-
Notifications
You must be signed in to change notification settings - Fork 30.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
crypto: reject Ed25519/Ed448 in Sign/Verify prototypes #52340
Conversation
Review requested:
|
c27f7b0
to
ab86d4d
Compare
It looks like this change is consistently failing to build on win-vs2022-arm64 for some reason. |
Seems unrelated to me. If it happens to be related I'm not able to debug it and would appreciate help. |
Let's see if rebasing does anything. |
ab86d4d
to
40487f2
Compare
The error was: |
Well, nothing much I can do about |
/cc @nodejs/platform-windows-arm |
This error happens occasionally, but shouldn't happen as often as it did on this PR. One thing that comes to mind is that the V8 update landed recently in the main branch and that is something that could increase the frequency of this. I'll monitor ARM64 builds closely for the next few days to see if this is a rising concern. |
@StefanStojanovic thank you for looking into it |
Landed in 9f939f5 |
fixes: nodejs#52097 PR-URL: nodejs#52340 Fixes: nodejs#52097 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
fixes: nodejs#52097 PR-URL: nodejs#52340 Fixes: nodejs#52097 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
fixes: nodejs#52097 PR-URL: nodejs#52340 Fixes: nodejs#52097 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
It is possible to slip Ed25519/Ed448 keys to Sign.prototype.sign and Verify.prototype.sign given you provide a valid openssl digest and the result is an empty signature.
This PR checks for the key being a oneshot only key and throws a generic
ERR_CRYPTO_UNSUPPORTED_OPERATION
fixes: #52097