crypto: Better docs for cases where peer's public key is invalid #16849
Conversation
nodejs-github-bot
added
c++
doc/api/crypto.md
Outdated
| @@ -522,6 +522,12 @@ provided, `otherPublicKey` is expected to be a [`Buffer`][], | |||
| If `outputEncoding` is given a string is returned; otherwise, a | |||
| [`Buffer`][] is returned. | |||
|
|
|||
| *Note*: | |||
|
|
|||
| * The `server.computeSecret` will throw an | |||
There was a problem hiding this comment.
Shouldn't this be diffieHellman.computeSecret()?
Also we can drop 'The' at the beginning.
There was a problem hiding this comment.
my mistake :)
already corrected 👍 thanks!
jasnell
added
the
semver-major
|
Marking major due to the change in the error message and use of internal/errors. |
doc/api/crypto.md
Outdated
|
|
||
| * `diffieHellman.computeSecret` will throw an | ||
| `ERR_CRYPTO_ECDH_INVALID_PUBLIC_KEY` error when the provided | ||
| public key lies out of the elliptic curve. |
doc/api/errors.md
Outdated
|
|
||
| Used when an invalid value for the `key` argument has been passed to the | ||
| `crypto.ECDH()` class `computeSecret()` method. It means that the public | ||
| key lies out of the elliptic curve. |
There was a problem hiding this comment.
xD damn!
corrected the 2 occurrences 👍
src/node_crypto.cc
Outdated
| if (pub == nullptr) { | ||
| args.GetReturnValue().Set( | ||
| String::NewFromUtf8(env->isolate(), | ||
| "ERR_CRYPTO_ECDH_KEY_FAIL_TRANSLATE")); |
There was a problem hiding this comment.
Style nit: can you indent line continuations by four spaces?
Since you're passing a static string, you can use the slightly more efficientFIXED_ONE_BYTE_STRING(env->isolate(), "...") here.
There was a problem hiding this comment.
thanks!
this also helped me to correct the error code in c++(which was one of the first names i thought but then dropped for ERR_CRYPTO_ECDH_INVALID_PUBLIC_KEY) 👍
|
Nice!
|
|
right @Emill ! |
doc/api/crypto.md
Outdated
| @@ -668,6 +668,14 @@ provided, `otherPublicKey` is expected to be a [`Buffer`][], `TypedArray`, or | |||
| If `outputEncoding` is given a string will be returned; otherwise a | |||
| [`Buffer`][] is returned. | |||
|
|
|||
| *Note*: | |||
There was a problem hiding this comment.
Nit: I'd remove *Note*: and let the paragraph stand on its own.
There was a problem hiding this comment.
Done!
Updating the pr soon.
Thanks!
doc/api/errors.md
Outdated
| <a id="ERR_CRYPTO_ECDH_INVALID_PUBLIC_KEY"></a> | ||
| ### ERR_CRYPTO_ECDH_INVALID_PUBLIC_KEY | ||
|
|
||
| Used when an invalid value for the `key` argument has been passed to the |
There was a problem hiding this comment.
Nit: There's a PR in to remove Used when from all these messages. I'd prefer this go in as something like this:
An invalid value for the
keyargument was passed to the...
There was a problem hiding this comment.
Done :)
But I want to understand the rationale behind the rule. It will help me a lot.
Thanks in advance.
There was a problem hiding this comment.
It's to reduce wordiness and make the document more scannable. There were some pretty egregious examples, like:
The 'ERR_INVALID_CURSOR_POS' is thrown specifically when a cursor on
a given stream is attempted to move to a specified row without a specified
column.
That will be shortened to:
A cursor on a given stream cannot be moved to a specified row without
a specified column.
PR is #16954
There was a problem hiding this comment.
xD nice example.
Understood.
|
Not sure but should the documentation include something like "since: node version x"? |
|
can be: "added: v0.0.0"? |
doc/api/crypto.md
Outdated
| @@ -668,6 +668,12 @@ provided, `otherPublicKey` is expected to be a [`Buffer`][], `TypedArray`, or | |||
| If `outputEncoding` is given a string will be returned; otherwise a | |||
| [`Buffer`][] is returned. | |||
|
|
|||
| * `ecdh.computeSecret` will throw an | |||
There was a problem hiding this comment.
added: v0.0.0
We only use added for new functions/classes/modules/etc.
What you want is something like this, added to the YAML block for this function:
changes:
- version: REPLACEME
pr-url: https://github.com/nodejs/node/pull/16849
description: The default `computeSecret` option is supported now-
There was a problem hiding this comment.
Oh, wait. I think I misunderstood; can you not make this a list item (not let this start with a *)?
And I don't think you need a changelog entry if all that changed is the error format.
Looks good with this changed though.
There was a problem hiding this comment.
what version should be there instead of replace me? Maybe 9?
There was a problem hiding this comment.
forget it, i saw its 10 :)
doc/api/crypto.md
Outdated
| @@ -668,6 +668,12 @@ provided, `otherPublicKey` is expected to be a [`Buffer`][], `TypedArray`, or | |||
| If `outputEncoding` is given a string will be returned; otherwise a | |||
| [`Buffer`][] is returned. | |||
|
|
|||
| * `ecdh.computeSecret` will throw an | |||
There was a problem hiding this comment.
Oh, wait. I think I misunderstood; can you not make this a list item (not let this start with a *)?
And I don't think you need a changelog entry if all that changed is the error format.
Looks good with this changed though.
addaleax
added
the
author ready
changes in c++ are in the computeSecret function, but the thrown exception that was moved to JS land was in BufferToPoint function, here i let the allocation error be thrown so the only value returned is the nullptr that i use later to catch the error in computeSecret, to then construct the exception in JS land. an ERR_CRYPTO_ECDH_INVALID_PUBLIC_KEY error was added to errors.js and with that, subsequent changes to docs and tests were made. Fixes: #16625 Refs: https://www.iacr.org/archive/pkc2003/25670211/25670211.pdf
|
Landed in 845633a, thanks for the PR! 🎉 |
changes in c++ are in the computeSecret function, but the thrown exception that was moved to JS land was in BufferToPoint function, here i let the allocation error be thrown so the only value returned is the nullptr that i use later to catch the error in computeSecret, to then construct the exception in JS land. an ERR_CRYPTO_ECDH_INVALID_PUBLIC_KEY error was added to errors.js and with that, subsequent changes to docs and tests were made. PR-URL: #16849 Refs: https://www.iacr.org/archive/pkc2003/25670211/25670211.pdf Fixes: #16625 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]>
addaleax
removed
the
author ready
changes in c++ are in the computeSecret function, but the thrown
exception that was moved to JS land was in BufferToPoint
function, here i let the allocation error be thrown so the only value
returned is the nullptr that i use later to catch the error in
computeSecret, to then construct the exception in JS land.
an ERR_CRYPTO_ECDH_INVALID_PUBLIC_KEY error was added to errors.js
and with that, subsequent changes to docs and tests were made.
Fixes: #16625
Refs: https://www.iacr.org/archive/pkc2003/25670211/25670211.pdf
Checklist
make -j4 test(UNIX), orvcbuild test(Windows) passesAffected core subsystem(s)
crypto, doc, test