Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto.createCipheriv('aes-256-ctr', …) fails with Unknown cipher #24864

Open
joewalker opened this issue Aug 3, 2024 · 10 comments · May be fixed by #27630
Open

crypto.createCipheriv('aes-256-ctr', …) fails with Unknown cipher #24864

joewalker opened this issue Aug 3, 2024 · 10 comments · May be fixed by #27630
Assignees
@iuioiua
Labels
bug Something isn't working correctly crypto Related to node:crypto or WebCrypto node compat

Comments

@joewalker
Copy link

Version: Deno 1.45.5

Usage context: Trying to port code from nodejs which uses ssh2.
The ssh2 library is attempting to decode an ssh private key.

The failure appears to come from Deno's cipher.ts:

this.#context = op_node_create_decipheriv(cipher, toU8(key), toU8(iv));
this.#needsBlockCache = !(cipher == "aes-128-gcm" || cipher == "aes-256-gcm");
if (this.#context == 0) {
  throw new TypeError("Unknown cipher");
}

In this case op_node_create_decipheriv is called with cipher=aes-256-ctr.
@lucacasonato lucacasonato added bug Something isn't working correctly node compat crypto Related to node:crypto or WebCrypto labels Aug 5, 2024
@littledivy
Copy link
Member

@joewalker Can you provide a reproduction with ssh2 module?

@littledivy
Copy link
Member

littledivy commented Aug 8, 2024
edited
Loading 

import crypto from "node:crypto";
import { Buffer } from "node:buffer";

var algorithm = "aes-256-ctr",
  password = "d6F3Efeq",
  key = Buffer.from("5ebe2294ecd0e0f08eab7690d2a6ee69", "hex"),
  iv = Buffer.from("26ae5cc854e36b6bdfca366848dea6bb", "hex");

function encrypt(text) {
  const cipher = crypto.createCipheriv("aes-128-cbc", key, iv);
  var crypted = cipher.update(text, "utf8", "hex");
  crypted += cipher.final("hex");
  return crypted;
}

function decrypt(text) {
  var decipher = crypto.createDecipheriv("aes-128-cbc", key, iv);
  var dec = decipher.update(text, "hex", "utf8");
  dec += decipher.final("utf8");
  return dec;
}

var hw = encrypt("hello world");
// outputs hello world
console.log(decrypt(hw));

Seems to work with deno 1.45.5+9a83efa. Please re-open if problem still exists.

@jwhitmarsh
Copy link 

import crypto from "node:crypto";
import { Buffer } from "node:buffer";

var algorithm = "aes-256-ctr",
  password = "d6F3Efeq",
  key = Buffer.from("5ebe2294ecd0e0f08eab7690d2a6ee69", "hex"),
  iv = Buffer.from("26ae5cc854e36b6bdfca366848dea6bb", "hex");

function encrypt(text) {
  const cipher = crypto.createCipheriv("aes-128-cbc", key, iv);
  var crypted = cipher.update(text, "utf8", "hex");
  crypted += cipher.final("hex");
  return crypted;
}

function decrypt(text) {
  var decipher = crypto.createDecipheriv("aes-128-cbc", key, iv);
  var dec = decipher.update(text, "hex", "utf8");
  dec += decipher.final("utf8");
  return dec;
}

var hw = encrypt("hello world");
// outputs hello world
console.log(decrypt(hw));

Seems to work with deno 1.45.5+9a83efa. Please re-open if problem still exists.

@littledivy in your example you don't ever use the algorithm variable, and instead have hard coded the algorithm in createCipveriv to "aes-128-cbc",, so does this actually show anything?

If you update the code to use aes-256-ctr then deno v2 throws error: Uncaught (in promise) TypeError: Unknown cipher aes-256-ctr

function encrypt(text) {
  const cipher = crypto.createCipheriv(algorithm, key, iv);
  var crypted = cipher.update(text, "utf8", "hex");
  crypted += cipher.final("hex");
  return crypted;
}

function decrypt(text) {
  var decipher = crypto.createDecipheriv(algorithm, key, iv);
  var dec = decipher.update(text, "hex", "utf8");
  dec += decipher.final("utf8");
  return dec;
}

@littledivy
Copy link
Member

Oh nice catch!

@littledivy littledivy reopened this Oct 10, 2024
@kylesloper
Copy link

  • 1 for "aes-256-ctr" support please

@roffelsaurus
Copy link

Support for aes-256-ctr is definitely needed.

@kylesloper
Copy link

yikes is this still not supported.

@amillwood
Copy link

amillwood commented Dec 5, 2024
edited
Loading

same for aes-256-cbc

@homerjam
Copy link

Ah well 3 days into deno land and I'm turning back, fun while it lasted

@AaronJamesKing
Copy link

Node's docs for createCipheriv state:

The algorithm is dependent on OpenSSL, examples are 'aes192', etc. On recent OpenSSL releases, openssl list -cipher-algorithms will display the available cipher algorithms.

So maybe Deno implicitly supports "aes-256-ctr" and "aes-256-cbc" (etc.) as long as they are available with the local OpenSSL? That's just an optimistic guess. I don't even use Deno, I ended up here while researching something else 🙂

@nathanwhit nathanwhit linked a pull request Jan 10, 2025 that will close this issue
Open
@Martin-Ting Martin-Ting mentioned this issue Jan 14, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@iuioiua iuioiua

Labels
bug Something isn't working correctly crypto Related to node:crypto or WebCrypto node compat
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(ext/node): implement aes-128-ctr and aes-256-ctr nathanwhit/deno
10 participants
@joewalker @homerjam @roffelsaurus @AaronJamesKing @lucacasonato @jwhitmarsh @iuioiua @littledivy @kylesloper @amillwood