Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto: expose crypto.isKeyObject() helper #26200

Closed
wants to merge 2 commits into from
Closed

crypto: expose crypto.isKeyObject() helper #26200

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
6689679
crypto: expose isKeyObject helper
panva Feb 19, 2019
830420a
fix: crypto.md []
panva Feb 21, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 20 additions & 0 deletions doc/api/crypto.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1121,6 +1121,9 @@ exposes different functions.
Most applications should consider using the new `KeyObject` API instead of
passing keys as strings or `Buffer`s due to improved security features.

See [`crypto.isKeyObject()`][] for checking whether a given input is
a `KeyObject` instance.

### keyObject.asymmetricKeyType
<!-- YAML
added: v11.6.0
Expand Down Expand Up @@ -2070,6 +2073,23 @@ const hashes = crypto.getHashes();
console.log(hashes); // ['DSA', 'DSA-SHA', 'DSA-SHA1', ...]
```

### crypto.isKeyObject(value)
<!-- YAML
added: REPLACEME
-->

* `value` {any}
* Returns: {boolean}

Returns `true` if the value is a [`KeyObject`] instance.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we add a note that this does not work with other contexts / realms?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm afraid I do not follow :(

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The function uses obj instanceof KeyObject internally. This does not work in case some code is run in e.g. the vm.

See https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Operators/instanceof#instanceof_and_multiple_context_(e.g._frames_or_windows) for further details.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you suggest the language? I'm happy to add it.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe:

Returns `true` if the value is a [`KeyObject`][] instance from the [current execution context][].

// ...

[current execution context]: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Operators/instanceof#instanceof_and_multiple_context_(e.g._frames_or_windows)

But this might be confusing to others. So it's maybe something we do not have to add?

panva marked this conversation as resolved.
Show resolved Hide resolved

```js
const crypto = require('crypto');
const keypair = crypto.generateKeyPairSync('ec', { namedCurve: 'P-256' });

crypto.isKeyObject(keypair.privateKey); // Returns true
```

### crypto.pbkdf2(password, salt, iterations, keylen, digest, callback)
<!-- YAML
added: v0.5.5
Expand Down
2 changes: 2 additions & 0 deletions lib/crypto.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,7 @@ const {
generateKeyPairSync
} = require('internal/crypto/keygen');
const {
isKeyObject,
createSecretKey,
createPublicKey,
createPrivateKey
Expand Down Expand Up @@ -164,6 +165,7 @@ module.exports = exports = {
getHashes,
pbkdf2,
pbkdf2Sync,
isKeyObject,
generateKeyPair,
generateKeyPairSync,
privateDecrypt,
Expand Down
4 changes: 2 additions & 2 deletions lib/internal/crypto/keys.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -318,6 +318,7 @@ module.exports = {
createSecretKey,
createPublicKey,
createPrivateKey,
isKeyObject,

// These are designed for internal use only and should not be exposed.
parsePublicKeyEncoding,
Expand All @@ -327,6 +328,5 @@ module.exports = {
prepareSecretKey,
SecretKeyObject,
PublicKeyObject,
PrivateKeyObject,
isKeyObject
PrivateKeyObject
};
9 changes: 9 additions & 0 deletions test/parallel/test-crypto.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -300,3 +300,12 @@ testEncoding({
testEncoding({
defaultEncoding: 'latin1'
}, assertionHashLatin1);

// isKeyObject checks
assert(crypto.isKeyObject(crypto.createSecretKey(Buffer.from('foo'))));
const keypair = crypto.generateKeyPairSync('ec', { namedCurve: 'P-256' });
assert(crypto.isKeyObject(keypair.privateKey));
assert(crypto.isKeyObject(keypair.publicKey));
panva marked this conversation as resolved.
Show resolved Hide resolved
[null, undefined, false, 5, 'foo', {}, Buffer].forEach((value) => {
assert(!crypto.isKeyObject(value));
});