From 0c7e5df7fecc76f64b45c3267c851eff2ac8c496 Mon Sep 17 00:00:00 2001 From: Zuzana Svetlikova Date: Wed, 19 Feb 2020 09:45:19 +0000 Subject: [PATCH 2/4] revert new features --- doc/api/crypto.md | 24 --- doc/api/errors.md | 5 - doc/api/https.md | 25 --- doc/api/tls.md | 117 +----------- doc/node.1 | 5 - lib/_http_agent.js | 24 +-- lib/_tls_common.js | 13 -- lib/_tls_wrap.js | 143 +-------------- lib/internal/crypto/cipher.js | 10 +- lib/internal/crypto/sig.js | 37 +--- src/env.h | 13 +- src/node_crypto.cc | 266 +--------------------------- src/node_crypto.h | 24 +-- src/node_errors.h | 2 - src/node_options.cc | 4 - src/node_options.h | 1 - src/tls_wrap.cc | 134 -------------- src/tls_wrap.h | 17 -- test/fixtures/rsa-oaep-test-vectors.js | 30 ---- test/parallel/test-crypto-rsa-dsa.js | 65 +++++-- test/parallel/test-crypto-sign-verify.js | 90 ++-------- test/parallel/test-https-agent-keylog.js | 44 ----- test/parallel/test-tls-enable-keylog-cli.js | 57 ------ test/parallel/test-tls-getcipher.js | 4 - test/parallel/test-tls-keylog-tlsv13.js | 10 +- test/parallel/test-tls-multi-key.js | 2 - test/parallel/test-tls-multi-pfx.js | 2 - test/parallel/test-tls-psk-circuit.js | 72 -------- test/parallel/test-tls-psk-errors.js | 32 ---- test/parallel/test-tls-psk-server.js | 77 -------- test/parallel/test-tls-set-sigalgs.js | 74 -------- test/sequential/test-tls-psk-client.js | 96 ---------- 32 files changed, 87 insertions(+), 1432 deletions(-) delete mode 100644 test/fixtures/rsa-oaep-test-vectors.js delete mode 100644 test/parallel/test-https-agent-keylog.js delete mode 100644 test/parallel/test-tls-enable-keylog-cli.js delete mode 100644 test/parallel/test-tls-psk-circuit.js delete mode 100644 test/parallel/test-tls-psk-errors.js delete mode 100644 test/parallel/test-tls-psk-server.js delete mode 100644 test/parallel/test-tls-set-sigalgs.js delete mode 100644 test/sequential/test-tls-psk-client.js diff --git a/doc/api/crypto.md b/doc/api/crypto.md index f727d6f..7e74977 100644 --- a/doc/api/crypto.md +++ b/doc/api/crypto.md @@ -1405,7 +1405,6 @@ changes: --> * `privateKey` {Object | string | Buffer | KeyObject} - * `dsaEncoding` {string} * `padding` {integer} * `saltLength` {integer} * `outputEncoding` {string} The [encoding][] of the return value. @@ -1418,10 +1417,6 @@ If `privateKey` is not a [`KeyObject`][], this function behaves as if `privateKey` had been passed to [`crypto.createPrivateKey()`][]. If it is an object, the following additional properties can be passed: -* `dsaEncoding` {string} For DSA and ECDSA, this option specifies the - format of the generated signature. It can be one of the following: - * `'der'` (default): DER-encoded ASN.1 signature structure encoding `(r, s)`. - * `'ieee-p1363'`: Signature format `r || s` as proposed in IEEE-P1363. * `padding` {integer} Optional padding value for RSA, one of the following: * `crypto.constants.RSA_PKCS1_PADDING` (default) * `crypto.constants.RSA_PKCS1_PSS_PADDING` @@ -1518,7 +1513,6 @@ changes: --> * `object` {Object | string | Buffer | KeyObject} - * `dsaEncoding` {string} * `padding` {integer} * `saltLength` {integer} * `signature` {string | Buffer | TypedArray | DataView} @@ -1532,10 +1526,6 @@ If `object` is not a [`KeyObject`][], this function behaves as if `object` had been passed to [`crypto.createPublicKey()`][]. If it is an object, the following additional properties can be passed: -* `dsaEncoding` {string} For DSA and ECDSA, this option specifies the - format of the generated signature. It can be one of the following: - * `'der'` (default): DER-encoded ASN.1 signature structure encoding `(r, s)`. - * `'ieee-p1363'`: Signature format `r || s` as proposed in IEEE-P1363. * `padding` {integer} Optional padding value for RSA, one of the following: * `crypto.constants.RSA_PKCS1_PADDING` (default) * `crypto.constants.RSA_PKCS1_PSS_PADDING` @@ -2427,9 +2417,6 @@ An array of supported digest functions can be retrieved using - -* `line` {Buffer} Line of ASCII text, in NSS `SSLKEYLOGFILE` format. -* `tlsSocket` {tls.TLSSocket} The `tls.TLSSocket` instance on which it was - generated. - -The `keylog` event is emitted when key material is generated or received by a -connection managed by this agent (typically before handshake has completed, but -not necessarily). This keying material can be stored for debugging, as it -allows captured TLS traffic to be decrypted. It may be emitted multiple times -for each socket. - -A typical use case is to append received lines to a common text file, which is -later used by software (such as Wireshark) to decrypt the traffic: - -```js -// ... -https.globalAgent.on('keylog', (line, tlsSocket) => { - fs.appendFileSync('/tmp/ssl-keys.log', line, { mode: 0o600 }); -}); -``` - ## Class: `https.Server` - -TLS-PSK support is available as an alternative to normal certificate-based -authentication. It uses a pre-shared key instead of certificates to -authenticate a TLS connection, providing mutual authentication. -TLS-PSK and public key infrastructure are not mutually exclusive. Clients and -servers can accommodate both, choosing either of them during the normal cipher -negotiation step. - -TLS-PSK is only a good choice where means exist to securely share a -key with every connecting machine, so it does not replace PKI -(Public Key Infrastructure) for the majority of TLS uses. -The TLS-PSK implementation in OpenSSL has seen many security flaws in -recent years, mostly because it is used only by a minority of applications. -Please consider all alternative solutions before switching to PSK ciphers. -Upon generating PSK it is of critical importance to use sufficient entropy as -discussed in [RFC 4086][]. Deriving a shared secret from a password or other -low-entropy sources is not secure. - -PSK ciphers are disabled by default, and using TLS-PSK thus requires explicitly -specifying a cipher suite with the `ciphers` option. The list of available -ciphers can be retrieved via `openssl ciphers -v 'PSK'`. All TLS 1.3 -ciphers are eligible for PSK but currently only those that use SHA256 digest are -supported they can be retrieved via `openssl ciphers -v -s -tls1_3 -psk`. - -According to the [RFC 4279][], PSK identities up to 128 bytes in length and -PSKs up to 64 bytes in length must be supported. As of OpenSSL 1.1.0 -maximum identity size is 128 bytes, and maximum PSK length is 256 bytes. - -The current implementation doesn't support asynchronous PSK callbacks due to the -limitations of the underlying OpenSSL API. - ### Client-initiated renegotiation attack mitigation @@ -861,27 +827,16 @@ changes: pr-url: https://github.com/nodejs/node/pull/26625 description: Return the minimum cipher version, instead of a fixed string (`'TLSv1/SSLv3'`). - - version: v12.16.0 - pr-url: https://github.com/nodejs/node/pull/30637 - description: Return the IETF cipher name as `standardName`. --> * Returns: {Object} - * `name` {string} OpenSSL name for the cipher suite. - * `standardName` {string} IETF name for the cipher suite. + * `name` {string} The name of the cipher suite. * `version` {string} The minimum TLS protocol version supported by this cipher suite. Returns an object containing information on the negotiated cipher suite. -For example: -```json -{ - "name": "AES128-SHA256", - "standardName": "TLS_RSA_WITH_AES_128_CBC_SHA256", - "version": "TLSv1.2" -} -``` +For example: `{ name: 'AES256-SHA', version: 'TLSv1.2' }`. See [SSL_CIPHER_get_name](https://www.openssl.org/docs/man1.1.1/man3/SSL_CIPHER_get_name.html) @@ -1082,18 +1037,6 @@ See [Session Resumption][] for more information. Note: `getSession()` works only for TLSv1.2 and below. For TLSv1.3, applications must use the [`'session'`][] event (it also works for TLSv1.2 and below). -### `tlsSocket.getSharedSigalgs()` - - -* Returns: {Array} List of signature algorithms shared between the server and -the client in the order of decreasing preference. - -See -[SSL_get_shared_sigalgs](https://www.openssl.org/docs/man1.1.1/man3/SSL_get_shared_sigalgs.html) -for more information. - ### `tlsSocket.getTLSTicket()`