crypto: runtime-deprecate calling hmac.digest() multiple times#63800
Open
algojogacor wants to merge 1 commit into
Open
crypto: runtime-deprecate calling hmac.digest() multiple times#63800algojogacor wants to merge 1 commit into
algojogacor wants to merge 1 commit into
Conversation
Collaborator
|
Review requested:
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This is an independent contribution and is not associated with any hackathon or competition.
Summary
Runtime-deprecate calling
hmac.digest()multiple times without re-initialization. UnlikeHash.prototype.digest()which throwsERR_CRYPTO_HASH_FINALIZEDon second call,Hmac.prototype.digest()silently returned an empty buffer, creating a potential security footgun.Root Cause
The
Hmac.prototype.digest()method did not emit any deprecation warning when called after the HMAC instance was already finalized. Instead, it silently returned an emptyBuffer. This behavior differs fromHash.prototype.digest()which throws an error, and creates a security risk where callers may inadvertently reuse the same HMAC instance thinking it produces valid output.Fix
Added a runtime deprecation warning (DEP0208) that emits when
Hmac.prototype.digest()is called after the HMAC instance has already been finalized. The existing behavior (returning empty buffer) is preserved for backward compatibility. In a future version, this will throw an error matching the behavior ofHash.prototype.digest().Testing
Existing tests in
test/parallel/test-crypto-hmac.jsthat call.digest()multiple times continue to pass. The deprecation warning is emitted to stderr but does not change return values, maintaining backward compatibility.Closes #62838