Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Node silently allows using dh and x25519 keys for signing / verification #53742

Closed
lucacasonato opened this issue Jul 6, 2024 · 1 comment · Fixed by #53774
Closed

Node silently allows using dh and x25519 keys for signing / verification #53742

lucacasonato opened this issue Jul 6, 2024 · 1 comment · Fixed by #53774
Labels
confirmed-bug Issues with confirmed bugs. crypto Issues and PRs related to the crypto subsystem.

Comments

@lucacasonato
Copy link

lucacasonato commented Jul 6, 2024
edited
Loading

Version

v22.4.0

Platform

Linux pop-os 6.9.3-76060903-generic #202405300957171834820922.04~7817b67 SMP PREEMPT_DYNAMIC Mon J x86_64 x86_64 x86_64 GNU/Linux

Subsystem

crypto

What steps will reproduce the bug?

import crypto from 'node:crypto';

const { privateKey, publicKey } = crypto.generateKeyPairSync('x25519', {});

const sign = crypto.createSign('sha512');
sign.update('some data to sign');
sign.end();
const signature = sign.sign(privateKey);
console.log('Signature:', signature.toString('hex'));

const verify = crypto.createVerify('sha512');
verify.update('some data to sign');
verify.end();
console.log('Verify:', verify.verify(publicKey, signature));

Produces output like:

How often does it reproduce? Is there a required condition?

Always

What is the expected behavior? Why is that the expected behavior?

Node throws an error that x25519 keys can not be used for signing. Same should happen for dh keys.

What do you see instead?

Signature: 8603053600000000000000000000000000930436000000000000000000000000
Verify: false

(invalid output)

Additional information

No response
@RedYetiDev RedYetiDev added the crypto Issues and PRs related to the crypto subsystem. label Jul 6, 2024
@RedYetiDev
Copy link
Member

RedYetiDev commented Jul 6, 2024
edited
Loading

@nodejs/crypto PTAL

JLHwung added a commit to JLHwung/node that referenced this issue Jul 9, 2024
@JLHwung
crypto: reject dh,x25518,x448 in {Sign,Verify}Final
fcdcfd9 
Fixes: nodejs#53742
JLHwung added a commit to JLHwung/node that referenced this issue Jul 9, 2024
@JLHwung
crypto: reject dh,x25519,x448 in {Sign,Verify}Final
f335ac6 
Fixes: nodejs#53742
JLHwung added a commit to JLHwung/node that referenced this issue Jul 9, 2024
@JLHwung
crypto: reject dh,x25519,x448 in {Sign,Verify}Final
7518c53 
Fixes: nodejs#53742
@JLHwung JLHwung mentioned this issue Jul 9, 2024
Merged
@tniessen tniessen added the confirmed-bug Issues with confirmed bugs. label Jul 9, 2024
aduh95 pushed a commit that referenced this issue Sep 12, 2024
@JLHwung @aduh95
crypto: reject dh,x25519,x448 in {Sign,Verify}Final
5bba078 
Fixes: #53742
PR-URL: #53774
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
targos pushed a commit that referenced this issue Sep 22, 2024
@JLHwung @targos
crypto: reject dh,x25519,x448 in {Sign,Verify}Final
cc06989 
Fixes: #53742
PR-URL: #53774
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
aduh95 pushed a commit to aduh95/node that referenced this issue Sep 24, 2024
@JLHwung @aduh95
crypto: reject dh,x25519,x448 in {Sign,Verify}Final
f5f8c45 
Fixes: nodejs#53742
PR-URL: nodejs#53774
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
aduh95 pushed a commit to aduh95/node that referenced this issue Sep 25, 2024
@JLHwung @aduh95
crypto: reject dh,x25519,x448 in {Sign,Verify}Final
0939a73 
Fixes: nodejs#53742
PR-URL: nodejs#53774
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
targos pushed a commit that referenced this issue Sep 26, 2024
@JLHwung @targos
crypto: reject dh,x25519,x448 in {Sign,Verify}Final
9030a9c 
Fixes: #53742
PR-URL: #53774
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
richardlau pushed a commit to aduh95/node that referenced this issue Sep 27, 2024
@JLHwung @richardlau
crypto: reject dh,x25519,x448 in {Sign,Verify}Final
6e7274f 
Fixes: nodejs#53742
PR-URL: nodejs#53774
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
targos pushed a commit that referenced this issue Oct 2, 2024
@JLHwung @targos
crypto: reject dh,x25519,x448 in {Sign,Verify}Final
231ab78 
Fixes: #53742
PR-URL: #53774
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
louwers pushed a commit to louwers/node that referenced this issue Nov 2, 2024
@JLHwung @louwers
crypto: reject dh,x25519,x448 in {Sign,Verify}Final
97b15a0 
Fixes: nodejs#53742
PR-URL: nodejs#53774
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
confirmed-bug Issues with confirmed bugs. crypto Issues and PRs related to the crypto subsystem.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

crypto: reject dh,x25519,x448 in {Sign,Verify}Final JLHwung/node
3 participants
@tniessen @lucacasonato @RedYetiDev