Skip to content

src: use V8 entropy source if RAND_bytes() != 1#44493

Merged
nodejs-github-bot merged 1 commit intonodejs:mainfrom
tniessen:src-use-v8-entropy-source-if-openssl-does-not-work
Sep 4, 2022
Merged

src: use V8 entropy source if RAND_bytes() != 1#44493
nodejs-github-bot merged 1 commit intonodejs:mainfrom
tniessen:src-use-v8-entropy-source-if-openssl-does-not-work

Conversation

@tniessen
Copy link
Member

@tniessen tniessen commented Sep 2, 2022

RAND_bytes() may return 0 to indicate an error, in which case the buffer might not have been filled with random data at all. Instead of ignoring this case, let V8 use its own entropy source. Historically, this used to be a weak source of entropy, but V8 now implements a proper source even on Windows.

And even if V8's own entropy source turns out to be weak, it does not matter much: V8's PRNG itself is not cryptographically secure, so even if it is seeded from a cryptographically secure entropy source, it does not produce cryptographically secure random numbers.

@tniessen
src: use V8 entropy source if RAND_bytes() != 1
456c91d 
RAND_bytes() may return 0 to indicate an error, in which case the buffer
might not have been filled with random data at all. Instead of ignoring
this case, let V8 use its own entropy source. Historically, this used to
be a weak source of entropy, but V8 now implements a proper source even
on Windows. And even if V8's own entropy source turns out to be weak, it
does not matter much: V8's PRNG itself is not cryptographically secure,
so even if it is seeded from a cryptographically secure entropy source,
it does not produce cryptographically secure random numbers.
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Sep 2, 2022

Review requested:

  • @nodejs/crypto
  • @nodejs/startup

@nodejs-github-bot nodejs-github-bot added c++ Issues and PRs that require attention from people who are familiar with C++. lib / src Issues and PRs related to general changes in the lib or src directory. needs-ci PRs that need a full CI run. labels Sep 2, 2022
@tniessen tniessen added openssl Issues and PRs related to the OpenSSL dependency. v8 engine Issues and PRs related to the V8 dependency. and removed lib / src Issues and PRs related to general changes in the lib or src directory. labels Sep 2, 2022
@tniessen tniessen added author ready PRs that have at least one approval, no pending requests for changes, and a CI started. request-ci Add this label to start a Jenkins CI on a PR. labels Sep 2, 2022
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Sep 2, 2022
@nodejs-github-bot

This comment was marked as outdated.

Sign in to view
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Sep 2, 2022

CI: https://ci.nodejs.org/job/node-test-pull-request/46395/

@tniessen tniessen added the commit-queue Add this label to land a pull request using GitHub Actions. label Sep 4, 2022
@nodejs-github-bot nodejs-github-bot removed the commit-queue Add this label to land a pull request using GitHub Actions. label Sep 4, 2022
@nodejs-github-bot nodejs-github-bot merged commit 7371d33 into nodejs:main Sep 4, 2022
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Sep 4, 2022

Landed in 7371d33

@github-actions github-actions bot mentioned this pull request Sep 5, 2022
Open
17 tasks
@RafaelGSS
Copy link
Member

RafaelGSS commented Sep 5, 2022

Hi @tniessen, this PR didn't land clearly on v18.x-staging. Would you mind manually backporting it? I know that's little changes, but the cherry-pick was applying other changes when I tried to fix the conflict (https://gist.github.com/RafaelGSS/bde210dddc7a3019e867ba52db037ade) making the make test fail.

This was referenced Sep 6, 2022
Open
Open
Open
Fyko pushed a commit to Fyko/node that referenced this pull request Sep 15, 2022
@tniessen @Fyko
src: use V8 entropy source if RAND_bytes() != 1
a0250c6 
RAND_bytes() may return 0 to indicate an error, in which case the buffer
might not have been filled with random data at all. Instead of ignoring
this case, let V8 use its own entropy source. Historically, this used to
be a weak source of entropy, but V8 now implements a proper source even
on Windows. And even if V8's own entropy source turns out to be weak, it
does not matter much: V8's PRNG itself is not cryptographically secure,
so even if it is seeded from a cryptographically secure entropy source,
it does not produce cryptographically secure random numbers.

PR-URL: nodejs#44493
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
@juanarbol
Copy link
Member

juanarbol commented Oct 3, 2022

This seems to depend on a crypto (native) method introduced in #35093 and marked as "semver-major"; I will proceed to mark this as a "dont-land-on-v16.x"

@RafaelGSS RafaelGSS mentioned this pull request Oct 14, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bnoordhuis bnoordhuis bnoordhuis approved these changes

@Trott Trott Trott approved these changes

@lpinca lpinca lpinca approved these changes

@VoltrexKeyva VoltrexKeyva VoltrexKeyva approved these changes

Assignees

No one assigned

Labels

author ready PRs that have at least one approval, no pending requests for changes, and a CI started. c++ Issues and PRs that require attention from people who are familiar with C++. needs-ci PRs that need a full CI run. openssl Issues and PRs related to the OpenSSL dependency. v8 engine Issues and PRs related to the V8 dependency.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

8 participants

@tniessen @nodejs-github-bot @RafaelGSS @juanarbol @bnoordhuis @Trott @lpinca @VoltrexKeyva