSL+// keeps lowering the entropy estimate to thwart attackers trying to guess+// the initial state of the PRNG.+//+// When that happens, we will have to wait until enough entropy is available.+// That should normally never take longer than a few milliseconds.+//+// OpenSSL draws from /dev/random and /dev/urandom.  While /dev/random may+// block pending "true" randomness, /dev/urandom is a CSPRNG that doesn't+// block under normal circumstances.+//+// The only time when /dev/urandom may conceivably block is right after boot,+// when the whole system is still low on entropy.  That's not something we can+// do anything about.+void CheckEntropy();++// Generate length bytes of random data. If this returns false, the data+// may not be truly random but it's still generally good enough.+bool EntropySource(unsigned char* buffer, size_t length);++int PasswordCallback(char* buf, int size, int rwflag, void* u);++int NoPasswordCallback(char* buf, int size, int rwflag, void* u);++template <typename T>+void Decode(const v8::FunctionCallbackInfo<v8::Value>& args,+            void (*callback)(T*, const v8::FunctionCallbackInfo<v8::Value>&,+                             const char*, size_t)) {+  T* ctx;+  ASSIGN_OR_RETURN_UNWRAP(&ctx, args.Holder());++  if (args[0]->IsString()) {+    StringBytes::InlineDecoder decoder;+    Environment* env = Environment::GetCurrent(args);+    enum encoding enc = ParseEncoding(env->isolate(), args[1], UTF8);+    if (decoder.Decode(env, args[0].As<v8::String>(), enc).IsNothing())+      return;+    callback(ctx, args, decoder.out(), decoder.size());+  } else {+    ArrayBufferViewContents<char> buf(args[0]);+    callback(ctx, args, buf.data(), buf.length());+  }+}++// Utility struct used to harvest error information from openssl's error stack+struct CryptoErrorVector : public std::vector<std::string> {+  void Capture();++  v8::MaybeLocal<v8::Value> ToException(+      Environment* env,+      v8::Local<v8::String> exception_string = v8::Local<v8::String>()) const;+};++// A helper class representing a read-only byte array. When deallocated, its+// contents are zeroed.+class ByteSource {+ public:+  ByteSource() = default;+  ByteSource(ByteSource&& other) noexcept;+  ~ByteSource();++  ByteSource& operator=(ByteSource&& other) noexcept;++  const char* get() const;++  template <typename T>+  const T* data() const { return reinterpret_cast<const T*>(get()); }++  size_t size() const;++  inline operator bool() const {+    return data_ != nullptr;+  }++  inline BIGNUM* ToBN() const {

Nope, in fact that's the right thing. Fixing.

jasnell

comment created time in 11 days

PullRequestReviewEvent

Pull request review commentnodejs/node

[WIP] crypto: refactor crypto subsystem and introduce WebCrypto API

 using v8::Value; namespace crypto { namespace Timing { +struct BigIntInfo {+  int sign_bit;+  int word_count;+  std::unique_ptr<uint64_t> words;

std::vector is better.

jasnell

comment created time in 11 days

more