crypto: refactor the crypto module

* Split single monolithic file into multiple
* Make Certificate methods static
* Allow randomFill(Sync) to use any ArrayBufferView
* Use internal/errors throughout
* Improve arg validation in Hash/Hmac
* Doc updates

PR-URL: https://github.com/nodejs/node/pull/15231
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>

1 files changed, 320 insertions, 102 deletions

diff --git a/test/parallel/test-crypto-random.js b/test/parallel/test-crypto-random.js
index fb80e313ab..f5dad9d62a 100644
--- a/test/parallel/test-crypto-random.js
+++ b/test/parallel/test-crypto-random.js
@@ -33,15 +33,6 @@ crypto.DEFAULT_ENCODING = 'buffer';
 // bump, we register a lot of exit listeners
 process.setMaxListeners(256);
 
-const errMessages = {
-  offsetNotNumber: /^TypeError: offset must be a number$/,
-  offsetOutOfRange: /^RangeError: offset out of range$/,
-  offsetNotUInt32: /^TypeError: offset must be a uint32$/,
-  sizeNotNumber: /^TypeError: size must be a number$/,
-  sizeNotUInt32: /^TypeError: size must be a uint32$/,
-  bufferTooSmall: /^RangeError: buffer too small$/,
-};
-
 const expectedErrorRegexp = /^TypeError: size must be a number >= 0$/;
 [crypto.randomBytes, crypto.pseudoRandomBytes].forEach(function(f) {
   [-1, undefined, null, false, true, {}, []].forEach(function(value) {
@@ -75,6 +66,46 @@ const expectedErrorRegexp = /^TypeError: size must be a number >= 0$/;
 }
 
 {
+  const buf = new Uint16Array(10);
+  const before = Buffer.from(buf.buffer).toString('hex');
+  crypto.randomFillSync(buf);
+  const after = Buffer.from(buf.buffer).toString('hex');
+  assert.notStrictEqual(before, after);
+}
+
+{
+  const buf = new Uint32Array(10);
+  const before = Buffer.from(buf.buffer).toString('hex');
+  crypto.randomFillSync(buf);
+  const after = Buffer.from(buf.buffer).toString('hex');
+  assert.notStrictEqual(before, after);
+}
+
+{
+  const buf = new Float32Array(10);
+  const before = Buffer.from(buf.buffer).toString('hex');
+  crypto.randomFillSync(buf);
+  const after = Buffer.from(buf.buffer).toString('hex');
+  assert.notStrictEqual(before, after);
+}
+
+{
+  const buf = new Float64Array(10);
+  const before = Buffer.from(buf.buffer).toString('hex');
+  crypto.randomFillSync(buf);
+  const after = Buffer.from(buf.buffer).toString('hex');
+  assert.notStrictEqual(before, after);
+}
+
+{
+  const buf = new DataView(new ArrayBuffer(10));
+  const before = Buffer.from(buf.buffer).toString('hex');
+  crypto.randomFillSync(buf);
+  const after = Buffer.from(buf.buffer).toString('hex');
+  assert.notStrictEqual(before, after);
+}
+
+{
   const buf = Buffer.alloc(10);
   const before = buf.toString('hex');
   crypto.randomFill(buf, common.mustCall((err, buf) => {
@@ -95,6 +126,56 @@ const expectedErrorRegexp = /^TypeError: size must be a number >= 0$/;
 }
 
 {
+  const buf = new Uint16Array(10);
+  const before = Buffer.from(buf.buffer).toString('hex');
+  crypto.randomFill(buf, common.mustCall((err, buf) => {
+    assert.ifError(err);
+    const after = Buffer.from(buf.buffer).toString('hex');
+    assert.notStrictEqual(before, after);
+  }));
+}
+
+{
+  const buf = new Uint32Array(10);
+  const before = Buffer.from(buf.buffer).toString('hex');
+  crypto.randomFill(buf, common.mustCall((err, buf) => {
+    assert.ifError(err);
+    const after = Buffer.from(buf.buffer).toString('hex');
+    assert.notStrictEqual(before, after);
+  }));
+}
+
+{
+  const buf = new Float32Array(10);
+  const before = Buffer.from(buf.buffer).toString('hex');
+  crypto.randomFill(buf, common.mustCall((err, buf) => {
+    assert.ifError(err);
+    const after = Buffer.from(buf.buffer).toString('hex');
+    assert.notStrictEqual(before, after);
+  }));
+}
+
+{
+  const buf = new Float64Array(10);
+  const before = Buffer.from(buf.buffer).toString('hex');
+  crypto.randomFill(buf, common.mustCall((err, buf) => {
+    assert.ifError(err);
+    const after = Buffer.from(buf.buffer).toString('hex');
+    assert.notStrictEqual(before, after);
+  }));
+}
+
+{
+  const buf = new DataView(new ArrayBuffer(10));
+  const before = Buffer.from(buf.buffer).toString('hex');
+  crypto.randomFill(buf, common.mustCall((err, buf) => {
+    assert.ifError(err);
+    const after = Buffer.from(buf.buffer).toString('hex');
+    assert.notStrictEqual(before, after);
+  }));
+}
+
+{
   const buf = Buffer.alloc(10);
   const before = buf.toString('hex');
   crypto.randomFillSync(buf, 5, 5);
@@ -155,108 +236,228 @@ const expectedErrorRegexp = /^TypeError: size must be a number >= 0$/;
     const len = Buffer.byteLength(buf);
     assert.strictEqual(len, 10, `Expected byteLength of 10, got ${len}`);
 
-    assert.throws(() => {
-      crypto.randomFillSync(buf, 'test');
-    }, errMessages.offsetNotNumber);
-
-    assert.throws(() => {
-      crypto.randomFillSync(buf, NaN);
-    }, errMessages.offsetNotNumber);
-
-    assert.throws(() => {
-      crypto.randomFill(buf, 'test', common.mustNotCall());
-    }, errMessages.offsetNotNumber);
-
-    assert.throws(() => {
-      crypto.randomFill(buf, NaN, common.mustNotCall());
-    }, errMessages.offsetNotNumber);
-
-    assert.throws(() => {
-      crypto.randomFillSync(buf, 11);
-    }, errMessages.offsetOutOfRange);
-
-    assert.throws(() => {
-      crypto.randomFillSync(buf, max);
-    }, errMessages.offsetOutOfRange);
-
-    assert.throws(() => {
-      crypto.randomFill(buf, 11, common.mustNotCall());
-    }, errMessages.offsetOutOfRange);
-
-    assert.throws(() => {
-      crypto.randomFill(buf, max, common.mustNotCall());
-    }, errMessages.offsetOutOfRange);
-
-    assert.throws(() => {
-      crypto.randomFillSync(buf, 0, 'test');
-    }, errMessages.sizeNotNumber);
-
-    assert.throws(() => {
-      crypto.randomFillSync(buf, 0, NaN);
-    }, errMessages.sizeNotNumber);
-
-    assert.throws(() => {
-      crypto.randomFill(buf, 0, 'test', common.mustNotCall());
-    }, errMessages.sizeNotNumber);
-
-    assert.throws(() => {
-      crypto.randomFill(buf, 0, NaN, common.mustNotCall());
-    }, errMessages.sizeNotNumber);
+    common.expectsError(
+      () => crypto.randomFillSync(buf, 'test'),
+      {
+        code: 'ERR_INVALID_ARG_TYPE',
+        type: TypeError,
+        message: 'The "offset" argument must be of type number'
+      }
+    );
+
+    common.expectsError(
+      () => crypto.randomFillSync(buf, NaN),
+      {
+        code: 'ERR_INVALID_ARG_TYPE',
+        type: TypeError,
+        message: 'The "offset" argument must be of type number'
+      }
+    );
+
+    common.expectsError(
+      () => crypto.randomFill(buf, 'test', common.mustNotCall()),
+      {
+        code: 'ERR_INVALID_ARG_TYPE',
+        type: TypeError,
+        message: 'The "offset" argument must be of type number'
+      }
+    );
+
+    common.expectsError(
+      () => crypto.randomFill(buf, NaN, common.mustNotCall()),
+      {
+        code: 'ERR_INVALID_ARG_TYPE',
+        type: TypeError,
+        message: 'The "offset" argument must be of type number'
+      }
+    );
+
+    common.expectsError(
+      () => crypto.randomFillSync(buf, 11),
+      {
+        code: 'ERR_OUT_OF_RANGE',
+        type: RangeError,
+        message: 'The "offset" argument is out of range'
+      }
+    );
+
+    common.expectsError(
+      () => crypto.randomFillSync(buf, max),
+      {
+        code: 'ERR_OUT_OF_RANGE',
+        type: RangeError,
+        message: 'The "offset" argument is out of range'
+      }
+    );
+
+    common.expectsError(
+      () => crypto.randomFill(buf, 11, common.mustNotCall()),
+      {
+        code: 'ERR_OUT_OF_RANGE',
+        type: RangeError,
+        message: 'The "offset" argument is out of range'
+      }
+    );
+
+    common.expectsError(
+      () => crypto.randomFill(buf, max, common.mustNotCall()),
+      {
+        code: 'ERR_OUT_OF_RANGE',
+        type: RangeError,
+        message: 'The "offset" argument is out of range'
+      }
+    );
+
+    common.expectsError(
+      () => crypto.randomFillSync(buf, 0, 'test'),
+      {
+        code: 'ERR_INVALID_ARG_TYPE',
+        type: TypeError,
+        message: 'The "size" argument must be of type number'
+      }
+    );
+
+    common.expectsError(
+      () => crypto.randomFillSync(buf, 0, NaN),
+      {
+        code: 'ERR_INVALID_ARG_TYPE',
+        type: TypeError,
+        message: 'The "size" argument must be of type number'
+      }
+    );
+
+    common.expectsError(
+      () => crypto.randomFill(buf, 0, 'test', common.mustNotCall()),
+      {
+        code: 'ERR_INVALID_ARG_TYPE',
+        type: TypeError,
+        message: 'The "size" argument must be of type number'
+      }
+    );
+
+    common.expectsError(
+      () => crypto.randomFill(buf, 0, NaN, common.mustNotCall()),
+      {
+        code: 'ERR_INVALID_ARG_TYPE',
+        type: TypeError,
+        message: 'The "size" argument must be of type number'
+      }
+    );
 
     {
       const size = (-1 >>> 0) + 1;
 
-      assert.throws(() => {
-        crypto.randomFillSync(buf, 0, -10);
-      }, errMessages.sizeNotUInt32);
-
-      assert.throws(() => {
-        crypto.randomFillSync(buf, 0, size);
-      }, errMessages.sizeNotUInt32);
-
-      assert.throws(() => {
-        crypto.randomFill(buf, 0, -10, common.mustNotCall());
-      }, errMessages.sizeNotUInt32);
-
-      assert.throws(() => {
-        crypto.randomFill(buf, 0, size, common.mustNotCall());
-      }, errMessages.sizeNotUInt32);
+      common.expectsError(
+        () => crypto.randomFillSync(buf, 0, -10),
+        {
+          code: 'ERR_INVALID_ARG_TYPE',
+          type: TypeError,
+          message: 'The "size" argument must be of type uint32'
+        }
+      );
+
+      common.expectsError(
+        () => crypto.randomFillSync(buf, 0, size),
+        {
+          code: 'ERR_INVALID_ARG_TYPE',
+          type: TypeError,
+          message: 'The "size" argument must be of type uint32'
+        }
+      );
+
+      common.expectsError(
+        () => crypto.randomFill(buf, 0, -10, common.mustNotCall()),
+        {
+          code: 'ERR_INVALID_ARG_TYPE',
+          type: TypeError,
+          message: 'The "size" argument must be of type uint32'
+        }
+      );
+
+      common.expectsError(
+        () => crypto.randomFill(buf, 0, size, common.mustNotCall()),
+        {
+          code: 'ERR_INVALID_ARG_TYPE',
+          type: TypeError,
+          message: 'The "size" argument must be of type uint32'
+        }
+      );
     }
 
-    assert.throws(() => {
-      crypto.randomFillSync(buf, -10);
-    }, errMessages.offsetNotUInt32);
-
-    assert.throws(() => {
-      crypto.randomFill(buf, -10, common.mustNotCall());
-    }, errMessages.offsetNotUInt32);
-
-    assert.throws(() => {
-      crypto.randomFillSync(buf, 1, 10);
-    }, errMessages.bufferTooSmall);
-
-    assert.throws(() => {
-      crypto.randomFill(buf, 1, 10, common.mustNotCall());
-    }, errMessages.bufferTooSmall);
-
-    assert.throws(() => {
-      crypto.randomFillSync(buf, 0, 12);
-    }, errMessages.bufferTooSmall);
-
-    assert.throws(() => {
-      crypto.randomFill(buf, 0, 12, common.mustNotCall());
-    }, errMessages.bufferTooSmall);
+    common.expectsError(
+      () => crypto.randomFillSync(buf, -10),
+      {
+        code: 'ERR_INVALID_ARG_TYPE',
+        type: TypeError,
+        message: 'The "offset" argument must be of type uint32'
+      }
+    );
+
+    common.expectsError(
+      () => crypto.randomFill(buf, -10, common.mustNotCall()),
+      {
+        code: 'ERR_INVALID_ARG_TYPE',
+        type: TypeError,
+        message: 'The "offset" argument must be of type uint32'
+      }
+    );
+
+    common.expectsError(
+      () => crypto.randomFillSync(buf, 1, 10),
+      {
+        code: 'ERR_OUT_OF_RANGE',
+        type: RangeError,
+        message: 'The "size" argument is out of range'
+      }
+    );
+
+    common.expectsError(
+      () => crypto.randomFill(buf, 1, 10, common.mustNotCall()),
+      {
+        code: 'ERR_OUT_OF_RANGE',
+        type: RangeError,
+        message: 'The "size" argument is out of range'
+      }
+    );
+
+    common.expectsError(
+      () => crypto.randomFillSync(buf, 0, 12),
+      {
+        code: 'ERR_OUT_OF_RANGE',
+        type: RangeError,
+        message: 'The "size" argument is out of range'
+      }
+    );
+
+    common.expectsError(
+      () => crypto.randomFill(buf, 0, 12, common.mustNotCall()),
+      {
+        code: 'ERR_OUT_OF_RANGE',
+        type: RangeError,
+        message: 'The "size" argument is out of range'
+      }
+    );
 
     {
       // Offset is too big
       const offset = (-1 >>> 0) + 1;
-      assert.throws(() => {
-        crypto.randomFillSync(buf, offset, 10);
-      }, errMessages.offsetNotUInt32);
-
-      assert.throws(() => {
-        crypto.randomFill(buf, offset, 10, common.mustNotCall());
-      }, errMessages.offsetNotUInt32);
+      common.expectsError(
+        () => crypto.randomFillSync(buf, offset, 10),
+        {
+          code: 'ERR_INVALID_ARG_TYPE',
+          type: TypeError,
+          message: 'The "offset" argument must be of type uint32'
+        }
+      );
+
+      common.expectsError(
+        () => crypto.randomFill(buf, offset, 10, common.mustNotCall()),
+        {
+          code: 'ERR_INVALID_ARG_TYPE',
+          type: TypeError,
+          message: 'The "offset" argument must be of type uint32'
+        }
+      );
     }
   }
 }
@@ -265,4 +466,21 @@ const expectedErrorRegexp = /^TypeError: size must be a number >= 0$/;
 // length exceeds max acceptable value"
 assert.throws(function() {
   crypto.randomBytes((-1 >>> 0) + 1);
-}, errMessages.sizeNotUInt32);
+}, /^TypeError: size must be a uint32$/);
+
+[1, true, NaN, null, undefined, {}, []].forEach((i) => {
+  common.expectsError(
+    () => crypto.randomFillSync(i),
+    {
+      code: 'ERR_INVALID_ARG_TYPE',
+      type: TypeError
+    }
+  );
+  common.expectsError(
+    () => crypto.randomFill(i, common.mustNotCall()),
+    {
+      code: 'ERR_INVALID_ARG_TYPE',
+      type: TypeError
+    }
+  );
+});