-
-
Notifications
You must be signed in to change notification settings - Fork 630
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
invalid iv length during pairing for node 17 #916
Comments
Tks for the report, at this time node 17 is not supported, please downgrade to the LTS version of NodeJS, currently 16.13.1 PS Also reported here - homebridge/homebridge#2999 |
seems to be openssl library related works on osx/node v17.3.0/openssl 1.1.1m |
Is this a raspberry thing, or it reproducible on all Linux based distros? If you know by any chance. |
seems to be all linux based and only related to the installed openssl library. as long as openssl 1.1 (and not openssl 3.0) is installed, it works, unrelated to the node.js version and operating system.
Turns out openssl 1.1 accepted shorter IVs and pre-padded them with zeros, openssl 3.0 requires a correct length IV. Suggested fix: HAP-NodeJS/src/lib/util/hapCrypto.ts Line 78 in 03431b8
|
|
Thanks for the detailed analysis. Well appreciated. Also had the gut feeling that they somehow now require the 96 bits iv. |
The fix is live with |
Thank you very much! Always happy to help |
v0.8.9 is released now. |
Analysis
Hi,
I get an invalid iv length error since upgraing to node 17.
I've included the args to chacha20_poly1305_decryptAndVerify in the dump as hex.
Seems like the crypto api has changed a little somehow.
Expected Behavior
see above
Steps To Reproduce
see above
Logs
Configuration
see above
Environment
see above
Process Supervisor
not applicable
Additional Context
No response
The text was updated successfully, but these errors were encountered: