meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs/0003-Crypto-reduce-memory-usage-of-SignFinal.patch - openbmc/openbmc - Gitiles

 From 20282b1cb0389553421c4c5b14de198c5dfff50b Mon Sep 17 00:00:00 2001
 From: Anna Henningsen <anna@addaleax.net>
 Date: Sat, 20 Oct 2018 05:24:54 +0200
 Subject: [PATCH] src: use more explicit return type in Sign::SignFinal()
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit

 Using the non-indexed variant of `std::get<>` broke Travis CI.
 Also, this allows us to be a bit more concise when returning
 from `SignFinal()` due to some error condition.

 Refs: https://github.com/nodejs/node/pull/23427

 PR-URL: https://github.com/nodejs/node/pull/23779
 Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
 Reviewed-By: Tobias Nießen <tniessen@tnie.de>
 Reviewed-By: Refael Ackermann <refack@gmail.com>
 Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
 ---
  src/node_crypto.cc | 23 +++++++++++------------
  src/node_crypto.h  | 12 +++++++++++-
  2 files changed, 22 insertions(+), 13 deletions(-)

 diff --git a/src/node_crypto.cc b/src/node_crypto.cc
 index bd8d9e032554..ec7d4f2bb5be 100644
 --- a/src/node_crypto.cc
 +++ b/src/node_crypto.cc
 @@ -3562,22 +3562,20 @@ static MallocedBuffer<unsigned char> Node_SignFinal(EVPMDPointer&& mdctx,
    return MallocedBuffer<unsigned char>();
  }

 -std::pair<SignBase::Error, MallocedBuffer<unsigned char>> Sign::SignFinal(
 +Sign::SignResult Sign::SignFinal(
      const char* key_pem,
      int key_pem_len,
      const char* passphrase,
      int padding,
      int salt_len) {
 -  MallocedBuffer<unsigned char> buffer;
 -
    if (!mdctx_)
 -    return std::make_pair(kSignNotInitialised, std::move(buffer));
 +    return SignResult(kSignNotInitialised);

    EVPMDPointer mdctx = std::move(mdctx_);

    BIOPointer bp(BIO_new_mem_buf(const_cast<char*>(key_pem), key_pem_len));
    if (!bp)
 -    return std::make_pair(kSignPrivateKey, std::move(buffer));
 +    return SignResult(kSignPrivateKey);

    EVPKeyPointer pkey(PEM_read_bio_PrivateKey(bp.get(),
                                               nullptr,
 @@ -3588,7 +3586,7 @@ std::pair<SignBase::Error, MallocedBuffer<unsigned char>> Sign::SignFinal(
    // without `pkey` being set to nullptr;
    // cf. the test of `test_bad_rsa_privkey.pem` for an example.
    if (!pkey || 0 != ERR_peek_error())
 -    return std::make_pair(kSignPrivateKey, std::move(buffer));
 +    return SignResult(kSignPrivateKey);

  #ifdef NODE_FIPS_MODE
    /* Validate DSA2 parameters from FIPS 186-4 */
 @@ -3612,9 +3610,10 @@ std::pair<SignBase::Error, MallocedBuffer<unsigned char>> Sign::SignFinal(
    }
  #endif  // NODE_FIPS_MODE

 -  buffer = Node_SignFinal(std::move(mdctx), pkey, padding, salt_len);
 +  MallocedBuffer<unsigned char> buffer =
 +      Node_SignFinal(std::move(mdctx), pkey, padding, salt_len);
    Error error = buffer.is_empty() ? kSignPrivateKey : kSignOk;
 -  return std::make_pair(error, std::move(buffer));
 +  return SignResult(error, std::move(buffer));
  }


 @@ -3639,18 +3638,18 @@ void Sign::SignFinal(const FunctionCallbackInfo<Value>& args) {

    ClearErrorOnReturn clear_error_on_return;

 -  std::pair<Error, MallocedBuffer<unsigned char>> ret = sign->SignFinal(
 +  SignResult ret = sign->SignFinal(
        buf,
        buf_len,
        len >= 2 && !args[1]->IsNull() ? *passphrase : nullptr,
        padding,
        salt_len);

 -  if (std::get<Error>(ret) != kSignOk)
 -    return sign->CheckThrow(std::get<Error>(ret));
 +  if (ret.error != kSignOk)
 +    return sign->CheckThrow(ret.error);

    MallocedBuffer<unsigned char> sig =
 -      std::move(std::get<MallocedBuffer<unsigned char>>(ret));
 +      std::move(ret.signature);

    Local<Object> rc =
        Buffer::New(env, reinterpret_cast<char*>(sig.release()), sig.size)
 diff --git a/src/node_crypto.h b/src/node_crypto.h
 index 6fcf737f6c43..0c26c1f6ff1d 100644
 --- a/src/node_crypto.h
 +++ b/src/node_crypto.h
 @@ -518,7 +518,17 @@ class Sign : public SignBase {
   public:
    static void Initialize(Environment* env, v8::Local<v8::Object> target);

 -  std::pair<Error, MallocedBuffer<unsigned char>> SignFinal(
 +  struct SignResult {
 +    Error error;
 +    MallocedBuffer<unsigned char> signature;
 +
 +    explicit SignResult(
 +        Error err,
 +        MallocedBuffer<unsigned char>&& sig = MallocedBuffer<unsigned char>())
 +      : error(err), signature(std::move(sig)) {}
 +  };
 +
 +  SignResult SignFinal(
        const char* key_pem,
        int key_pem_len,
        const char* passphrase,
	From 20282b1cb0389553421c4c5b14de198c5dfff50b Mon Sep 17 00:00:00 2001
	From: Anna Henningsen <anna@addaleax.net>
	Date: Sat, 20 Oct 2018 05:24:54 +0200
	Subject: [PATCH] src: use more explicit return type in Sign::SignFinal()
	MIME-Version: 1.0
	Content-Type: text/plain; charset=UTF-8
	Content-Transfer-Encoding: 8bit

	Using the non-indexed variant of `std::get<>` broke Travis CI.
	Also, this allows us to be a bit more concise when returning
	from `SignFinal()` due to some error condition.

	Refs: https://github.com/nodejs/node/pull/23427

	PR-URL: https://github.com/nodejs/node/pull/23779
	Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
	Reviewed-By: Tobias Nießen <tniessen@tnie.de>
	Reviewed-By: Refael Ackermann <refack@gmail.com>
	Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
	---
	src/node_crypto.cc \| 23 +++++++++++------------
	src/node_crypto.h \| 12 +++++++++++-
	2 files changed, 22 insertions(+), 13 deletions(-)

	diff --git a/src/node_crypto.cc b/src/node_crypto.cc
	index bd8d9e032554..ec7d4f2bb5be 100644
	--- a/src/node_crypto.cc
	+++ b/src/node_crypto.cc
	@@ -3562,22 +3562,20 @@ static MallocedBuffer<unsigned char> Node_SignFinal(EVPMDPointer&& mdctx,
	return MallocedBuffer<unsigned char>();
	}

	-std::pair<SignBase::Error, MallocedBuffer<unsigned char>> Sign::SignFinal(
	+Sign::SignResult Sign::SignFinal(
	const char* key_pem,
	int key_pem_len,
	const char* passphrase,
	int padding,
	int salt_len) {
	- MallocedBuffer<unsigned char> buffer;
	-
	if (!mdctx_)
	- return std::make_pair(kSignNotInitialised, std::move(buffer));
	+ return SignResult(kSignNotInitialised);

	EVPMDPointer mdctx = std::move(mdctx_);

	BIOPointer bp(BIO_new_mem_buf(const_cast<char*>(key_pem), key_pem_len));
	if (!bp)
	- return std::make_pair(kSignPrivateKey, std::move(buffer));
	+ return SignResult(kSignPrivateKey);

	EVPKeyPointer pkey(PEM_read_bio_PrivateKey(bp.get(),
	nullptr,
	@@ -3588,7 +3586,7 @@ std::pair<SignBase::Error, MallocedBuffer<unsigned char>> Sign::SignFinal(
	// without `pkey` being set to nullptr;
	// cf. the test of `test_bad_rsa_privkey.pem` for an example.
	if (!pkey \|\| 0 != ERR_peek_error())
	- return std::make_pair(kSignPrivateKey, std::move(buffer));
	+ return SignResult(kSignPrivateKey);

	#ifdef NODE_FIPS_MODE
	/* Validate DSA2 parameters from FIPS 186-4 */
	@@ -3612,9 +3610,10 @@ std::pair<SignBase::Error, MallocedBuffer<unsigned char>> Sign::SignFinal(
	}
	#endif // NODE_FIPS_MODE

	- buffer = Node_SignFinal(std::move(mdctx), pkey, padding, salt_len);
	+ MallocedBuffer<unsigned char> buffer =
	+ Node_SignFinal(std::move(mdctx), pkey, padding, salt_len);
	Error error = buffer.is_empty() ? kSignPrivateKey : kSignOk;
	- return std::make_pair(error, std::move(buffer));
	+ return SignResult(error, std::move(buffer));
	}


	@@ -3639,18 +3638,18 @@ void Sign::SignFinal(const FunctionCallbackInfo<Value>& args) {

	ClearErrorOnReturn clear_error_on_return;

	- std::pair<Error, MallocedBuffer<unsigned char>> ret = sign->SignFinal(
	+ SignResult ret = sign->SignFinal(
	buf,
	buf_len,
	len >= 2 && !args[1]->IsNull() ? *passphrase : nullptr,
	padding,
	salt_len);

	- if (std::get<Error>(ret) != kSignOk)
	- return sign->CheckThrow(std::get<Error>(ret));
	+ if (ret.error != kSignOk)
	+ return sign->CheckThrow(ret.error);

	MallocedBuffer<unsigned char> sig =
	- std::move(std::get<MallocedBuffer<unsigned char>>(ret));
	+ std::move(ret.signature);

	Local<Object> rc =
	Buffer::New(env, reinterpret_cast<char*>(sig.release()), sig.size)
	diff --git a/src/node_crypto.h b/src/node_crypto.h
	index 6fcf737f6c43..0c26c1f6ff1d 100644
	--- a/src/node_crypto.h
	+++ b/src/node_crypto.h
	@@ -518,7 +518,17 @@ class Sign : public SignBase {
	public:
	static void Initialize(Environment* env, v8::Local<v8::Object> target);

	- std::pair<Error, MallocedBuffer<unsigned char>> SignFinal(
	+ struct SignResult {
	+ Error error;
	+ MallocedBuffer<unsigned char> signature;
	+
	+ explicit SignResult(
	+ Error err,
	+ MallocedBuffer<unsigned char>&& sig = MallocedBuffer<unsigned char>())
	+ : error(err), signature(std::move(sig)) {}
	+ };
	+
	+ SignResult SignFinal(
	const char* key_pem,
	int key_pem_len,
	const char* passphrase,