crypto: follow up on OpenSSL backend split#64547
Open
panva wants to merge 5 commits into
Open
Conversation
Return the existing unknown-version sentinel when the compiler cannot extract OpenSSL macros. This avoids slicing a missing legacy version number and preserves the pre-refactor configure failure behaviour. Signed-off-by: Filip Skokan <panva.ip@gmail.com>
Limit the g >= p rejection needed by the provider backend to OpenSSL 3. Preserve the legacy DiffieHellman object and expose the validation result through verifyError as before. Signed-off-by: Filip Skokan <panva.ip@gmail.com>
Treat missing private RSA parameters as an export failure instead of passing null BIGNUM pointers to the JWK encoder. Also stop constructing a usable RSA view when reading an optional parameter itself fails. Signed-off-by: Filip Skokan <panva.ip@gmail.com>
Clear provider-exported RSA, EC, and DH private BIGNUMs before freeing them. Also cleanse OSSL_PARAM builder copies and the plaintext DER intermediate used for encrypted traditional PEM output. Signed-off-by: Filip Skokan <panva.ip@gmail.com>
Recreate the historical rsaEncryption AlgorithmIdentifier used by X509Certificate legacy pubkey output for restricted and unrestricted RSA-PSS keys without relying on deprecated RSA APIs. Signed-off-by: Filip Skokan <panva.ip@gmail.com>
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #64547 +/- ##
==========================================
- Coverage 90.24% 90.24% -0.01%
==========================================
Files 739 739
Lines 241698 241704 +6
Branches 45556 45546 -10
==========================================
- Hits 218129 218122 -7
- Misses 15103 15106 +3
- Partials 8466 8476 +10
🚀 New features to boost your workflow:
|
Member
Author
|
cc @nodejs/crypto |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This follows up on #64211, which separated the OpenSSL >= 3, BoringSSL, and legacy OpenSSL backend paths.
It addresses issues identified during a subsequent review of that split (done with GPT-5.6 Sol). The changes restore unintentionally altered legacy behavior, improve handling of provider-backed keys and configure probe failures, and ensure temporary private key material is cleansed appropriately.
Refs: #64211
Details
build: handle OpenSSL macro probe failures
Return the existing unknown-version sentinel when the compiler cannot extract OpenSSL macros. This avoids slicing a missing legacy version number and preserves the pre-refactor configure failure behaviour.
crypto: retain legacy DH validation
Limit the
g >= prejection needed by the provider backend to OpenSSL 3. Preserve the legacyDiffieHellmanobject and expose the validation result throughverifyErroras before.crypto: handle incomplete RSA private keys
Treat missing private RSA parameters as an export failure instead of passing null
BIGNUMpointers to the JWK encoder. Also stop constructing a usable RSA view when reading an optional parameter itself fails.crypto: cleanse provider private key copies
Clear provider-exported RSA, EC, and DH private
BIGNUMs before freeing them. Also cleanseOSSL_PARAMbuilder copies and the plaintext DER intermediate used for encrypted traditional PEM output.crypto: preserve RSA-PSS legacy pubkey DER
Recreate the historical
rsaEncryptionAlgorithmIdentifier used byX509Certificatelegacy pubkey output for restricted and unrestricted RSA-PSS keys without relying on deprecated RSA APIs.