// Copyright Joyent, Inc. and other Node contributors. // // Permission is hereby granted, free of charge, to any person obtaining a // copy of this software and associated documentation files (the // "Software"), to deal in the Software without restriction, including // without limitation the rights to use, copy, modify, merge, publish, // distribute, sublicense, and/or sell copies of the Software, and to permit // persons to whom the Software is furnished to do so, subject to the // following conditions: // // The above copyright notice and this permission notice shall be included // in all copies or substantial portions of the Software. // // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS // OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN // NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, // DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE // USE OR OTHER DEALINGS IN THE SOFTWARE. #ifndef SRC_NODE_CRYPTO_H_ #define SRC_NODE_CRYPTO_H_ #if defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS // ClientHelloParser #include "node_crypto_clienthello.h" #include "env.h" #include "base_object.h" #include "util.h" #include "v8.h" #include #include namespace node { namespace crypto { // Forcibly clear OpenSSL's error stack on return. This stops stale errors // from popping up later in the lifecycle of crypto operations where they // would cause spurious failures. It's a rather blunt method, though. // ERR_clear_error() isn't necessarily cheap either. struct ClearErrorOnReturn { ~ClearErrorOnReturn() { ERR_clear_error(); } }; // Pop errors from OpenSSL's error stack that were added // between when this was constructed and destructed. struct MarkPopErrorOnReturn { MarkPopErrorOnReturn() { ERR_set_mark(); } ~MarkPopErrorOnReturn() { ERR_pop_to_mark(); } }; // Define smart pointers for the most commonly used OpenSSL types: using X509Pointer = DeleteFnPtr; using BIOPointer = DeleteFnPtr; using SSLCtxPointer = DeleteFnPtr; using SSLSessionPointer = DeleteFnPtr; using SSLPointer = DeleteFnPtr; using PKCS8Pointer = DeleteFnPtr; using EVPKeyPointer = DeleteFnPtr; using EVPKeyCtxPointer = DeleteFnPtr; using EVPMDPointer = DeleteFnPtr; using RSAPointer = DeleteFnPtr; using ECPointer = DeleteFnPtr; using BignumPointer = DeleteFnPtr; using NetscapeSPKIPointer = DeleteFnPtr; using ECGroupPointer = DeleteFnPtr; using ECPointPointer = DeleteFnPtr; using ECKeyPointer = DeleteFnPtr; using DHPointer = DeleteFnPtr; using ECDSASigPointer = DeleteFnPtr; extern int VerifyCallback(int preverify_ok, X509_STORE_CTX* ctx); extern void UseExtraCaCerts(const std::string& file); void InitCryptoOnce(); class SecureContext : public BaseObject { public: ~SecureContext() override { Reset(); } static void Initialize(Environment* env, v8::Local target); // TODO(joyeecheung): track the memory used by OpenSSL types SET_NO_MEMORY_INFO() SET_MEMORY_INFO_NAME(SecureContext) SET_SELF_SIZE(SecureContext) SSLCtxPointer ctx_; X509Pointer cert_; X509Pointer issuer_; #ifndef OPENSSL_NO_ENGINE bool client_cert_engine_provided_ = false; std::unique_ptr> private_key_engine_; #endif // !OPENSSL_NO_ENGINE static const int kMaxSessionSize = 10 * 1024; // See TicketKeyCallback static const int kTicketKeyReturnIndex = 0; static const int kTicketKeyHMACIndex = 1; static const int kTicketKeyAESIndex = 2; static const int kTicketKeyNameIndex = 3; static const int kTicketKeyIVIndex = 4; unsigned char ticket_key_name_[16]; unsigned char ticket_key_aes_[16]; unsigned char ticket_key_hmac_[16]; protected: // OpenSSL structures are opaque. This is sizeof(SSL_CTX) for OpenSSL 1.1.1b: static const int64_t kExternalSize = 1024; static void New(const v8::FunctionCallbackInfo& args); static void Init(const v8::FunctionCallbackInfo& args); static void SetKey(const v8::FunctionCallbackInfo& args); #ifndef OPENSSL_NO_ENGINE static void SetEngineKey(const v8::FunctionCallbackInfo& args); #endif // !OPENSSL_NO_ENGINE static void SetCert(const v8::FunctionCallbackInfo& args); static void AddCACert(const v8::FunctionCallbackInfo& args); static void AddCRL(const v8::FunctionCallbackInfo& args); static void AddRootCerts(const v8::FunctionCallbackInfo& args); static void SetCipherSuites(const v8::FunctionCallbackInfo& args); static void SetCiphers(const v8::FunctionCallbackInfo& args); static void SetSigalgs(const v8::FunctionCallbackInfo& args); static void SetECDHCurve(const v8::FunctionCallbackInfo& args); static void SetDHParam(const v8::FunctionCallbackInfo& args); static void SetOptions(const v8::FunctionCallbackInfo& args); static void SetSessionIdContext( const v8::FunctionCallbackInfo& args); static void SetSessionTimeout( const v8::FunctionCallbackInfo& args); static void SetMinProto(const v8::FunctionCallbackInfo& args); static void SetMaxProto(const v8::FunctionCallbackInfo& args); static void GetMinProto(const v8::FunctionCallbackInfo& args); static void GetMaxProto(const v8::FunctionCallbackInfo& args); static void Close(const v8::FunctionCallbackInfo& args); static void LoadPKCS12(const v8::FunctionCallbackInfo& args); #ifndef OPENSSL_NO_ENGINE static void SetClientCertEngine( const v8::FunctionCallbackInfo& args); #endif // !OPENSSL_NO_ENGINE static void GetTicketKeys(const v8::FunctionCallbackInfo& args); static void SetTicketKeys(const v8::FunctionCallbackInfo& args); static void SetFreeListLength( const v8::FunctionCallbackInfo& args); static void EnableTicketKeyCallback( const v8::FunctionCallbackInfo& args); static void CtxGetter(const v8::FunctionCallbackInfo& info); template static void GetCertificate(const v8::FunctionCallbackInfo& args); static int TicketKeyCallback(SSL* ssl, unsigned char* name, unsigned char* iv, EVP_CIPHER_CTX* ectx, HMAC_CTX* hctx, int enc); static int TicketCompatibilityCallback(SSL* ssl, unsigned char* name, unsigned char* iv, EVP_CIPHER_CTX* ectx, HMAC_CTX* hctx, int enc); SecureContext(Environment* env, v8::Local wrap) : BaseObject(env, wrap) { MakeWeak(); env->isolate()->AdjustAmountOfExternalAllocatedMemory(kExternalSize); } inline void Reset() { if (ctx_ != nullptr) { env()->isolate()->AdjustAmountOfExternalAllocatedMemory(-kExternalSize); } ctx_.reset(); cert_.reset(); issuer_.reset(); } }; // SSLWrap implicitly depends on the inheriting class' handle having an // internal pointer to the Base class. template class SSLWrap { public: enum Kind { kClient, kServer }; SSLWrap(Environment* env, SecureContext* sc, Kind kind) : env_(env), kind_(kind), next_sess_(nullptr), session_callbacks_(false), awaiting_new_session_(false), cert_cb_(nullptr), cert_cb_arg_(nullptr), cert_cb_running_(false) { ssl_.reset(SSL_new(sc->ctx_.get())); CHECK(ssl_); env_->isolate()->AdjustAmountOfExternalAllocatedMemory(kExternalSize); } virtual ~SSLWrap() { DestroySSL(); } inline void enable_session_callbacks() { session_callbacks_ = true; } inline bool is_server() const { return kind_ == kServer; } inline bool is_client() const { return kind_ == kClient; } inline bool is_awaiting_new_session() const { return awaiting_new_session_; } inline bool is_waiting_cert_cb() const { return cert_cb_ != nullptr; } void MemoryInfo(MemoryTracker* tracker) const; protected: typedef void (*CertCb)(void* arg); // OpenSSL structures are opaque. Estimate SSL memory size for OpenSSL 1.1.1b: // SSL: 6224 // SSL->SSL3_STATE: 1040 // ...some buffers: 42 * 1024 // NOTE: Actually it is much more than this static const int64_t kExternalSize = 6224 + 1040 + 42 * 1024; static void ConfigureSecureContext(SecureContext* sc); static void AddMethods(Environment* env, v8::Local t); static SSL_SESSION* GetSessionCallback(SSL* s, const unsigned char* key, int len, int* copy); static int NewSessionCallback(SSL* s, SSL_SESSION* sess); static void KeylogCallback(const SSL* s, const char* line); static void OnClientHello(void* arg, const ClientHelloParser::ClientHello& hello); static void GetPeerCertificate( const v8::FunctionCallbackInfo& args); static void GetCertificate(const v8::FunctionCallbackInfo& args); static void GetFinished(const v8::FunctionCallbackInfo& args); static void GetPeerFinished(const v8::FunctionCallbackInfo& args); static void GetSession(const v8::FunctionCallbackInfo& args); static void SetSession(const v8::FunctionCallbackInfo& args); static void LoadSession(const v8::FunctionCallbackInfo& args); static void IsSessionReused(const v8::FunctionCallbackInfo& args); static void VerifyError(const v8::FunctionCallbackInfo& args); static void GetCipher(const v8::FunctionCallbackInfo& args); static void GetSharedSigalgs(const v8::FunctionCallbackInfo& args); static void EndParser(const v8::FunctionCallbackInfo& args); static void CertCbDone(const v8::FunctionCallbackInfo& args); static void Renegotiate(const v8::FunctionCallbackInfo& args); static void GetTLSTicket(const v8::FunctionCallbackInfo& args); static void NewSessionDone(const v8::FunctionCallbackInfo& args); static void SetOCSPResponse(const v8::FunctionCallbackInfo& args); static void RequestOCSP(const v8::FunctionCallbackInfo& args); static void GetEphemeralKeyInfo( const v8::FunctionCallbackInfo& args); static void GetProtocol(const v8::FunctionCallbackInfo& args); #ifdef SSL_set_max_send_fragment static void SetMaxSendFragment( const v8::FunctionCallbackInfo& args); #endif // SSL_set_max_send_fragment static void GetALPNNegotiatedProto( const v8::FunctionCallbackInfo& args); static void SetALPNProtocols(const v8::FunctionCallbackInfo& args); static int SelectALPNCallback(SSL* s, const unsigned char** out, unsigned char* outlen, const unsigned char* in, unsigned int inlen, void* arg); static int TLSExtStatusCallback(SSL* s, void* arg); static int SSLCertCallback(SSL* s, void* arg); void DestroySSL(); void WaitForCertCb(CertCb cb, void* arg); int SetCACerts(SecureContext* sc); inline Environment* ssl_env() const { return env_; } Environment* const env_; Kind kind_; SSLSessionPointer next_sess_; SSLPointer ssl_; bool session_callbacks_; bool awaiting_new_session_; // SSL_set_cert_cb CertCb cert_cb_; void* cert_cb_arg_; bool cert_cb_running_; ClientHelloParser hello_parser_; v8::Global ocsp_response_; BaseObjectPtr sni_context_; friend class SecureContext; }; // A helper class representing a read-only byte array. When deallocated, its // contents are zeroed. class ByteSource { public: ByteSource() = default; ByteSource(ByteSource&& other); ~ByteSource(); ByteSource& operator=(ByteSource&& other); const char* get() const; size_t size() const; inline operator bool() const { return data_ != nullptr; } static ByteSource Allocated(char* data, size_t size); static ByteSource Foreign(const char* data, size_t size); static ByteSource FromStringOrBuffer(Environment* env, v8::Local value); static ByteSource FromString(Environment* env, v8::Local str, bool ntc = false); static ByteSource FromBuffer(v8::Local buffer, bool ntc = false); static ByteSource NullTerminatedCopy(Environment* env, v8::Local value); static ByteSource FromSymmetricKeyObject(v8::Local handle); ByteSource(const ByteSource&) = delete; ByteSource& operator=(const ByteSource&) = delete; private: const char* data_ = nullptr; char* allocated_data_ = nullptr; size_t size_ = 0; ByteSource(const char* data, char* allocated_data, size_t size); }; enum PKEncodingType { // RSAPublicKey / RSAPrivateKey according to PKCS#1. kKeyEncodingPKCS1, // PrivateKeyInfo or EncryptedPrivateKeyInfo according to PKCS#8. kKeyEncodingPKCS8, // SubjectPublicKeyInfo according to X.509. kKeyEncodingSPKI, // ECPrivateKey according to SEC1. kKeyEncodingSEC1 }; enum PKFormatType { kKeyFormatDER, kKeyFormatPEM }; struct AsymmetricKeyEncodingConfig { bool output_key_object_; PKFormatType format_; v8::Maybe type_ = v8::Nothing(); }; typedef AsymmetricKeyEncodingConfig PublicKeyEncodingConfig; struct PrivateKeyEncodingConfig : public AsymmetricKeyEncodingConfig { const EVP_CIPHER* cipher_; ByteSource passphrase_; }; enum KeyType { kKeyTypeSecret, kKeyTypePublic, kKeyTypePrivate }; // This uses the built-in reference counter of OpenSSL to manage an EVP_PKEY // which is slightly more efficient than using a shared pointer and easier to // use. class ManagedEVPPKey { public: ManagedEVPPKey() = default; explicit ManagedEVPPKey(EVPKeyPointer&& pkey); ManagedEVPPKey(const ManagedEVPPKey& that); ManagedEVPPKey& operator=(const ManagedEVPPKey& that); operator bool() const; EVP_PKEY* get() const; private: EVPKeyPointer pkey_; }; class KeyObject : public BaseObject { public: static v8::Local Initialize(Environment* env, v8::Local target); static v8::MaybeLocal Create(Environment* env, KeyType type, const ManagedEVPPKey& pkey); // TODO(tniessen): track the memory used by OpenSSL types SET_NO_MEMORY_INFO() SET_MEMORY_INFO_NAME(KeyObject) SET_SELF_SIZE(KeyObject) KeyType GetKeyType() const; // These functions allow unprotected access to the raw key material and should // only be used to implement cryptograohic operations requiring the key. ManagedEVPPKey GetAsymmetricKey() const; const char* GetSymmetricKey() const; size_t GetSymmetricKeySize() const; protected: static void New(const v8::FunctionCallbackInfo& args); static void Init(const v8::FunctionCallbackInfo& args); void InitSecret(v8::Local abv); void InitPublic(const ManagedEVPPKey& pkey); void InitPrivate(const ManagedEVPPKey& pkey); static void GetAsymmetricKeyType( const v8::FunctionCallbackInfo& args); v8::Local GetAsymmetricKeyType() const; static void GetSymmetricKeySize( const v8::FunctionCallbackInfo& args); static void Export(const v8::FunctionCallbackInfo& args); v8::Local ExportSecretKey() const; v8::MaybeLocal ExportPublicKey( const PublicKeyEncodingConfig& config) const; v8::MaybeLocal ExportPrivateKey( const PrivateKeyEncodingConfig& config) const; KeyObject(Environment* env, v8::Local wrap, KeyType key_type) : BaseObject(env, wrap), key_type_(key_type), symmetric_key_(nullptr, nullptr) { MakeWeak(); } private: const KeyType key_type_; std::unique_ptr> symmetric_key_; unsigned int symmetric_key_len_; ManagedEVPPKey asymmetric_key_; }; class CipherBase : public BaseObject { public: static void Initialize(Environment* env, v8::Local target); // TODO(joyeecheung): track the memory used by OpenSSL types SET_NO_MEMORY_INFO() SET_MEMORY_INFO_NAME(CipherBase) SET_SELF_SIZE(CipherBase) protected: enum CipherKind { kCipher, kDecipher }; enum UpdateResult { kSuccess, kErrorMessageSize, kErrorState }; enum AuthTagState { kAuthTagUnknown, kAuthTagKnown, kAuthTagPassedToOpenSSL }; static const unsigned kNoAuthTagLength = static_cast(-1); void CommonInit(const char* cipher_type, const EVP_CIPHER* cipher, const unsigned char* key, int key_len, const unsigned char* iv, int iv_len, unsigned int auth_tag_len); void Init(const char* cipher_type, const char* key_buf, int key_buf_len, unsigned int auth_tag_len); void InitIv(const char* cipher_type, const unsigned char* key, int key_len, const unsigned char* iv, int iv_len, unsigned int auth_tag_len); bool InitAuthenticated(const char* cipher_type, int iv_len, unsigned int auth_tag_len); bool CheckCCMMessageLength(int message_len); UpdateResult Update(const char* data, int len, AllocatedBuffer* out); bool Final(AllocatedBuffer* out); bool SetAutoPadding(bool auto_padding); bool IsAuthenticatedMode() const; bool SetAAD(const char* data, unsigned int len, int plaintext_len); bool MaybePassAuthTagToOpenSSL(); static void New(const v8::FunctionCallbackInfo& args); static void Init(const v8::FunctionCallbackInfo& args); static void InitIv(const v8::FunctionCallbackInfo& args); static void Update(const v8::FunctionCallbackInfo& args); static void Final(const v8::FunctionCallbackInfo& args); static void SetAutoPadding(const v8::FunctionCallbackInfo& args); static void GetAuthTag(const v8::FunctionCallbackInfo& args); static void SetAuthTag(const v8::FunctionCallbackInfo& args); static void SetAAD(const v8::FunctionCallbackInfo& args); CipherBase(Environment* env, v8::Local wrap, CipherKind kind) : BaseObject(env, wrap), ctx_(nullptr), kind_(kind), auth_tag_state_(kAuthTagUnknown), auth_tag_len_(kNoAuthTagLength), pending_auth_failed_(false) { MakeWeak(); } private: DeleteFnPtr ctx_; const CipherKind kind_; AuthTagState auth_tag_state_; unsigned int auth_tag_len_; char auth_tag_[EVP_GCM_TLS_TAG_LEN]; bool pending_auth_failed_; int max_message_size_; }; class Hmac : public BaseObject { public: static void Initialize(Environment* env, v8::Local target); // TODO(joyeecheung): track the memory used by OpenSSL types SET_NO_MEMORY_INFO() SET_MEMORY_INFO_NAME(Hmac) SET_SELF_SIZE(Hmac) protected: void HmacInit(const char* hash_type, const char* key, int key_len); bool HmacUpdate(const char* data, int len); static void New(const v8::FunctionCallbackInfo& args); static void HmacInit(const v8::FunctionCallbackInfo& args); static void HmacUpdate(const v8::FunctionCallbackInfo& args); static void HmacDigest(const v8::FunctionCallbackInfo& args); Hmac(Environment* env, v8::Local wrap) : BaseObject(env, wrap), ctx_(nullptr) { MakeWeak(); } private: DeleteFnPtr ctx_; }; class Hash : public BaseObject { public: static void Initialize(Environment* env, v8::Local target); // TODO(joyeecheung): track the memory used by OpenSSL types SET_NO_MEMORY_INFO() SET_MEMORY_INFO_NAME(Hash) SET_SELF_SIZE(Hash) bool HashInit(const EVP_MD* md, v8::Maybe xof_md_len); bool HashUpdate(const char* data, int len); protected: static void New(const v8::FunctionCallbackInfo& args); static void HashUpdate(const v8::FunctionCallbackInfo& args); static void HashDigest(const v8::FunctionCallbackInfo& args); Hash(Environment* env, v8::Local wrap) : BaseObject(env, wrap), mdctx_(nullptr), has_md_(false), md_value_(nullptr) { MakeWeak(); } ~Hash() override { if (md_value_ != nullptr) OPENSSL_clear_free(md_value_, md_len_); } private: EVPMDPointer mdctx_; bool has_md_; unsigned int md_len_; unsigned char* md_value_; }; class SignBase : public BaseObject { public: typedef enum { kSignOk, kSignUnknownDigest, kSignInit, kSignNotInitialised, kSignUpdate, kSignPrivateKey, kSignPublicKey, kSignMalformedSignature } Error; SignBase(Environment* env, v8::Local wrap) : BaseObject(env, wrap) { } Error Init(const char* sign_type); Error Update(const char* data, int len); // TODO(joyeecheung): track the memory used by OpenSSL types SET_NO_MEMORY_INFO() SET_MEMORY_INFO_NAME(SignBase) SET_SELF_SIZE(SignBase) protected: void CheckThrow(Error error); EVPMDPointer mdctx_; }; enum DSASigEnc { kSigEncDER, kSigEncP1363 }; class Sign : public SignBase { public: static void Initialize(Environment* env, v8::Local target); struct SignResult { Error error; AllocatedBuffer signature; explicit SignResult( Error err, AllocatedBuffer&& sig = AllocatedBuffer()) : error(err), signature(std::move(sig)) {} }; SignResult SignFinal( const ManagedEVPPKey& pkey, int padding, const v8::Maybe& saltlen, DSASigEnc dsa_sig_enc); protected: static void New(const v8::FunctionCallbackInfo& args); static void SignInit(const v8::FunctionCallbackInfo& args); static void SignUpdate(const v8::FunctionCallbackInfo& args); static void SignFinal(const v8::FunctionCallbackInfo& args); Sign(Environment* env, v8::Local wrap) : SignBase(env, wrap) { MakeWeak(); } }; class Verify : public SignBase { public: static void Initialize(Environment* env, v8::Local target); Error VerifyFinal(const ManagedEVPPKey& key, const char* sig, int siglen, int padding, const v8::Maybe& saltlen, bool* verify_result); protected: static void New(const v8::FunctionCallbackInfo& args); static void VerifyInit(const v8::FunctionCallbackInfo& args); static void VerifyUpdate(const v8::FunctionCallbackInfo& args); static void VerifyFinal(const v8::FunctionCallbackInfo& args); Verify(Environment* env, v8::Local wrap) : SignBase(env, wrap) { MakeWeak(); } }; class PublicKeyCipher { public: typedef int (*EVP_PKEY_cipher_init_t)(EVP_PKEY_CTX* ctx); typedef int (*EVP_PKEY_cipher_t)(EVP_PKEY_CTX* ctx, unsigned char* out, size_t* outlen, const unsigned char* in, size_t inlen); enum Operation { kPublic, kPrivate }; template static bool Cipher(Environment* env, const ManagedEVPPKey& pkey, int padding, const EVP_MD* digest, const void* oaep_label, size_t oaep_label_size, const unsigned char* data, int len, AllocatedBuffer* out); template static void Cipher(const v8::FunctionCallbackInfo& args); }; class DiffieHellman : public BaseObject { public: static void Initialize(Environment* env, v8::Local target); bool Init(int primeLength, int g); bool Init(const char* p, int p_len, int g); bool Init(const char* p, int p_len, const char* g, int g_len); protected: static void DiffieHellmanGroup( const v8::FunctionCallbackInfo& args); static void New(const v8::FunctionCallbackInfo& args); static void GenerateKeys(const v8::FunctionCallbackInfo& args); static void GetPrime(const v8::FunctionCallbackInfo& args); static void GetGenerator(const v8::FunctionCallbackInfo& args); static void GetPublicKey(const v8::FunctionCallbackInfo& args); static void GetPrivateKey(const v8::FunctionCallbackInfo& args); static void ComputeSecret(const v8::FunctionCallbackInfo& args); static void SetPublicKey(const v8::FunctionCallbackInfo& args); static void SetPrivateKey(const v8::FunctionCallbackInfo& args); static void VerifyErrorGetter( const v8::FunctionCallbackInfo& args); DiffieHellman(Environment* env, v8::Local wrap) : BaseObject(env, wrap), verifyError_(0) { MakeWeak(); } // TODO(joyeecheung): track the memory used by OpenSSL types SET_NO_MEMORY_INFO() SET_MEMORY_INFO_NAME(DiffieHellman) SET_SELF_SIZE(DiffieHellman) private: static void GetField(const v8::FunctionCallbackInfo& args, const BIGNUM* (*get_field)(const DH*), const char* err_if_null); static void SetKey(const v8::FunctionCallbackInfo& args, int (*set_field)(DH*, BIGNUM*), const char* what); bool VerifyContext(); int verifyError_; DHPointer dh_; }; class ECDH : public BaseObject { public: ~ECDH() override { group_ = nullptr; } static void Initialize(Environment* env, v8::Local target); static ECPointPointer BufferToPoint(Environment* env, const EC_GROUP* group, v8::Local buf); // TODO(joyeecheung): track the memory used by OpenSSL types SET_NO_MEMORY_INFO() SET_MEMORY_INFO_NAME(ECDH) SET_SELF_SIZE(ECDH) protected: ECDH(Environment* env, v8::Local wrap, ECKeyPointer&& key) : BaseObject(env, wrap), key_(std::move(key)), group_(EC_KEY_get0_group(key_.get())) { MakeWeak(); CHECK_NOT_NULL(group_); } static void New(const v8::FunctionCallbackInfo& args); static void GenerateKeys(const v8::FunctionCallbackInfo& args); static void ComputeSecret(const v8::FunctionCallbackInfo& args); static void GetPrivateKey(const v8::FunctionCallbackInfo& args); static void SetPrivateKey(const v8::FunctionCallbackInfo& args); static void GetPublicKey(const v8::FunctionCallbackInfo& args); static void SetPublicKey(const v8::FunctionCallbackInfo& args); bool IsKeyPairValid(); bool IsKeyValidForCurve(const BignumPointer& private_key); ECKeyPointer key_; const EC_GROUP* group_; }; bool EntropySource(unsigned char* buffer, size_t length); #ifndef OPENSSL_NO_ENGINE void SetEngine(const v8::FunctionCallbackInfo& args); #endif // !OPENSSL_NO_ENGINE void InitCrypto(v8::Local target); } // namespace crypto } // namespace node #endif // defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS #endif // SRC_NODE_CRYPTO_H_