`crypto.getCiphers()` includes unsupported ciphers #41857

mscdex · 2022-02-05T09:54:07Z

Version

v17.x, master

Platform

n/a

Subsystem

crypto

What steps will reproduce the bug?

$ node -e 'console.log(crypto.getCiphers().includes("rc4")); crypto.createCipheriv("rc4", Buffer.alloc(16), Buffer.alloc(0))'

How often does it reproduce? Is there a required condition?

Yes.

What is the expected behavior?

false
node:internal/crypto/cipher:116
    this[kHandle].initiv(cipher, credential, iv, authTagLength);
                  ^

Error: error:0308010C:digital envelope routines::unsupported
    at Cipheriv.createCipherBase (node:internal/crypto/cipher:116:19)
    at Cipheriv.createCipherWithIV (node:internal/crypto/cipher:135:3)
    at new Cipheriv (node:internal/crypto/cipher:243:3)
    at Object.createCipheriv (node:crypto:138:10)
    at [eval]:1:58
    at Script.runInThisContext (node:vm:129:12)
    at Object.runInThisContext (node:vm:305:38)
    at node:internal/process/execution:75:19
    at [eval]-wrapper:6:22
    at evalScript (node:internal/process/execution:74:60) {
  library: 'digital envelope routines',
  reason: 'unsupported',
  code: 'ERR_OSSL_EVP_UNSUPPORTED'
}

What do you see instead?

true
node:internal/crypto/cipher:116
    this[kHandle].initiv(cipher, credential, iv, authTagLength);
                  ^

Error: error:0308010C:digital envelope routines::unsupported
    at Cipheriv.createCipherBase (node:internal/crypto/cipher:116:19)
    at Cipheriv.createCipherWithIV (node:internal/crypto/cipher:135:3)
    at new Cipheriv (node:internal/crypto/cipher:243:3)
    at Object.createCipheriv (node:crypto:138:10)
    at [eval]:1:58
    at Script.runInThisContext (node:vm:129:12)
    at Object.runInThisContext (node:vm:305:38)
    at node:internal/process/execution:75:19
    at [eval]-wrapper:6:22
    at evalScript (node:internal/process/execution:74:60) {
  library: 'digital envelope routines',
  reason: 'unsupported',
  code: 'ERR_OSSL_EVP_UNSUPPORTED'
}

Additional information

Node.js shouldn't fib about its supported ciphers.

Whatever change is made for crypto.getCiphers() should probably also be made for the other crypto.get*() methods for consistency.

The text was updated successfully, but these errors were encountered:

mscdex · 2022-02-05T13:35:11Z

FWIW I think calling the various _fetch() (and _free()) OpenSSL APIs for each algorithm name seems to do the trick, however just making that change causes existing tests (e.g. test/parallel/test-crypto-authenticated.js and a couple others) to fail (for supported algorithms like "aes-128-gcm") for unknown reasons with "unsupported" errors from OpenSSL.

Trott · 2022-02-05T15:01:08Z

@nodejs/crypto

mscdex · 2022-02-05T19:30:31Z

I figured out what was happening, I have a potential solution incoming....

Fixes: nodejs#41857

Fixes: nodejs#41857 PR-URL: nodejs#41864 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Filip Skokan <panva.ip@gmail.com>

noscripter · 2022-05-06T03:04:14Z

I'm now using v18.1.0 and still have the same issue.

			return new BulkUpdateDecorator(require("crypto").createHash(algorithm));

Use v10.24.1 is OK.

mscdex · 2022-05-06T04:34:37Z

@noscripter You'll have to provide more details. I cannot duplicate the issue of crypto.getCiphers()/crypto.getHashes() returning unsupported ciphers/hashes in node v18.x.

Mesteery added the crypto Issues and PRs related to the crypto subsystem. label Feb 5, 2022

mscdex added a commit to mscdex/io.js that referenced this issue Feb 5, 2022

crypto: do not advertise unsupported algorithms

ca80a89

Fixes: nodejs#41857

mscdex mentioned this issue Feb 5, 2022

crypto: do not advertise unsupported algorithms #41864

Closed

mscdex added a commit to mscdex/io.js that referenced this issue Feb 5, 2022

crypto: do not advertise unsupported algorithms

7c6f4be

Fixes: nodejs#41857

mscdex added a commit to mscdex/io.js that referenced this issue Feb 5, 2022

crypto: do not advertise unsupported algorithms

f1c8f0c

Fixes: nodejs#41857

mscdex added a commit to mscdex/io.js that referenced this issue Feb 5, 2022

crypto: do not advertise unsupported algorithms

2452889

Fixes: nodejs#41857

mscdex added a commit to mscdex/io.js that referenced this issue Feb 6, 2022

crypto: do not advertise unsupported algorithms

6eb80a3

Fixes: nodejs#41857

mscdex added a commit to mscdex/io.js that referenced this issue Feb 6, 2022

crypto: do not advertise unsupported algorithms

45b4337

Fixes: nodejs#41857

panva closed this as completed in cde35ea Feb 8, 2022

geekact mentioned this issue May 19, 2022

[BUG] node@18 编译失败 remaxjs/remax#1895

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

`crypto.getCiphers()` includes unsupported ciphers #41857

`crypto.getCiphers()` includes unsupported ciphers #41857

mscdex commented Feb 5, 2022 •

edited

mscdex commented Feb 5, 2022 •

edited

Trott commented Feb 5, 2022

mscdex commented Feb 5, 2022

noscripter commented May 6, 2022 •

edited

mscdex commented May 6, 2022

crypto.getCiphers() includes unsupported ciphers #41857

crypto.getCiphers() includes unsupported ciphers #41857

Comments

mscdex commented Feb 5, 2022 • edited

Version

Platform

Subsystem

What steps will reproduce the bug?

How often does it reproduce? Is there a required condition?

What is the expected behavior?

What do you see instead?

Additional information

mscdex commented Feb 5, 2022 • edited

Trott commented Feb 5, 2022

mscdex commented Feb 5, 2022

noscripter commented May 6, 2022 • edited

mscdex commented May 6, 2022

`crypto.getCiphers()` includes unsupported ciphers #41857

`crypto.getCiphers()` includes unsupported ciphers #41857

mscdex commented Feb 5, 2022 •

edited

mscdex commented Feb 5, 2022 •

edited

noscripter commented May 6, 2022 •

edited