crypto: ECDH convertKey to convert public keys between different formats

[wuweiweiwu]

ECDH#convertKey is used to convert public keys between different formats, as per #18977

ECDH#convertKey(key, curve[, inputEncoding[, outputEncoding[, format]]])

• key <string> | <Buffer> | <TypedArray> | <DataView>
• curve <string>
• inputEncoding <string>
• outputEncoding <string>
• format <string> can be 'uncompressed', 'compressed', 'hybrid'

Returns the input key converted to the specified encoding and format.

Checklist

• make -j4 test (UNIX), or vcbuild test (Windows) passes
• tests and/or benchmarks are included
• documentation is changed or added
• commit message follows commit guidelines

Affected core subsystem(s)

crypto, doc, test

[bnoordhuis]

Don't duplicate this logic, factor it out so it can be shared with ECDH#getPublicKey(). Likewise the C++ code.

[wuweiweiwu]

Done!

[wuweiweiwu]

@bnoordhuis I also added the encode function since I noticed that the test for 'buffer' encoding happens a lot in this file. Should I also change that in this PR or should I submit another PR for that?

[bnoordhuis]

Thanks, doing it in this PR is fine.

[bnoordhuis]

Mostly LGTM apart from some comments. Thanks for doing this.

[bnoordhuis]

Thanks, doing it in this PR is fine.

[bnoordhuis]

Since you're making changes here, you might want to get rid of the goto by moving the fatal: block inside the if statement.

[wuweiweiwu]

Done!

[bnoordhuis]

Can you capitalize and punctuate the comments?

[bnoordhuis]

Leaks group. group and pub are leaked on lines 5580 and 5587.

Suggestion: use a std::unique_ptr with a custom deleter or use the std::shared_ptr trick from 8ccd320.

[bnoordhuis]

Minor thing but can you write this as int size = ...?

[bnoordhuis]

Can you indent these by four spaces? Four because line continuation.

[wuweiweiwu]

@bnoordhuis I am not sure if I am using shared_ptr correctly. I created it before the pub === nullptr check so that returns. the delete function will be called

[addaleax]

@wuweiweiwu we also have OnScopeLeave in util.h, you could use that if you prefer? It might be a bit more self-documenting?

[wuweiweiwu]

@addaleax I will look at that! Is there a preference using onScopeLeave v. shared_ptr?

[addaleax]

@wuweiweiwu The former is pretty new as an utility -- but basically, use whichever makes sense to you, or lets the code seem more readable. :)

(Also, probably doesn't matter much now that this has landed, unless you want to send another PR right behind this. ¯\_(ツ)_/¯)

[wuweiweiwu]

Sounds good! I'll go over both so I am more familiar

[bnoordhuis]

Thanks, LGTM. CI: https://ci.nodejs.org/job/node-test-pull-request/13488/

This PR should probably get one or two more sign-offs because it adds a new API. Also, cc @nodejs/crypto.

[wuweiweiwu]

node-test-commit failure looks unrelated

console output

not ok 1331 parallel/test-regress-GH-4948
  ---
  duration_ms: 0.169
  severity: fail
  stack: |-
  ...

[tniessen]

Well done!

[tniessen]

This should be added: REPLACEME (it might be a different version on other release branches, not necessarily v10.0.0).

[tniessen]

Is there a reason not to use const here? In general, let is preferred over var and const over let if possible.

[tniessen]

Ditto.

[tniessen]

Nit: I'd prefer destructuring here: const { ECDH } = crypto;, maybe even const { ECDH, getCurves } = require('crypto');.

[tniessen]

Is this signature correct? According to this signature, all of the following calls would be valid:

ECDH.convertKey(key, curve[, inputEncoding][, outputEncoding][, format])
ECDH.convertKey(key, curve[, inputEncoding][, outputEncoding])
ECDH.convertKey(key, curve[, inputEncoding])
ECDH.convertKey(key, curve)
ECDH.convertKey(key, curve[, inputEncoding][, format])
ECDH.convertKey(key, curve[, outputEncoding][, format])
ECDH.convertKey(key, curve[, format])

[wuweiweiwu]

@tniessen How would I structure the signature?

Function signature?

key and curve are required but the rest are optional. These are the available calls:

ECDH.convertKey(key, curve, inputEncoding, outputEncoding, format)
ECDH.convertKey(key, curve, inputEncoding, outputEncoding)
ECDH.convertKey(key, curve, inputEncoding)
ECDH.convertKey(key, curve)

Would it be: ECDH.convertKey(key, curve[, inputEncoding, outputEncoding, format])?

or just ECDH.convertKey(key, curve, inputEncoding, outputEncoding, format)

I figured it out!

ECDH.convertKey(key, curve[, inputEncoding[, outputEncoding[, format]]])

[tniessen]

Nit: Use destructuring: const { ECDH } = require('crypto');.

[tniessen]

Tiny nit: No need for a set, just use if (getCurves().includes('secp256k1')) {.

[wuweiweiwu]

Fixed! :)

[tniessen]

Tiny nit: This can be combined with the call to require:

const assert = require('assert');
const { ECDH, getCurves } = require('crypto');

[jasnell]

Since this is adding a new API, please handle the input type checking in javascript and use the internal/errors mechanism.

[wuweiweiwu]

Done! :)

[wuweiweiwu]

@jasnell @tniessen @Trott I had to resolve some merge conflicts in diffiehelman.js. Is there anything else that I should do on this PR?

[tniessen]

@wuweiweiwu Please rebase your changes on top of master instead of adding a merge commit if there are conflicts. In order to undo the merge commit and to properly rebase your changes, follow these steps.

# This is only necessary if you did not add the upstream remote before.
git remote add upstream https://github.com/nodejs/node.git

# Checkout your branch.
git checkout crypto-convert-key
# Undo the merge commit.
git reset --hard 7a921c56bd19cb2e7fa68862bcfa023fedc817b8
# Make sure your copy of our master branch is up-to-date.
git fetch upstream master
# Rebase on top of our changes.
git rebase upstream/master

git rebase will stop as soon as it encounters a conflict, at which point you will need to follow the instructions on the screen. It is usually a cycle of

1. using git status to determine which files the conflict occurred in,
2. manually resolving the conflicts,
3. telling git that you are done with git add path/to/file/with/conflicts, and
4. resuming the rebase with git rebase --continue.

[wuweiweiwu]

@tniessen Thanks for the tips! I have rebased and also updated my error throwing using the new errors.

[tniessen]

Thank you! CI: https://ci.nodejs.org/job/node-test-pull-request/13624/
(By the way, you don't need to follow the commit message guidelines for subsequent commits as they will usually be squashed into a single commit anyway.)

[wuweiweiwu]

Not sure why test-process-env-deprecation fails for those test cases

09:16:20 not ok 1280 parallel/test-process-env-deprecation
09:16:20   ---
09:16:20   duration_ms: 0.297
09:16:20   severity: fail
09:16:20   stack: |-
09:16:20     Mismatched <anonymous> function calls. Expected exactly 1, actual 0.
09:16:20         at Object.exports.mustCall (/home/iojs/build/workspace/node-test-commit-linux-containered/nodes/ubuntu1604_sharedlibs_withoutintl_x64/test/common/index.js:427:10)
09:16:20         at expectWarning (/home/iojs/build/workspace/node-test-commit-linux-containered/nodes/ubuntu1604_sharedlibs_withoutintl_x64/test/common/index.js:615:18)
09:16:20         at expectWarningByName (/home/iojs/build/workspace/node-test-commit-linux-containered/nodes/ubuntu1604_sharedlibs_withoutintl_x64/test/common/index.js:629:25)
09:16:20         at Object.exports.expectWarning (/home/iojs/build/workspace/node-test-commit-linux-containered/nodes/ubuntu1604_sharedlibs_withoutintl_x64/test/common/index.js:649:5)
09:16:20         at Object.<anonymous> (/home/iojs/build/workspace/node-test-commit-linux-containered/nodes/ubuntu1604_sharedlibs_withoutintl_x64/test/parallel/test-process-env-deprecation.js:7:8)
09:16:20         at Module._compile (module.js:671:30)
09:16:20         at Object.Module._extensions..js (module.js:682:10)
09:16:20         at Module.load (module.js:582:32)
09:16:20         at tryModuleLoad (module.js:522:12)
09:16:20   ...

It passes locally.

@tniessen Is it something I need to fix?

[Trott]

I think the CI problems were on master and not in this PR and that they've been fixed. Let's find out...

CI: https://ci.nodejs.org/job/node-test-pull-request/13656/

[wuweiweiwu]

Offending test: sequential/test-inspector-stop-profile-after-done

not ok 537 sequential/test-inspector-stop-profile-after-done
  ---
  duration_ms: 1.201
  severity: fail
  stack: |-
    [test] Connecting to a child Node process
    [test] Testing /json/list
    [err] Debugger listening on ws://127.0.0.1:63629/5d4b460e-4dec-4c63-a4f3-b9675efce5a3
    [err] For help see https://nodejs.org/en/docs/inspector
    [err] 
    [out] {}
    [out] 
    [out] {}
    [out] 
    [out] {}
    [out] 
    [out] {}
    [out] 
    [out] {}
    [out] 
    [out] {}
    [out] 
    [out] {}
    [out] 
    [out] {}
    [out] 
    [out] {}
    [out] 
    [out] {}
    [out] 
    [out] {}
    [out] 
    [err] Debugger attached.
    [err] Waiting for the debugger to disconnect...
    [err] 
    { AssertionError [ERR_ASSERTION]: 3221225477 strictEqual 0
        at runTests (c:\workspace\node-test-binary-windows\test\sequential\test-inspector-stop-profile-after-done.js:28:10)
        at process._tickCallback (internal/process/next_tick.js:114:7)
      generatedMessage: true,
      name: 'AssertionError [ERR_ASSERTION]',
      code: 'ERR_ASSERTION',
      actual: 3221225477,
      expected: 0,
      operator: 'strictEqual' }
    1
  ...

@Trott seems unrelated. But this test was passing for me locally. What should I do?

[Trott]

@wuweiweiwu That test failing on Windows in CI is a known issue: #19263

I think this can be treated as "CI has passed" at this point.

Also: "Node.js project needs to get CI back to green, this is ridiculous." But that's not your problem to solve (unless you want to). :-D

[Trott]

/ping @nodejs/crypto

[wuweiweiwu]

@Trott just checking up on the status of this PR!

[tniessen]

@wuweiweiwu I didn't have time to review this thoroughly, but this should be ready to land nevertheless. I will try to review and land on Saturday if no one beats me to it.

One more CI: https://ci.nodejs.org/job/node-test-pull-request/13826/

[Trott]

Re-running FreeBSD: https://ci.nodejs.org/job/node-test-commit-freebsd/16379/

Re-running arm-fanned: https://ci.nodejs.org/job/node-test-commit-arm-fanned/15339/

[Trott]

Both re-runs of CI were green. This can land.

[tniessen]

Landed in f2e0288, thank you @wuweiweiwu! 🎉

[wuweiweiwu]

Awesome! Can't wait to contribute more :)