I know that it's been a long time since this question was asked, but I'm
still interested in the answer.
The fact that these two lines produce different answers is surprising:
$ node -e 'var crypto = require("crypto"); var h =
crypto.createHash("sha1"); h.update("b\u1234");
console.log(h.digest("base64"));'
psoXs3ctjMiPHg4ZAx773K5mtdI=
$ node -e 'var crypto = require("crypto"); var h =
crypto.createHash("sha1"); h.update(new Buffer("b\u1234"));
console.log(h.digest("base64"));'
GhnU4aaaonx7JIHaRNhySj4LUQM=
Most other implicit conversions of strings use 'utf8'.
The situation with output is more of a concern. Most other features that
take optional encoding provide a Buffer when no value is provided (see
http.js). The performance cost of Buffer -> string -> Buffer is probably
~0 for 'binary', but that is just odd.
I don't have an answer that doesn't break backward compatibility, but the
current situation is not ideal.
--Martin
On Friday, 18 March 2011 08:53:10 UTC-7, Trevor Burnham wrote:
>
> I'm confused about the state of 'binary' encoding. For some time now,
> its description in the Buffers section of the docs has read:
>
> > This encoding method is depreciated and should be avoided in favor of
> Buffer objects where possible. This encoding will be removed in future
> versions of Node.
>
> Meanwhile, in methods like `cipher.update`, 'binary' is the default
> encoding for both input and output, and the function returns a string
> (making it impossible to use a buffer directly). So what am I to make
> of this? Should I be using a different encoding for encryption, or
> not?
>
> Someone posted essentially this same question 9 months ago but got no
> response:
> http://groups.google.com/group/nodejs/browse_thread/thread/272b39e41292617a/
>
> Apparently the crypto module is slated to be spun off into a separate
> project (http://nodejs.debuggable.com/2011-01-26.txt); and there are
> known bugs involving the base64 encoding (https://github.com/joyent/
> node/issues/738/ <https://github.com/joyent/node/issues/738/>). All of
> this makes me nervous about relying on
> `crypto` in general, even though it's intended as a fairly thin
> wrapper around `openssl`. What should I do?
--
Job Board: http://jobs.nodejs.org/
Posting guidelines:
https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines
You received this message because you are subscribed to the Google
Groups "nodejs" group.
To post to this group, send email to nodejs@googlegroups.com
To unsubscribe from this group, send email to
nodejs+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/nodejs?hl=en?hl=en
