Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

doc: warn about using strings as inputs in crypto #37248

Merged
merged 0 commits into from
Feb 9, 2021

Conversation

tniessen
Copy link
Member

@tniessen tniessen commented Feb 6, 2021

Passing Unicode strings to cryptographic APIs can negatively affect security and safety due to the way Unicode encoding works. This change adds appropriate warnings.

The bot will label this as crypto but it's probably more appropriate for @nodejs/documentation or @nodejs/buffer.

@tniessen tniessen added the doc Issues and PRs related to the documentations. label Feb 6, 2021
@nodejs-github-bot nodejs-github-bot added the crypto Issues and PRs related to the crypto subsystem. label Feb 6, 2021
@tniessen tniessen force-pushed the doc-crypto-warn-about-strings branch from 44d6475 to 4ebefd3 Compare February 6, 2021 16:05
Copy link
Member

@benjamingr benjamingr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM (with the marker lint stuff fixed.).

@tniessen tniessen added the author ready PRs that have at least one approval, no pending requests for changes, and a CI started. label Feb 6, 2021
doc/api/crypto.md Outdated Show resolved Hide resolved
@tniessen
Copy link
Member Author

tniessen commented Feb 6, 2021

Good point @Trott, fixed.

Copy link
Member

@jasnell jasnell left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We may want to consider eventually deprecating string use on these.

Copy link
Member

@Trott Trott left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM although I think the linter is going to want the bottom reference moved because they're in ASCII order so capitalization changes things.

@tniessen
Copy link
Member Author

tniessen commented Feb 6, 2021

We may want to consider eventually deprecating string use on these.

@jasnell I have been in favor of that for certain APIs for a long time. The last time I brought it up, I remember that @bnoordhuis was against that. Strings do make sense in some cases, e.g. for KDFs, but, in my opinion, not for symmetric keys etc. I am working on a PR that deprecates unsafe output encodings (not input encodings).

@tniessen tniessen added wip Issues and PRs that are still a work in progress. and removed wip Issues and PRs that are still a work in progress. labels Feb 6, 2021
doc/api/crypto.md Outdated Show resolved Hide resolved
@Trott
Copy link
Member

Trott commented Feb 9, 2021

Landed in 01e4228.

@Trott Trott closed this Feb 9, 2021
@Trott Trott force-pushed the doc-crypto-warn-about-strings branch from ba659df to 01e4228 Compare February 9, 2021 00:35
@Trott Trott merged commit 01e4228 into nodejs:master Feb 9, 2021
danielleadams pushed a commit that referenced this pull request Feb 16, 2021
PR-URL: #37248
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
This was referenced Feb 16, 2021
@tniessen tniessen removed the author ready PRs that have at least one approval, no pending requests for changes, and a CI started. label Feb 21, 2021
@tniessen tniessen deleted the doc-crypto-warn-about-strings branch February 21, 2021 11:57
tniessen added a commit to tniessen/node that referenced this pull request May 22, 2023
Add a reference to potential problems with using strings as HMAC keys.
Also advise against exceeding the underlying hash function's block size
when generating HMAC keys from a cryptographically secure source of
entropy.

Refs: nodejs#48052
Refs: nodejs#37248
nodejs-github-bot pushed a commit that referenced this pull request May 24, 2023
Add a reference to potential problems with using strings as HMAC keys.
Also advise against exceeding the underlying hash function's block size
when generating HMAC keys from a cryptographically secure source of
entropy.

Refs: #48052
Refs: #37248
PR-URL: #48121
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
targos pushed a commit that referenced this pull request May 30, 2023
Add a reference to potential problems with using strings as HMAC keys.
Also advise against exceeding the underlying hash function's block size
when generating HMAC keys from a cryptographically secure source of
entropy.

Refs: #48052
Refs: #37248
PR-URL: #48121
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
danielleadams pushed a commit that referenced this pull request Jul 6, 2023
Add a reference to potential problems with using strings as HMAC keys.
Also advise against exceeding the underlying hash function's block size
when generating HMAC keys from a cryptographically secure source of
entropy.

Refs: #48052
Refs: #37248
PR-URL: #48121
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
MoLow pushed a commit to MoLow/node that referenced this pull request Jul 6, 2023
Add a reference to potential problems with using strings as HMAC keys.
Also advise against exceeding the underlying hash function's block size
when generating HMAC keys from a cryptographically secure source of
entropy.

Refs: nodejs#48052
Refs: nodejs#37248
PR-URL: nodejs#48121
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Ceres6 pushed a commit to Ceres6/node that referenced this pull request Aug 14, 2023
Add a reference to potential problems with using strings as HMAC keys.
Also advise against exceeding the underlying hash function's block size
when generating HMAC keys from a cryptographically secure source of
entropy.

Refs: nodejs#48052
Refs: nodejs#37248
PR-URL: nodejs#48121
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Ceres6 pushed a commit to Ceres6/node that referenced this pull request Aug 14, 2023
Add a reference to potential problems with using strings as HMAC keys.
Also advise against exceeding the underlying hash function's block size
when generating HMAC keys from a cryptographically secure source of
entropy.

Refs: nodejs#48052
Refs: nodejs#37248
PR-URL: nodejs#48121
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
crypto Issues and PRs related to the crypto subsystem. doc Issues and PRs related to the documentations.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

10 participants