crypto: warn if counter mode used in createCipher
crypto.createCipher()
sets the fixed IV derived from password and it
leads to a security risk of nonce reuse when counter mode is used.
A warning is emitted when CTR, GCM or CCM is used in
crypto.createCipher()
to notify users to avoid nonce reuse.
Checklist
-
make -j4 test
(UNIX), orvcbuild test
(Windows) passes -
tests and/or benchmarks are included -
documentation is changed or added -
commit message follows commit guidelines
Affected core subsystem(s)
crypto
Fixes: #13801 (closed)
CC @bnoordhuis, @indutny