Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto.sign/crypto.verify one-shot methods don't work with one-shot algorithms #6418

Closed
panva opened this issue Oct 11, 2023 · 4 comments · Fixed by #7256
Closed

crypto.sign/crypto.verify one-shot methods don't work with one-shot algorithms #6418

panva opened this issue Oct 11, 2023 · 4 comments · Fixed by #7256
Assignees
@cirospaciari
Labels
bug Something isn't working node.js Compatibility with Node.js APIs

Comments

@panva
Copy link
Contributor

panva commented Oct 11, 2023
edited
Loading

What version of Bun is running?

No response

What platform is your computer?

No response

What steps can reproduce the bug?

const { privateKey } = require('crypto').generateKeyPairSync('ed25519')
require('crypto').sign(undefined, Buffer.from('foo'), privateKey)

What is the expected behavior?

A buffer with the signature is returned.

What do you see instead?

Unknown message digest error is raised instead because the one-shot implementation just depends on the createSign API which is not meant to work with the one-shot sign algorithms like ed25519

Additional information

➜  jose git:(main) node
Welcome to Node.js v18.18.1.
Type ".help" for more information.
> const { privateKey } = require('crypto').generateKeyPairSync('ed25519')
undefined
> require('crypto').sign(undefined, Buffer.from('foo'), privateKey)
<Buffer 38 5b 58 fc ca eb b5 a5 43 6a 2a 5b c4 c8 ea 21 d4 96 42 27 61 47 33 a6 52 f7 a8 76 69 69 e3 c4 f4 76 44 35 00 f5 37 11 0b d9 89 e2 ab bd 3d ca 47 38 ... 14 more bytes>
>
@panva panva added the bug Something isn't working label Oct 11, 2023
@Electroid Electroid added the node.js Compatibility with Node.js APIs label Oct 11, 2023
@elmpp
Copy link

elmpp commented Nov 5, 2023

This prevents usage of the popular ssh2 library at this point - https://github.com/mscdex/ssh2/blob/master/lib/protocol/constants.js#L22

@ProgressifyDev ProgressifyDev mentioned this issue Nov 15, 2023
Open
@elmpp
Copy link

elmpp commented Nov 16, 2023
edited
Loading

@panva can you suggest any workaround at all? Perhaps a pure-js library replacement for crypto.sign() ??

I'm a bit out of my depth here

E2A, is there a way to call nodejs:crypto.sign() in another process 🤷

@panva
Copy link
Contributor Author

panva commented Nov 17, 2023

@panva can you suggest any workaround at all? Perhaps a pure-js library replacement for crypto.sign()

An unmaintained pure-js library serving as a polyfill here is the very reason why this problem exists. The only solution is that Bun implements these APIs properly.

They should IMHO not be used at all until then. The only trusted crypto interface in Bun for now remains the Web Crypto API implementation exposed on the global scope.

@elmpp
Copy link

elmpp commented Nov 17, 2023

It's a shame 😞

I'm exploring spawning processes to 'node -e crypto.sign()' in the meantime

Thanks for the reply

@cirospaciari cirospaciari self-assigned this Nov 17, 2023
@cirospaciari cirospaciari mentioned this issue Nov 22, 2023
Merged
10 tasks
@elmpp elmpp mentioned this issue Apr 21, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@cirospaciari cirospaciari

Labels
bug Something isn't working node.js Compatibility with Node.js APIs
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(crypto) oneshot Sign and Verify oven-sh/bun
4 participants
@panva @elmpp @Electroid @cirospaciari