crypto: simplify using pre-existing keys with ECDH

These changes simplify using ECDH with private keys that are not
dynamically generated with ECDH.generateKeys.

Support for computing the public key corresponding to the given private
key was added. Validity checks to reduce the possibility of computing
a weak or invalid shared secret were also added.

Finally, ECDH.setPublicKey was softly deprecated.

PR-URL: https://github.com/nodejs/node/pull/3511
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>

1 files changed, 3 insertions, 2 deletions

diff --git a/src/node_crypto.h b/src/node_crypto.h
index beeb2fb445..d3d66e32dd 100644
--- a/src/node_crypto.h
+++ b/src/node_crypto.h
@@ -693,7 +693,6 @@ class ECDH : public BaseObject {
  protected:
   ECDH(Environment* env, v8::Local<v8::Object> wrap, EC_KEY* key)
       : BaseObject(env, wrap),
-        generated_(false),
         key_(key),
         group_(EC_KEY_get0_group(key_)) {
     MakeWeak<ECDH>(this);
@@ -710,7 +709,9 @@ class ECDH : public BaseObject {
 
   EC_POINT* BufferToPoint(char* data, size_t len);
 
-  bool generated_;
+  bool IsKeyPairValid();
+  bool IsKeyValidForCurve(const BIGNUM* private_key);
+
   EC_KEY* key_;
   const EC_GROUP* group_;
 };