From 86b7efd038b2239f7127d98ca719d9e5bd60b3ed Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20Nie=C3=9Fen?= Date: Sat, 25 Aug 2018 12:04:35 +0200 Subject: [PATCH 1/2] crypto: deprecate aliases for randomBytes --- doc/api/deprecations.md | 12 ++++++++++++ lib/crypto.js | 20 +++++++++++++++++--- test/parallel/test-crypto-random.js | 3 +++ 3 files changed, 32 insertions(+), 3 deletions(-) diff --git a/doc/api/deprecations.md b/doc/api/deprecations.md index 7aa8ac01ba6bd4..6a8a781d7f487b 100644 --- a/doc/api/deprecations.md +++ b/doc/api/deprecations.md @@ -1039,6 +1039,17 @@ Type: Runtime The `crypto._toBuf()` function was not designed to be used by modules outside of Node.js core and will be removed in the future. + +### DEP00XX: crypto.prng(), crypto.pseudoRandomBytes(), crypto.rng() + +Type: Runtime + +In recent versions of Node.js, there is no difference between +[`crypto.randomBytes()`][] and `crypto.pseudoRandomBytes()`. The latter has been +deprecated along with the undocumented aliases `crypto.prng()` and +`crypto.rng()` in favor of [`crypto.randomBytes()`][] and will be removed in a +future release. + [`--pending-deprecation`]: cli.html#cli_pending_deprecation [`Buffer.allocUnsafeSlow(size)`]: buffer.html#buffer_class_method_buffer_allocunsafeslow_size [`Buffer.from(array)`]: buffer.html#buffer_class_method_buffer_from_array @@ -1065,6 +1076,7 @@ of Node.js core and will be removed in the future. [`crypto.DEFAULT_ENCODING`]: crypto.html#crypto_crypto_default_encoding [`crypto.fips`]: crypto.html#crypto_crypto_fips [`crypto.pbkdf2()`]: crypto.html#crypto_crypto_pbkdf2_password_salt_iterations_keylen_digest_callback +[`crypto.randomBytes()`]: crypto.html#crypto_crypto_randombytes_size_callback [`crypto.scrypt()`]: crypto.html#crypto_crypto_scrypt_password_salt_keylen_options_callback [`decipher.final()`]: crypto.html#crypto_decipher_final_outputencoding [`decipher.setAuthTag()`]: crypto.html#crypto_decipher_setauthtag_buffer diff --git a/lib/crypto.js b/lib/crypto.js index c2d3eb38cff0dd..25e9e1a970494e 100644 --- a/lib/crypto.js +++ b/lib/crypto.js @@ -155,14 +155,11 @@ module.exports = exports = { pbkdf2Sync, privateDecrypt, privateEncrypt, - prng: randomBytes, - pseudoRandomBytes: randomBytes, publicDecrypt, publicEncrypt, randomBytes, randomFill, randomFillSync, - rng: randomBytes, scrypt, scryptSync, setEngine, @@ -234,5 +231,22 @@ Object.defineProperties(exports, { configurable: false, enumerable: true, value: constants + }, + + // Aliases for randomBytes are deprecated. + // The ecosystem needs those to exist for backwards compatibility with + // ancient Node.js runtimes (0.10, 0.12). + prng: { + enumerable: false, + value: deprecate(randomBytes, 'crypto.prng is deprecated.', 'DEP00XX') + }, + pseudoRandomBytes: { + enumerable: false, + value: deprecate(randomBytes, + 'crypto.pseudoRandomBytes is deprecated.', 'DEP00XX') + }, + rng: { + enumerable: false, + value: deprecate(randomBytes, 'crypto.rng is deprecated.', 'DEP00XX') } }); diff --git a/test/parallel/test-crypto-random.js b/test/parallel/test-crypto-random.js index f00e474b6f2798..1fea70f0cac69f 100644 --- a/test/parallel/test-crypto-random.js +++ b/test/parallel/test-crypto-random.js @@ -35,6 +35,9 @@ const kMaxPossibleLength = Math.min(kMaxLength, kMaxUint32); // bump, we register a lot of exit listeners process.setMaxListeners(256); +common.expectWarning('DeprecationWarning', + 'crypto.pseudoRandomBytes is deprecated.', 'DEP00XX'); + { [crypto.randomBytes, crypto.pseudoRandomBytes].forEach((f) => { [undefined, null, false, true, {}, []].forEach((value) => { From 6282e34dbf4c752973ab15288df3036f1ec4b956 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20Nie=C3=9Fen?= Date: Mon, 27 Aug 2018 15:07:54 +0200 Subject: [PATCH 2/2] Address Trott's comment --- doc/api/deprecations.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/api/deprecations.md b/doc/api/deprecations.md index 6a8a781d7f487b..bc105302762974 100644 --- a/doc/api/deprecations.md +++ b/doc/api/deprecations.md @@ -1045,7 +1045,7 @@ of Node.js core and will be removed in the future. Type: Runtime In recent versions of Node.js, there is no difference between -[`crypto.randomBytes()`][] and `crypto.pseudoRandomBytes()`. The latter has been +[`crypto.randomBytes()`][] and `crypto.pseudoRandomBytes()`. The latter is deprecated along with the undocumented aliases `crypto.prng()` and `crypto.rng()` in favor of [`crypto.randomBytes()`][] and will be removed in a future release.