-
-
Notifications
You must be signed in to change notification settings - Fork 49
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
bioConversionFailure
in ECDSAKey
when using P384
#118
Comments
JWTKit error: signing algorithm error: bioConversionFailure
bioConversionFailure
in ECDSAKey
when using P384
I ran the code out of curiousity inside Xcode and Linux, in both debug and release configurations, and I'm not experiencing any issues. Is it consistently happening for you? |
Yeah I've just run this in a new project on macOS in release mode in VSCode and it worked fine for me too |
This is occurring on the nightly toolchains. I've installed the latest 09-05 toolchain (in the default location for macOS) and attempted to run it as such:
Toolchains 2023-08-27a and 2023-08-03a also exhibit this issue. |
Have you tried the code without JWT and just using Swift Crypto? import Crypto
let generatedPriv = P384.Signing.PrivateKey()
let priv = try ECDSAKey.private(pem: generatedPriv.pemRepresentation)
let pub = try ECDSAKey.public(pem: generatedPriv.publicKey.pemRepresentation) None of that code is JWT stuff IIRC. If that also fails it's probably better to open an issue there |
The error itself is also in JWTKit here. My suspicion personally is that something in one of the new nightly toolchains is optimizing out something in boringSSL when compiling in release mode. Potentially related is that JWTKit and Swift Crypto bundle 2 different versions of boringSSL on linux, but I don't know why that would cause this issue to crop up on macOS. I know there's already a PR in progress to remove the bundled boringSSL which may help. |
I tested this against top-of-tree Swift as of the 2023-09-20 nightly trunk snapshot, and I still experience the |
We'll keep an eye on this - we're almost finished ripping out BoringSSL (#99) at which point this should no longer be an issue |
Going to transfer this to JWTKit as that's where the code lives and we can just write a test to ensure it's no longer an issue cc @ptoffy |
Just to confirm, the |
Oh that's great to hear! |
Describe the bug
When a
P384
private key fromCrypto
is used to create aECDSAKey
, I get the following error in release mode on MacOS:However, when using a
P256
private key, creating aECDSAKey
does not error.To Reproduce
Build and run the following in release mode:
Note that just switching
P256
out forP384
is able to run without error.Expected behavior
I would expect that a
P384
curve would be able to be used without error.Environment
Additional context
None
The text was updated successfully, but these errors were encountered: