Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

createCipheriv crash renderer window #16214

Closed
githoniel opened this issue Dec 29, 2018 · 4 comments

Comments

Projects
None yet
5 participants
@githoniel
Copy link

commented Dec 29, 2018

Version Info

electron: 4.0.0
OS: Windows 10 x64 10.0.17134.472

Expected Behavior

require('crypto').createCipheriv('rc4', 'asdasd', null)
require('crypto').createCipheriv('rc4', 'asdasd', '')

work well as node v10.15.0

Actual behavior

require('crypto').createCipheriv('rc4', 'asdasd', null)

cause renderer process crash

require('crypto').createCipheriv('rc4', 'asdasd', '')

throw

Invalid IV length
    at Cipheriv.createCipherBase (internal/crypto/cipher.js:79)
    at Cipheriv.createCipherWithIV (internal/crypto/cipher.js:119)
    at new Cipheriv (internal/crypto/cipher.js:225)
    at Object.createCipheriv (crypto.js:105)
    at <anonymous>:1:19
createCipherBase @ internal/crypto/cipher.js:79
createCipherWithIV @ internal/crypto/cipher.js:119
Cipheriv @ internal/crypto/cipher.js:225
createCipheriv @ crypto.js:105

To Reproduce

exec code above in devTools

@shiftkey

This comment has been minimized.

Copy link
Contributor

commented Dec 29, 2018

Likely the same root cause as #16195

@orangeChu

This comment has been minimized.

Copy link

commented Dec 30, 2018

Before it is repaired, you may be able to use the method of the main process.:)

@githoniel

This comment has been minimized.

Copy link
Author

commented Jan 1, 2019

Before it is repaired, you may be able to use the method of the main process.:)

I'm now using third party rc4 instead.

use the method of the main process seem to complex, because I must using the stream mode

@nornagon

This comment has been minimized.

Copy link
Contributor

commented Jan 2, 2019

Duplicate of #16195

@nornagon nornagon marked this as a duplicate of #16195 Jan 2, 2019

@nornagon nornagon closed this Jan 2, 2019

codebytere added a commit that referenced this issue Apr 23, 2019

fix: add a compatibility EVP_CIPH_OCB_MODE value (#16214). (#17873)
* fix: add a compatibility EVP_CIPH_OCB_MODE value (#16214).

Backported google/boringssl@4b9683 to 4.1.x branch. This patch
replaces the no-op modes with negative numbers rather than zero.
Stream ciphers like RC4 report a "mode" of zero, so code comparing
the mode to a dummy value will get confused.

This patch fixed issue #16214.

* revert: "fix: add a compatibility EVP_CIPH_OCB_MODE value (#16214)."

This reverts commit f1156a8.

* fix: (recommit) add a compatibility EVP_CIPH_OCB_MODE value (#16214).

Recommited change @f1156a with patches generated by
"git-export-patches".
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.