Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

lib: add diagnostics_channel events to cipher and hashing algorithms #44356

Draft
wants to merge 2 commits into
base: main
Choose a base branch
from
Draft

lib: add diagnostics_channel events to cipher and hashing algorithms #44356

wants to merge 2 commits into from

Conversation

uurien
Copy link

@uurien uurien commented Aug 23, 2022

Adding crypto.cipher.new, crypto.decipher.new, crypto.cipheriv.new, crypto.decipheriv.new, crypto.hash.new, crypto.hash.copy, crypto.hmac.new, crypto.sign.new and crypto.verify.new diagnostics_channel events so APMs don't need to patch the crypto module to know when a particular crypto algorithm is used.

@nodejs-github-bot
Copy link
Collaborator

Review requested:

  • @nodejs/crypto

@nodejs-github-bot nodejs-github-bot added crypto Issues and PRs related to the crypto subsystem. needs-ci PRs that need a full CI run. labels Aug 23, 2022
@uurien uurien marked this pull request as ready for review August 23, 2022 09:36
@tniessen
Copy link
Member

so APMs don't need to patch the crypto module to know when a particular crypto algorithm is used

Is this a common thing?

tniessen
tniessen reviewed Aug 23, 2022
View reviewed changes
lib/internal/crypto/cipher.js
@@ -62,6 +62,13 @@ const { normalizeEncoding } = require('internal/util');

const { StringDecoder } = require('string_decoder');

const dc = require('diagnostics_channel');
const onNewCipherChannel = dc.channel('crypto.cipher.new');
const onNewDecipherChannel = dc.channel('crypto.decipher.new');
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cipher and Decipher should not be used; I don't think it is beneficial to introduce any sort of monitoring for these APIs.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wasn't very sure about it.
But as cipher and decipher are deprecated, createCipher and createDecipher methods are deprecated and defined like that, it is not easy to patch.

ObjectDefineProperties(module.exports, {
  createCipher: {
    __proto__: null,
    enumerable: false,
    value: deprecate(createCipher,
                     'crypto.createCipher is deprecated.', 'DEP0106')
  }

But, if the rule is "not modify deprecated methods", I can delete this part of the code

Copy link
Member

@tniessen tniessen Aug 23, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

But, if the rule is "not modify deprecated methods", I can delete this part of the code

There is no such rule; I just think adding complexity to a feature that nobody should be using might be the wrong approach.

@simon-id
Copy link
Contributor

Don't forget to add it to the docs here: https://nodejs.org/api/diagnostics_channel.html#built-in-channels

@uurien
Copy link
Author

uurien commented Aug 23, 2022

@tniessen

so APMs don't need to patch the crypto module to know when a particular crypto algorithm is used

Is this a common thing?

For example, if the product want to detect the used cypher/hashing algorithms, for example, to detect the uses of the insecure sha1 algorithm.

@uurien uurien force-pushed the diagnostics-channel-for-crypto branch from f8ae06f to 275a51d Compare August 23, 2022 10:22
@tniessen
Copy link
Member

For example, if the product want to detect the used cypher/hashing algorithms, for example, to detect the uses of the insecure sha1 algorithm.

That seems difficult; createHash is just one of many APIs that allow specifying hash algorithms. For example, that "product" you are describing would also have to check OAEP hash algorithms etc. Is the goal to add such events to all cryptographic operations, and to provide all user inputs to the observers?

Qard
Qard reviewed Aug 23, 2022
View reviewed changes
Copy link
Member

@Qard Qard left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some lint errors due to missing semicolons, but other than that LGTM.

@uurien
Copy link
Author

uurien commented Aug 23, 2022

@tniessen yes, you are right, thanks
I'm going to review again the crypto module to find all ways that the user have to hash or cipher and reopen this PR (I'm moving it to draft now)

@uurien uurien marked this pull request as draft August 23, 2022 12:42
@tniessen
Copy link
Member

Just to be clear, I am not saying that adding such events to all crypto operations is a good idea. I am just wondering what the goal is here.

I assume that most cryptographic vulnerabilities arise from design issues or misuse of cryptographic APIs or mechanisms, not from selecting weak algorithms.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Qard Qard Qard left review comments

@tniessen tniessen tniessen left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
crypto Issues and PRs related to the crypto subsystem. needs-ci PRs that need a full CI run.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@uurien @nodejs-github-bot @tniessen @simon-id @Qard