crypto: refactor crypto module

[jasnell]

Beginning of a larger bit of work on the crypto API and implementation.

Checklist

• make -j4 test (UNIX), or vcbuild test (Windows) passes
• tests and/or benchmarks are included
• commit message follows commit guidelines

Affected core subsystem(s)

crypto

[Trott]

Should this be labeled in progress?

[jasnell]

haven't decided yet lol.... the rest of what I want to do here should likely go into a separate PR. It's rather extensive

[jasnell]

ping @nodejs/crypto
ping @nodejs/tsc

[mcollina]

@jasnell why is this semver-major?

[jasnell]

While moving things around it also updates to use internal/errors

[targos]

Is it something that you would like to land before Node 9?

[jasnell]

I'd like to yes.

[targos]

nit: use printf-like syntax?

[targos]

We should probably document these and recommend their usage since it's useless to create an instance of the class. That can be done in another PR.

[jasnell]

Might as well do it in this PR

[jasnell]

Done!

[targos]

If I'm reading the C++ code correctly, with the previous undefined check, if a digest that is neither undefined nor a string is passed, a default value would be used. That includes null. Is this something that we want to break?

node/src/node_crypto.cc

Lines 5392 to 5403 in bf1ca8f

	if (args[4]->IsString()) {
	node::Utf8Value digest_name(env->isolate(), args[4]);
	digest = EVP_get_digestbyname(*digest_name);
	if (digest == nullptr) {
	type_error = "Bad digest name";
	goto err;
	}
	}
	if (digest == nullptr) {
	digest = EVP_sha1();
	}

[jasnell]

you're right. this should allow digest to be null so it will default. Will fix.

[targos]

nit: use printf-like syntax?

[jasnell]

I can, yeah, I tend to prefer this way but it's no biggie for me :-)

[targos]

I don't mind keeping it this way if that's what you prefer 👍

[jasnell]

nah... I'll change it. It's no biggie and I don't feel strongly about it

[jasnell]

@targos .. updated!

[targos]

Thanks. LGTM.

A CITGM run wouldn't hurt IMO.

[jasnell]

CI: https://ci.nodejs.org/job/node-test-pull-request/10067/
CITGM: https://ci.nodejs.org/view/Node.js-citgm/job/citgm-smoker/982/

[jasnell]

Not seeing anything of significant concern in CITGM. regular CI is still running.

[jasnell]

Btw, all... A big reason I'm going through all this is to work towards support for async crypto API variants. I will likely only pursue it, however, once async iterators have landed. The following is an example of what I'm looking to achieve:

const crypto = require('crypto');

async function hash(alg, data, enc) {
  const hash = crypto.createHash(alg);
  for await (const chunk of data) {
    hash.update(chunk);
  }
  return hash.digest(enc);
}

var n = 0;
async function* dataIterator() {
  while (n++ < 10)
    yield `testing${n}`;
}

const p = hash('sha256', dataIterator(), 'hex');
p.then(console.log).catch(console.error);

The async hash function above returns a Promise that uses an async iterator to feed data into the hash. async variants of hash, hmac, sign, verify, cipher and decipher are all trivially possible with this approach.

This, of course, does not really do much to help with performance on the TLS side, but it does provide a nice Promise-oriented API.

[indutny]

One question, otherwise LGTM.

[indutny]

Huh? Why?

[jasnell]

Because it segfaults with a double free without it!

[jasnell]

so this particular line of code was not being exercised previously because the input was always a Uint8Array. The if check above would always be true. If any of thing is passed, however, the Buffer would segfault when it tried to GC due to a double free.

[jasnell]

I will say that I'm not entirely sure this is the right approach to take on this! :-) (Copy might be better but I'm not entirely sure about that either)

[jasnell]

(The challenge here, btw, is that we have two TypedArray instances being created that cover the same data space... thinking about it now, copying the data would be best.)

[addaleax]

@jasnell What happens if the original Uint8Array is freed before this one?

[jasnell]

Yep, that's the exact weirdness I'm looking at. Looking at it again, I've just changed the if block above to s/isUint8Array/isArrayBufferView and everything works as it should :-)

[jasnell]

@indutny and @addaleax ... updated!

[indutny]

LGTM

[jasnell]

Thank you @indutny and @targos ... I will land this on Monday if there are no objections!

[jasnell]

Preland CI: https://ci.nodejs.org/job/node-test-pull-request/10121/

[jasnell]

small linting error fixed. Landing shortly.

[jasnell]

Landed in c75f87c

[jasnell]

The "notable change" here is that randomFill and randomFillSync can now fill any TypedArray with random data, it's not just limited to Buffer and Uint8Array any more.