Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

2024-11-12, Version 18.20.5 'Hydrogen' (LTS) #55768

Merged
merged 76 commits into from
Nov 12, 2024
Merged

2024-11-12, Version 18.20.5 'Hydrogen' (LTS) #55768

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
76 commits
Select commit Hold shift + click to select a range
c2e6a8f
benchmark: fix napi/ref addon
targos Jun 2, 2024
0092358
http: handle multi-value content-disposition header
ArsalanDotMe Dec 11, 2023
9f521f4
test: update tests for OpenSSL 3.0.14
richardlau Jun 10, 2024
627d399
test: fix unreliable assumption in js-native-api/test_cannot_run_js
joyeecheung Mar 1, 2024
6615fe5
src: fix dynamically linked OpenSSL version
richardlau Jun 14, 2024
fc43c68
test: update TLS tests for OpenSSL 3.2
richardlau Jun 9, 2024
cc3cdf7
test: check against run-time OpenSSL version
richardlau Jun 14, 2024
1320fb9
test: update TLS trace tests for OpenSSL >= 3.2
richardlau Jun 2, 2024
e9e3306
test: use assert.{s,deepS}trictEqual()
sonsurim Aug 4, 2024
a1f0c87
test: fix test-tls-client-auth test for OpenSSL32
mhdawson Aug 28, 2024
5316314
test: update TLS test for OpenSSL 3.2
richardlau Aug 30, 2024
d5b73e5
test: increase key size for ca2-cert.pem
mhdawson Aug 29, 2024
68156cb
test: fix test-tls-client-mindhsize for OpenSSL32
mhdawson Sep 3, 2024
c7de027
test: fix test test-tls-dhe for OpenSSL32
mhdawson Sep 14, 2024
e999738
test: adjust tls test for OpenSSL32
mhdawson Sep 14, 2024
b097d85
test: adjust test-tls-junk-server for OpenSSL32
mhdawson Sep 15, 2024
d244204
crypto: reject Ed25519/Ed448 in Sign/Verify prototypes
panva Apr 8, 2024
6e7274f
crypto: reject dh,x25519,x448 in {Sign,Verify}Final
JLHwung Sep 6, 2024
75ff0cd
test: update test to support OpenSSL32
mhdawson Sep 18, 2024
37a2f7e
test: adjust key sizes to support OpenSSL32
mhdawson Sep 18, 2024
341496a
test: add asserts to validate test assumptions
mhdawson Sep 18, 2024
1a4d497
test: adjust tls-set-ciphers for OpenSSL32
mhdawson Sep 21, 2024
9824827
test: update tls test to support OpenSSL32
mhdawson Sep 22, 2024
c8520ff
test: fix OpenSSL version checks
richardlau Jun 26, 2024
ac3a390
test: fix test-tls-junk-closes-server
mhdawson Sep 25, 2024
d814fe9
src: account for OpenSSL unexpected version
codebytere Jul 31, 2024
a4f6f09
doc: add names next to release key bash commands
avivkeller May 9, 2024
1c4decc
doc: add release key for aduh95
aduh95 Oct 10, 2024
fa72b2c
tools: skip ruff on tools/gyp
targos Oct 25, 2023
0fb652e
tools: update gyp-next to v0.16.1
targos Oct 25, 2023
6ba4ebd
build: fix build with Python 3.12
lpinca Nov 8, 2023
c679348
errors: use `determineSpecificType` in more error messages
aduh95 Sep 11, 2023
84b0ead
esm: fix hook name in error message
bmacnaughton Dec 5, 2023
81c3260
deps: update corepack to 0.28.1
nodejs-github-bot May 14, 2024
6ba8bc0
deps: update c-ares to 1.29.0
nodejs-github-bot Jun 2, 2024
d6114cb
test: fix test when compiled without engine support
richardlau Jun 2, 2024
5c46782
crypto: make deriveBits length parameter optional and nullable
panva Jun 28, 2024
395ee44
deps: update corepack to 0.28.2
nodejs-github-bot Jun 4, 2024
dbdfdd0
deps: update corepack to 0.29.2
nodejs-github-bot Jul 16, 2024
935a506
deps: update corepack to 0.29.3
nodejs-github-bot Jul 30, 2024
4d2ac5d
doc: move release key for Myles Borins
richardlau Aug 5, 2024
c60c663
deps: upgrade openssl sources to quictls/openssl-3.0.14+quic1
nodejs-github-bot Aug 12, 2024
67e9883
deps: update archs files for openssl-3.0.14+quic1
nodejs-github-bot Aug 12, 2024
4a18581
deps: update corepack to 0.29.4
nodejs-github-bot Sep 17, 2024
c50f013
crypto: ensure invalid SubtleCrypto JWK data import results in DataError
panva Sep 23, 2024
46c7824
deps: upgrade openssl sources to quictls/openssl-3.0.15+quic1
nodejs-github-bot Sep 30, 2024
fce3ab6
deps: update archs files for openssl-3.0.15+quic1
nodejs-github-bot Sep 30, 2024
ac37e55
esm: mark import attributes and JSON module as stable
nicolo-ribaudo Oct 12, 2024
f56cfe7
deps: update acorn to 8.12.1
nodejs-github-bot Jun 16, 2024
50a9456
deps: update acorn-walk to 8.3.3
nodejs-github-bot Jun 18, 2024
55b3c8a
deps: update acorn-walk to 8.3.4
nodejs-github-bot Sep 24, 2024
d577321
deps: update acorn to 8.13.0
nodejs-github-bot Oct 29, 2024
aaa857f
deps: update ada to 2.8.0
nodejs-github-bot Jun 4, 2024
033f1e2
deps: update zlib to 1.3.0.1-motley-4f653ff
nodejs-github-bot May 21, 2024
569a739
deps: update zlib to 1.3.0.1-motley-209717d
nodejs-github-bot Jun 13, 2024
637a306
deps: update zlib to 1.3.0.1-motley-887bb57
nodejs-github-bot Jun 16, 2024
e151ebe
deps: update zlib to 1.3.0.1-motley-e432200
nodejs-github-bot Jun 23, 2024
f6b2f68
deps: update zlib to 1.3.0.1-motley-8b7eff8
nodejs-github-bot Jun 30, 2024
4b81555
deps: update zlib to 1.3.0.1-motley-68e57e6
nodejs-github-bot Jul 7, 2024
64f98a9
deps: update zlib to 1.3.0.1-motley-c2469fd
nodejs-github-bot Jul 14, 2024
11242bc
deps: update zlib to 1.3.0.1-motley-71660e1
nodejs-github-bot Aug 4, 2024
96ec48d
deps: update brotli to 1.1.0
nodejs-github-bot Dec 27, 2023
a1ae050
deps: update simdutf to 5.2.6
nodejs-github-bot Apr 28, 2024
c952fd8
deps: update simdutf to 5.2.8
nodejs-github-bot May 12, 2024
5fb8e1b
deps: update simdutf to 5.3.0
nodejs-github-bot Jul 16, 2024
dd882ac
deps: update simdutf to 5.3.1
nodejs-github-bot Aug 6, 2024
52d2c03
deps: update simdutf to 5.3.4
nodejs-github-bot Aug 13, 2024
3597be4
deps: update simdutf to 5.5.0
nodejs-github-bot Aug 18, 2024
0385249
deps: update simdutf to 5.6.0
nodejs-github-bot Oct 15, 2024
fd9933e
deps: upgrade npm to 10.8.0
npm-cli-bot May 16, 2024
8531c95
deps: upgrade npm to 10.8.1
npm-cli-bot May 30, 2024
93670de
deps: upgrade npm to 10.8.2
npm-cli-bot Jul 12, 2024
4c2e07a
build: pin doc workflow to Node.js 20
richardlau Nov 6, 2024
e4739e9
doc: only apply content-visibility on all.html
panva Jun 19, 2024
3059262
esm: fix broken assertion in `legacyMainResolve`
aduh95 Nov 3, 2024
f73db8f
2024-11-12, Version 18.20.5 'Hydrogen' (LTS)
aduh95 Nov 7, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
crypto: reject Ed25519/Ed448 in Sign/Verify prototypes 
fixes: #52097
PR-URL: #52340
Fixes: #52097
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
  • Loading branch information
@panva @richardlau
panva authored and richardlau committed Sep 27, 2024
commit d2442044dbdb853f1e8c8b66eaea09f1c77aaeac
10 changes: 10 additions & 0 deletions src/crypto/crypto_sig.cc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -420,6 +420,11 @@ void Sign::SignFinal(const FunctionCallbackInfo<Value>& args) {
if (!key)
return;

if (IsOneShot(key)) {
THROW_ERR_CRYPTO_UNSUPPORTED_OPERATION(env);
return;
}

int padding = GetDefaultSignPadding(key);
if (!args[offset]->IsUndefined()) {
CHECK(args[offset]->IsInt32());
Expand Down Expand Up @@ -547,6 +552,11 @@ void Verify::VerifyFinal(const FunctionCallbackInfo<Value>& args) {
if (!pkey)
return;

if (IsOneShot(pkey)) {
THROW_ERR_CRYPTO_UNSUPPORTED_OPERATION(env);
return;
}

ArrayBufferOrViewContents<char> hbuf(args[offset]);
if (UNLIKELY(!hbuf.CheckSizeInt32()))
return THROW_ERR_OUT_OF_RANGE(env, "buffer is too big");
Expand Down
20 changes: 20 additions & 0 deletions test/parallel/test-crypto-sign-verify.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -774,3 +774,23 @@ assert.throws(
}, { code: 'ERR_INVALID_ARG_TYPE', message: /The "key\.key" property must be of type object/ });
}
}

{
// Ed25519 and Ed448 must use the one-shot methods
const keys = [{ privateKey: fixtures.readKey('ed25519_private.pem', 'ascii'),
publicKey: fixtures.readKey('ed25519_public.pem', 'ascii') },
{ privateKey: fixtures.readKey('ed448_private.pem', 'ascii'),
publicKey: fixtures.readKey('ed448_public.pem', 'ascii') }];

for (const { publicKey, privateKey } of keys) {
assert.throws(() => {
crypto.createSign('SHA256').update('Test123').sign(privateKey);
}, { code: 'ERR_CRYPTO_UNSUPPORTED_OPERATION', message: 'Unsupported crypto operation' });
assert.throws(() => {
crypto.createVerify('SHA256').update('Test123').verify(privateKey, 'sig');
}, { code: 'ERR_CRYPTO_UNSUPPORTED_OPERATION', message: 'Unsupported crypto operation' });
assert.throws(() => {
crypto.createVerify('SHA256').update('Test123').verify(publicKey, 'sig');
}, { code: 'ERR_CRYPTO_UNSUPPORTED_OPERATION', message: 'Unsupported crypto operation' });
}
}