Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Encrypt then decrypt node issue with more than 16 chars message #47

Open
AquiGorka opened this issue May 20, 2019 · 4 comments

Comments

@AquiGorka
Copy link

commented May 20, 2019

Case

Bug

Issue

Encrypt -> Decrypt is not working with node@v12.2.0 with phrases more than 16 chars in length

Info

  • Environment: node (originally found with node + browser, but could repro in node only too)

Code

  const publicKey =
     '030dddc2e1cb1f9c5c3463399f0b539e2f2a9d42678f596cef95ce301087c05836'
   const privateKey =
     '6b463fdd6b15df6da6753fe8d1a5973b133c7a4aed77b38b145b11987cf27876'
   let randomStr
   let answer
   let challenge
   try {
     randomStr = crypto.randomBytes(6).toString('hex')
     //randomStr = '1234567889012345'
     console.log('randomStr: ', randomStr)
     challenge = await encryptWithPublicKey(publicKey, Buffer.from(randomStr))
     console.log('challenge: ', challenge)                                                                                                                        
     answer = await decryptWithPrivateKey(privateKey, challenge)
   } catch (e) {
     console.log('Error: ', JSON.stringify(e, null, 2))
   }
 
  console.log('----> ', randomStr === answer)

Error thrown (only node@12.2.0):

Error:  {
  "library": "digital envelope routines", 
  "function": "EVP_DecryptFinal_ex",
  "reason": "bad decrypt",
  "code": "ERR_OSSL_EVP_BAD_DECRYPT"
}
---->  false

Node@11.4.0 gives a satisfactory: ----> true

@HP213

This comment has been minimized.

Copy link

commented Jul 8, 2019

Yes it is not decrypting message with more than 16 characters

pubkey added a commit that referenced this issue Aug 3, 2019

@pubkey

This comment has been minimized.

Copy link
Owner

commented Aug 3, 2019

I added a test in the attached commit.
I think this has something to do with the openssl version. Can you run openssl version and post the output?

@pubkey

This comment has been minimized.

Copy link
Owner

commented Aug 3, 2019

https://travis-ci.org/pubkey/eth-crypto/builds/567377666

Some things I noticed:
npm install fails because of ecdh.target.mk:113: recipe for target 'Release/obj.target/ecdh/ecdh.o' failed see here

Then because of the failed build there is a MODULE_NOT_FOUND with Reverting to browser version. On the browser-version there is a different kind of padding of the public key which results in the error EVP_DecryptFinal_ex.

The current workaround is to downgrade to node v11.
I think this must be solved by eccrypto or secp256k1

@pubkey

This comment has been minimized.

Copy link
Owner

commented Aug 3, 2019

I opened bitchan/eccrypto#42

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
3 participants
You can’t perform that action at this time.