Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

createCipheriv crash renderer window #16214

Closed
githoniel opened this issue Dec 29, 2018 · 4 comments
Closed

createCipheriv crash renderer window #16214

githoniel opened this issue Dec 29, 2018 · 4 comments
Labels
4-2-x bug 🪲 platform/windows

Comments

@githoniel
Copy link

githoniel commented Dec 29, 2018
edited

Version Info

electron: 4.0.0
OS: Windows 10 x64 10.0.17134.472

Expected Behavior

require('crypto').createCipheriv('rc4', 'asdasd', null)
require('crypto').createCipheriv('rc4', 'asdasd', '')

work well as node v10.15.0

Actual behavior

require('crypto').createCipheriv('rc4', 'asdasd', null)

cause renderer process crash

require('crypto').createCipheriv('rc4', 'asdasd', '')

throw

Invalid IV length
    at Cipheriv.createCipherBase (internal/crypto/cipher.js:79)
    at Cipheriv.createCipherWithIV (internal/crypto/cipher.js:119)
    at new Cipheriv (internal/crypto/cipher.js:225)
    at Object.createCipheriv (crypto.js:105)
    at <anonymous>:1:19
createCipherBase @ internal/crypto/cipher.js:79
createCipherWithIV @ internal/crypto/cipher.js:119
Cipheriv @ internal/crypto/cipher.js:225
createCipheriv @ crypto.js:105

To Reproduce

exec code above in devTools
@shiftkey
Copy link
Contributor

Likely the same root cause as #16195

@OrangeChu
Copy link

Before it is repaired, you may be able to use the method of the main process.:)

@githoniel
Copy link
Author

githoniel commented Jan 1, 2019
edited

Before it is repaired, you may be able to use the method of the main process.:)

I'm now using third party rc4 instead.

use the method of the main process seem to complex, because I must using the stream mode

@githoniel githoniel reopened this Jan 1, 2019
@nornagon
Copy link
Member

nornagon commented Jan 2, 2019

Duplicate of #16195

@nornagon nornagon marked this as a duplicate of #16195 Jan 2, 2019
@nornagon nornagon closed this as completed Jan 2, 2019
This was referenced Apr 19, 2019
Closed
Merged
codebytere pushed a commit that referenced this issue Apr 23, 2019
@TaikiAkita @codebytere
fix: add a compatibility EVP_CIPH_OCB_MODE value (#16214). (#17873)
eccede0 
* fix: add a compatibility EVP_CIPH_OCB_MODE value (#16214).

Backported google/boringssl@4b9683 to 4.1.x branch. This patch
replaces the no-op modes with negative numbers rather than zero.
Stream ciphers like RC4 report a "mode" of zero, so code comparing
the mode to a dummy value will get confused.

This patch fixed issue #16214.

* revert: "fix: add a compatibility EVP_CIPH_OCB_MODE value (#16214)."

This reverts commit f1156a8.

* fix: (recommit) add a compatibility EVP_CIPH_OCB_MODE value (#16214).

Recommited change @f1156a with patches generated by
"git-export-patches".
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
4-2-x bug 🪲 platform/windows
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@nornagon @shiftkey @sofianguy @githoniel @OrangeChu