-
Notifications
You must be signed in to change notification settings - Fork 30.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
crypto: hide native handles from JS modules #22747
Conversation
It's likely safer to turn |
Definitely safer, yes, but I wonder whether people are using it at all. (I can't think of a single legitimate use case.) |
lib/internal/crypto/cipher.js
Outdated
@@ -73,11 +75,11 @@ function getUIntOption(options, key) { | |||
function createCipherBase(cipher, credential, options, decipher, iv) { | |||
const authTagLength = getUIntOption(options, 'authTagLength'); | |||
|
|||
this._handle = new CipherBase(decipher); | |||
this[kHandle] = new CipherBase(decipher); | |||
if (iv === undefined) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since the purpose of this is to hide the actual implementation details, I would prefer to use a non-enumerable symbol. Otherwise it will still show up in the repl and when inspecting the value (including console calls).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I had the idea to do this after reviewing #22684. If we want to use non-enumerable symbols, maybe we should add that to the guidelines?
@nodejs/security-wg |
They likely aren't, but that doesn't make it any less the right thing to do... at least just for a single major cycle. Node.js 11 would not be a LTS branch so the deprecated aliases wouldn't be around for long. |
Does it make sense to add a test that will assert on this new expectation that |
8098199
to
ae70d12
Compare
ae70d12
to
4427dc2
Compare
I changed the PR to deprecate the |
CI was stopped, resuming a previous build again... https://ci.nodejs.org/job/node-test-pull-request/17140/ |
16783a9
to
a5c9b02
Compare
a5c9b02
to
2e3353b
Compare
PR-URL: nodejs#22747 Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Vladimir de Turckheim <[email protected]> Reviewed-By: Trivikram Kamat <[email protected]> Reviewed-By: Joyee Cheung <[email protected]>
Landed in 0ade10d. |
|
PR-URL: #22827 Refs: #22747 Reviewed-By: Vse Mozhet Byt <[email protected]> Reviewed-By: James M Snell <[email protected]>
Creating deprecated accessors each time an object is created is very time consuming. Refs: nodejs#22747 Fixes: nodejs#24266
Creating deprecated accessors each time an object is created is very time consuming. Refs: #22747 Fixes: #24266 PR-URL: #24269 Reviewed-By: Tobias Nießen <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
Creating deprecated accessors each time an object is created is very time consuming. Refs: #22747 Fixes: #24266 PR-URL: #24269 Reviewed-By: Tobias Nießen <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
Creating deprecated accessors each time an object is created is very time consuming. Refs: nodejs#22747 Fixes: nodejs#24266 PR-URL: nodejs#24269 Reviewed-By: Tobias Nießen <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
Another attempt to reduce the undocumented API surface. I am defensively marking this as semver-major, but as far as I can tell, no popular packages are using these properties. It would be kind of pointless anyway since there is no advantage in using
_handle
here. (This is not true for other parts of our API, but it seems to be valid for the affected crypto APIs.)Checklist
make -j4 test
(UNIX), orvcbuild test
(Windows) passes