Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto: make pseudoRandomBytes an alias for randomBytes #557

Closed
wants to merge 1 commit into from
Closed

crypto: make pseudoRandomBytes an alias for randomBytes #557

wants to merge 1 commit into from

Conversation

calvinmetcalf
Copy link
Contributor

Previously pseudoRandomBytes worked similarly to randomBytes but in the event of
insufficient entropy would silently return non-secure values. As of f68a116
the entropy pool blocks if there is insufficient entropy instead of giving an
error so there is now no longer a case where pseudoRandomBytes would act
differently then randomBytes.

Inspired by discussions on #545

bnoordhuis
bnoordhuis reviewed Jan 22, 2015
View reviewed changes
src/node_crypto.cc
} else {
r = RAND_bytes(reinterpret_cast<unsigned char*>(req->data()), req->size());
}
r = RAND_bytes(reinterpret_cast<unsigned char*>(req->data()), req->size());
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe make this const int r = ....

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

updated

@bnoordhuis
Copy link
Member

LGTM but I would like @indutny to sign off on it as well.

@calvinmetcalf calvinmetcalf force-pushed the rm-prb branch 2 times, most recently from 4fdfcb2 to a120e87 Compare January 22, 2015 15:01
@calvinmetcalf
Copy link
Contributor Author

ok moved the declaration down and made it a const, then split the line so it would pass linting, should an update to the docs be part of the same pull or a separate one?

bnoordhuis
bnoordhuis reviewed Jan 22, 2015
View reviewed changes
src/node_crypto.cc
} else {
r = RAND_bytes(reinterpret_cast<unsigned char*>(req->data()), req->size());
}
const int r = RAND_bytes(reinterpret_cast<unsigned char*>(req->data()),
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please don't hate me but it's > 80 columns now.

EDIT: Preempted!

@bnoordhuis
Copy link
Member

should an update to the docs be part of the same pull or a separate one?

Please roll it into this one.

@indutny
Copy link
Member

indutny commented Jan 22, 2015

@bnoordhuis perhaps we should not block in case of pseudo random bytes?

@indutny
Copy link
Member

indutny commented Jan 22, 2015

Otherwise I suggest deprecating pseudoRandomBytes.

@bnoordhuis
Copy link
Member

perhaps we should not block in case of pseudo random bytes?

I don't think this PR changes that. Or does it?

Otherwise I suggest deprecating pseudoRandomBytes.

I agree but I would suggest doing that in a separate PR, provided we agree this PR is not a functional change. That way, we can land this PR now and land the deprecation PR in 1.1.0.

@calvinmetcalf
Copy link
Contributor Author

@bnoordhuis this should not be a functional change

@indutny maybe a the blocking/not blocking distinction can be rolled into the changes to the api around randomBytesSync.

Will update the docs

@calvinmetcalf
crypto: make pseudoRandomBytes an alias for randomBytes
f1253c0 
Previously pseudoRandomBytes worked similarly to randomBytes but in the event of
insufficient entropy would silently return non-secure values. As of f68a116
the entropy pool blocks if there is insufficient entropy instead of giving an
error so there is now no longer a case where pseudoRandomBytes would act
differently then randomBytes.

Docs are updated to remove pseudoRandomBytes and to clarify that randomBytes
now does block instead of erring when entropy is low.
@calvinmetcalf
Copy link
Contributor Author

updated

@indutny
Copy link
Member

indutny commented Jan 22, 2015

LGTM, let's deprecate it soon.

bnoordhuis pushed a commit that referenced this pull request Jan 22, 2015
@calvinmetcalf @bnoordhuis
lib,src: make pseudoRandomBytes alias randomBytes
e5e5980 
Previously pseudoRandomBytes worked similarly to randomBytes but in the
event of insufficient entropy would silently return non-secure values.

As of f68a116, the entropy pool blocks if there is insufficient entropy
instead of giving an error so there is now no longer a case where
pseudoRandomBytes would act differently than randomBytes.

Docs are updated to remove pseudoRandomBytes and to clarify that
randomBytes now does block instead of erring when entropy is low.

PR-URL: #557
Reviewed-By: Ben Noordhuis <[email protected]>
Reviewed-By: Fedor Indutny <[email protected]>
@bnoordhuis
Copy link
Member

Landed with some touch-ups in e5e5980. Thanks, Calvin!

@bnoordhuis bnoordhuis closed this Jan 22, 2015
@calvinmetcalf calvinmetcalf deleted the rm-prb branch January 22, 2015 22:41
This was referenced Jan 22, 2015
Closed
Merged
@tniessen tniessen mentioned this pull request Aug 25, 2018
Closed
4 tasks
This was referenced Apr 24, 2023
Open
Open
@aliscco aliscco mentioned this pull request Apr 24, 2023
Open
This was referenced Apr 24, 2023
Open
Open
@aliscco aliscco mentioned this pull request Apr 24, 2023
Open
@snyk-bot snyk-bot mentioned this pull request Apr 25, 2023
Open
This was referenced Dec 1, 2023
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Closed
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@calvinmetcalf @bnoordhuis @indutny