Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: re-enable HKDF crypto functionality #34767

Merged
merged 2 commits into from Jun 29, 2022
Merged

fix: re-enable HKDF crypto functionality #34767

merged 2 commits into from Jun 29, 2022

Conversation

codebytere
Copy link
Member

@codebytere codebytere commented Jun 28, 2022
edited

Description of Change

Closes #31634.

Enables HKDF support in embedded Node.js as a result of https://boringssl-review.googlesource.com/c/boringssl/+/52829.

Checklist

Release Notes

Notes: Enable missing HKDF support in Node.js crypto.

@codebytere codebytere added semver/patch backwards-compatible bug fixes no-backport labels Jun 28, 2022
@codebytere codebytere requested review from a team as code owners June 28, 2022 07:54
@electron-cation electron-cation bot added the new-pr 🌱 PR opened in the last 24 hours label Jun 28, 2022
@electron-cation electron-cation bot removed the new-pr 🌱 PR opened in the last 24 hours label Jun 29, 2022
deepak1556
deepak1556 reviewed Jun 29, 2022
View reviewed changes
patches/node/fix_crypto_tests_to_run_with_bssl.patch
['sha256', 'secret', 'salt', 'info', 10],
['sha512', 'secret', 'salt', '', 15],
];
-if (!common.hasOpenSSL3)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we expose a property common.openSSLisBoringSSL based on the build time constant OPENSSL_IS_BORINGSSL that is already available in upstream Node.js. It could simplify the patch in a upstream friendly way.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@deepak1556 it's stalled but i actually started that ages ago: nodejs/node#38928

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh cool, btw agree with the concern in nodejs/node#38928 (review), shouldn't the change be

#ifdef OPENSSL_IS_BORINGSSL
    #define IS_BORINGSSL 1
    NODE_DEFINE_CONSTANT(target, IS_BORINGSSL);
   #undef IS_BORINGSSL
#endif

@codebytere codebytere merged commit ad2b1fe into main Jun 29, 2022
@codebytere codebytere deleted the hkdf-works-now branch June 29, 2022 12:53
@release-clerk
Copy link

release-clerk bot commented Jun 29, 2022

Release Notes Persisted

Enable missing HKDF support in Node.js crypto.

@commit-lint commit-lint bot mentioned this pull request Sep 7, 2022
Open
schetle pushed a commit to schetle/electron that referenced this pull request Nov 3, 2022
@codebytere @patchup @schetle
fix: re-enable HKDF crypto functionality (electron#34767)
81b1bce 
* fix: re-enable HKDF crypto functionality

* chore: update patches

Co-authored-by: PatchUp <73610968+patchup[bot]@users.noreply.github.com>
khalwa pushed a commit to solarwindscloud/electron that referenced this pull request Feb 22, 2023
@codebytere @patchup @khalwa
fix: re-enable HKDF crypto functionality (electron#34767)
61cb1eb 
* fix: re-enable HKDF crypto functionality

* chore: update patches

Co-authored-by: PatchUp <73610968+patchup[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@deepak1556 deepak1556 deepak1556 approved these changes

@zcbenz zcbenz Awaiting requested review from zcbenz

@VerteDinde VerteDinde Awaiting requested review from VerteDinde

Assignees
No one assigned
Labels
no-backport semver/patch backwards-compatible bug fixes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Bug]: crypto.hkdf "Deriving bits failed"
2 participants
@codebytere @deepak1556