-
Notifications
You must be signed in to change notification settings - Fork 30.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
crypto: add support for OCB mode for AEAD #21447
Conversation
CC @nodejs/crypto. Not sure who to ping for the legal stuff. |
We should marked this blocked until we can get a legal review. @MylesBorins ... this may be one to bring up to the legal committee. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM modulo comment.
Apropos the legal ramifications, note that we're already shipping OCB:
$ node
> var c = crypto.createCipheriv('aes-128-ocb', 'x'.repeat(16), 'x'.repeat(12)); c.update('boom'); c.final()
<Buffer 4e 83 df 21>
src/node_crypto.cc
Outdated
@@ -2668,6 +2668,9 @@ void CipherBase::Init(const FunctionCallbackInfo<Value>& args) { | |||
cipher->Init(*cipher_type, key_buf, key_buf_len, auth_tag_len); | |||
} | |||
|
|||
#define IS_SUPPORTED_AUTHENTICATED_MODE(mode) ((mode) == EVP_CIPH_CCM_MODE || \ | |||
(mode) == EVP_CIPH_GCM_MODE || \ | |||
(mode) == EVP_CIPH_OCB_MODE) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why not make this a function?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Mhhh I think in my head it still looks like "less overhead". Would you like me to change it?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, please.
src/node_crypto.cc
Outdated
max_message_size_ = (1 << (8 * (15 - iv_len))) - 1; | ||
} else { | ||
max_message_size_ = INT_MAX; | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This will conflict with #21462 when it lands (but no doubt you knew that since you reviewed it. :-))
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, but thanks for pointing it out 😃
Thanks for reviewing, @bnoordhuis!
And we are already shipping OpenSSL which supports OCB, that's why I |
4617818
to
64efc01
Compare
Comment addressed and rebased (old HEAD was 46178187be645f7451279382467c6799b0e3b8cc). |
I doubt there will be any issues here and it's likely safe to proceed, but it would still be good to get a legal committee review (assuming that doesn't take forever lol). Let's not block on it tho |
Thanks @jasnell. Sadly, I literally know nothing about our legal committee, I can't even find a list of members or documented processes involving them. Full CI: https://ci.nodejs.org/job/node-test-pull-request/15662/ |
That's something @MylesBorins needs to do |
64efc01
to
dce91f9
Compare
Rebased, old HEAD was 64efc012ccb9fcdf2f619f1f9cbcf0691fae5009. I am pinging @nodejs/tsc to make sure that they know of this change, I would like to land it next week. |
Since adding stuff to |
This needs a rebase. |
dce91f9
to
3322a3f
Compare
Thank you, @BridgeAR! Rebased, old HEAD was dce91f94f146bbf73b8a059ba30be4f9defa84bc. I will land this tomorrow unless someone objects. |
PR-URL: nodejs#21447 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com>
Landed in b3f459e. |
Depends on #21782 to land on v10.x-staging |
Yes, it should be backported to v10.x-staging. I started working on it but decided to cut my losses. @tniessen the conflicts are around semver-major changes you've introduced in |
I'll be home in a couple of days and will give it a try. |
@tniessen I see that you pushed a backport branch to your fork. Is it ready for a PR? |
@targos The code itself should work, but I am afraid that it might have unintended side effects for CCM. I'll try to verify that within the next few days. |
PR-URL: nodejs#21447 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com>
This change adds support for OCB, the newest and fastest AEAD mode offered by OpenSSL. There are relatively few changes required within the native code, the OCB implementation behaves somewhat like CCM, except that some limitations of CCM don't apply.
As OCB is patented, we will need to check whether this change has any legal implications. The holder of the patents, Phillip Rogaway, has summarized the situation here and I am pretty sure there won't be any problems, but I wouldn't want to be the one to make the decision.
Checklist
make -j4 test
(UNIX), orvcbuild test
(Windows) passes