Skip to content

Commit

Permalink
crypto: fail early when loading crypto without openssl
Browse files Browse the repository at this point in the history
Fail early in require('crypto'), require('tls'),
require('https'), etc when crypto is not available
(rather than depending on an internal try/catch).

Add documentation for detecting when crypto is not available.

PR-URL: #5611
Reviewed-By: Rod Vagg <rod@vagg.org>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
  • Loading branch information
jasnell committed Mar 23, 2016
1 parent 0b3936b commit f429fe1
Show file tree
Hide file tree
Showing 7 changed files with 40 additions and 18 deletions.
15 changes: 15 additions & 0 deletions doc/api/crypto.markdown
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,21 @@ console.log(hash);
// c0fa1bc00531bd78ef38c628449c5102aeabd49b5dc3a2a516ea6ea959d6658e
```

## Determining if crypto support is unavailable

It is possible for Node.js to be built without including support for the
`crypto` module. In such cases, calling `require('crypto')` will result in an
error being thrown.

```js
var crypto;
try {
crypto = require('crypto');
} catch (err) {
console.log('crypto support is disabled!');
}
```

## Class: Certificate

SPKAC is a Certificate Signing Request mechanism originally implemented by
Expand Down
9 changes: 3 additions & 6 deletions lib/_tls_legacy.js
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
'use strict';

require('internal/util').assertCrypto(exports);

const assert = require('assert');
const EventEmitter = require('events');
const stream = require('stream');
Expand All @@ -9,12 +11,7 @@ const common = require('_tls_common');
const debug = util.debuglog('tls-legacy');
const Buffer = require('buffer').Buffer;
const Timer = process.binding('timer_wrap').Timer;
var Connection = null;
try {
Connection = process.binding('crypto').Connection;
} catch (e) {
throw new Error('Node.js is not compiled with openssl crypto support');
}
const Connection = process.binding('crypto').Connection;

function SlabBuffer() {
this.create();
Expand Down
2 changes: 2 additions & 0 deletions lib/_tls_wrap.js
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
'use strict';

require('internal/util').assertCrypto(exports);

const assert = require('assert');
const crypto = require('crypto');
const net = require('net');
Expand Down
22 changes: 10 additions & 12 deletions lib/crypto.js
Original file line number Diff line number Diff line change
Expand Up @@ -3,25 +3,23 @@

'use strict';

const internalUtil = require('internal/util');
internalUtil.assertCrypto(exports);

exports.DEFAULT_ENCODING = 'buffer';

try {
var binding = process.binding('crypto');
var randomBytes = binding.randomBytes;
var getCiphers = binding.getCiphers;
var getHashes = binding.getHashes;
var getCurves = binding.getCurves;
var getFipsCrypto = binding.getFipsCrypto;
var setFipsCrypto = binding.setFipsCrypto;
} catch (e) {
throw new Error('Node.js is not compiled with openssl crypto support');
}
const binding = process.binding('crypto');
const randomBytes = binding.randomBytes;
const getCiphers = binding.getCiphers;
const getHashes = binding.getHashes;
const getCurves = binding.getCurves;
const getFipsCrypto = binding.getFipsCrypto;
const setFipsCrypto = binding.setFipsCrypto;

const Buffer = require('buffer').Buffer;
const constants = require('constants');
const stream = require('stream');
const util = require('util');
const internalUtil = require('internal/util');
const LazyTransform = require('internal/streams/lazy_transform');

const DH_GENERATOR = 2;
Expand Down
2 changes: 2 additions & 0 deletions lib/https.js
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
'use strict';

require('internal/util').assertCrypto(exports);

const tls = require('tls');
const url = require('url');
const http = require('http');
Expand Down
6 changes: 6 additions & 0 deletions lib/internal/util.js
Original file line number Diff line number Diff line change
Expand Up @@ -96,3 +96,9 @@ exports.isError = function isError(e) {
exports.objectToString = function objectToString(o) {
return Object.prototype.toString.call(o);
};

const noCrypto = !process.versions.openssl;
exports.assertCrypto = function(exports) {
if (noCrypto)
throw new Error('Node.js is not compiled with openssl crypto support');
};
2 changes: 2 additions & 0 deletions lib/tls.js
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
'use strict';

require('internal/util').assertCrypto(exports);

const net = require('net');
const url = require('url');
const binding = process.binding('crypto');
Expand Down

0 comments on commit f429fe1

Please sign in to comment.