From ebab4f1b1b89cc7953c9dc64b03929c6f7801a8a Mon Sep 17 00:00:00 2001 From: bin-y Date: Sun, 26 Apr 2020 22:56:01 +0800 Subject: [PATCH] version 2.0.0 --- README.md | 11 ++++++++--- package.json | 2 +- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index bf83831..d687c01 100644 --- a/README.md +++ b/README.md @@ -20,9 +20,9 @@ const options = { curveName: 'secp256k1', symmetricCypherName: 'aes-128-ecb', iv: null, - // iv is used in symmetric cipher, set null if you want to use cipher - // in ecb mode. set undefined if you want to use deprecated - // createCipheriv / createDecipher / EVP_BytesToKey + // iv is used in symmetric cipher, set null if the cipher does not need an + // initialization vector (e.g. a cipher in ecb mode). Set undefined if you + // want to use deprecated createCipheriv / createDecipher / EVP_BytesToKey keyFormat: 'uncompressed', s1: null, // optional shared information1 s2: null // optional shared information2 @@ -35,3 +35,8 @@ const encryptedText = ecies.encrypt(ecdh.getPublicKey(), plainText, options); const decryptedText = ecies.decrypt(ecdh, encryptedText, options); assert(plainText.toString('hex') == decryptedText.toString('hex')); ``` + +## Porting from 1.0.0 to 2.0.0 +For the projects used this library with options.iv set to a valid iv buffer, no change is required to make compatible with 1.0.0. Other projects can set `options.iv = undefined` to make compatible with an older version. + +In the version 1.0.0, it is advised to use a null iv for ECB mode ciphers, which will use crypto.createCipher -> EVP_BytesToKey to derive a key. However, as noted in [the latest manual of EVP_BytesToKey](https://www.openssl.org/docs/man1.1.0/man3/EVP_BytesToKey.html) that "Newer applications should use a more modern algorithm such as PBKDF2 as defined in PKCS#5v2.1 and provided by PKCS5_PBKDF2_HMAC", crypto.createCipher is deprecated by nodejs. Therefore, to avoid this library to use deprecated nodejs API by default, the behavior of `options.iv == null` now is to use crypto.createCipheriv with an empty iv to create the cipher which, however, is incompatible with the cipher created by crypto.createCipher. diff --git a/package.json b/package.json index a6d84c2..825e1ee 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "standard-ecies", - "version": "1.0.0", + "version": "2.0.0", "description": "Standard ECIES implemention for NodeJS based on crypto module with no other dependencies.", "main": "main.js", "scripts": {