Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

test failures depending on openssl compilation flags #175

Closed
kapouer opened this issue Dec 30, 2017 · 11 comments · Fixed by #176
Closed

test failures depending on openssl compilation flags #175

kapouer opened this issue Dec 30, 2017 · 11 comments · Fixed by #176

Comments

@kapouer
Copy link

kapouer commented Dec 30, 2017

Algorithms available at runtime depend on how openssl (which could be a shared lib) has been configured.
Test such as https://github.com/crypto-browserify/crypto-browserify/blob/9730d317e2141099b8e56d2afbaf806eb616e0a3/test/sign.js#L34
should not assume all algorithms are available.
The test could either catch the exception (createSign throws with "Unknown message digest") or check crypto.getCiphers().

See also browserify/browserify-sign#37
@kapouer
Copy link
Author

kapouer commented Jan 3, 2018

Here's a log, and i'll PR a workaround:

# ec with sha1
# js sign and verify
ok 95 validates
# node sign and verify
crypto.js:291
  this._handle.init(algorithm);
               ^

Error: Unknown message digest
    at new Sign (crypto.js:291:16)
    at Object.Sign (crypto.js:289:12)
    at Test.<anonymous> (/<<PKGBUILDDIR>>/test/sign.js:34:31)

@calvinmetcalf
Copy link
Contributor

in this repo is the issue just that ecdsa with sha1 isn't supported or the specific curve ?

@kapouer
Copy link
Author

kapouer commented Jan 3, 2018

Gimme a minute :)

@kapouer
Copy link
Author

kapouer commented Jan 3, 2018

List of failures:

# node sign and verify
skipping unsupported scheme ecdsa-with-SHA1
# node sign and js verify
skipping unsupported scheme ecdsa-with-SHA1
# js sign and node verify
skipping unsupported scheme ecdsa-with-SHA1

@calvinmetcalf
Copy link
Contributor

ok so it looks like it's just sha1 which is the issue here so if we just change this line to be sha256 that should fix it

@kapouer
Copy link
Author

kapouer commented Jan 3, 2018

Do you mean replace ecdsa-with-sha1 by sha256?

@calvinmetcalf calvinmetcalf mentioned this issue Jan 3, 2018
Merged
@kapouer
Copy link
Author

kapouer commented Jan 3, 2018

It works now.

@kapouer
Copy link
Author

kapouer commented Jan 3, 2018

Note that it's more something about default security setup than about debian in itself.

@calvinmetcalf
Copy link
Contributor

#176 works or this repo always worked ?

@kapouer
Copy link
Author

kapouer commented Jan 3, 2018

#176 works. It was failing before.

@calvinmetcalf
Copy link
Contributor

calvinmetcalf commented Jan 3, 2018 via email

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Debian browserify/crypto-browserify
2 participants
@kapouer @calvinmetcalf