Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

panic: cryptobackend: invalid code execution #1706

Open
santhoshhpe opened this issue Aug 26, 2024 · 5 comments
Open

panic: cryptobackend: invalid code execution #1706

santhoshhpe opened this issue Aug 26, 2024 · 5 comments
Labels
defect Suspected defect such as a bug or regression

Comments

@santhoshhpe
Copy link

santhoshhpe commented Aug 26, 2024
edited by wallyqs
Loading

Observed behavior

Unable to sign the request nats authentication request

Expected behavior

signing the nats authentication request should work as expected.

Server and client version

Connected Server Version: 2.10.14
Client version : v0.1.4

Host environment

docker ubuntu image

Steps to reproduce

Run the go code to sign the nonce sent by nats server for authentication

Sample code:

// Handle nats signature request for challenge response authentication.
func sigHandler(seedKey string, nonce []byte) ([]byte, error) {
	log.Info("handling signature check for nats, nonce: %v", nonce)
	kp, err := nkeys.FromSeed([]byte(seedKey))
	if err != nil {
		log.Errorf("unable to load key pair from NkeySeed, %v", err)
		return nil, err
	}
	// Wipe our key on exit.
	defer kp.Wipe()

	sig, err := kp.Sign(nonce)
	if err != nil {
		log.Errorf("Failed to sign the nonce, %v", err)
	}
	return sig, nil
}

Code to setup seeds:

conn, err = natsgo.Connect(url, natsgo.Nkey(nkeyPub, func(nonce []byte) ([]byte, error) {
			return sigHandler(nkeySeed, nonce)
		}),
		)
		if err == nil {
			break
		}
@santhoshhpe santhoshhpe added the defect Suspected defect such as a bug or regression label Aug 26, 2024
@wallyqs
Copy link
Member

wallyqs commented Aug 26, 2024

the panic is in the Go client?

@santhoshhpe
Copy link
Author

Full stack here:
cryptobackend: unexpected code execution in ./main

2024-08-26 16:14:08.407
panic: cryptobackend: invalid code execution
2024-08-26 16:14:08.407
2024-08-26 16:14:08.407
goroutine 1 [running]:
2024-08-26 16:14:08.407
crypto/internal/backend.UnreachableExceptTests()
2024-08-26 16:14:08.407
/usr/local/go/src/crypto/internal/backend/common.go:81 +0xd8
2024-08-26 16:14:08.407
crypto/ed25519.GenerateKey({0x14ee940?, 0xc0004a8210?})
2024-08-26 16:14:08.407
/usr/local/go/src/crypto/ed25519/ed25519.go:158 +0x7f
2024-08-26 16:14:08.407
golang.org/x/crypto/ed25519.GenerateKey(...)

2024-08-26 16:14:08.407
/glcp/unified-events-ingestion/vendor/golang.org/x/crypto/ed25519/ed25519.go:48

2024-08-26 16:14:08.407
github.com/nats-io/nkeys.(*kp).keys(0xc0000da0e0?)
2024-08-26 16:14:08.407
/glcp/unified-events-ingestion/vendor/github.com/nats-io/nkeys/keypair.go:71 +0x98

2024-08-26 16:14:08.407
github.com/nats-io/nkeys.(*kp).Sign(0x137af80?, {0xc0005167b0, 0xf, 0x10})
2024-08-26 16:14:08.407
/glcp/unified-events-ingestion/vendor/github.com/nats-io/nkeys/keypair.go:114 +0x25
2024-08-26 16:14:08.407
main.sigHandler({0x137af80, 0x3a}, {0xc0005167b0, 0xf, 0x10})
2024-08-26 16:14:08.407
/glcp/unified-events-ingestion/cmd/unified-events-ingestion/main.go:340 +0x1f2
2024-08-26 16:14:08.407
main.retryNATSConnection.func1({0xc0005167b0?, 0xc000516770?, 0xf?})
2024-08-26 16:14:08.407
/glcp/unified-events-ingestion/cmd/unified-events-ingestion/main.go:360 +0x2f

2024-08-26 16:14:08.407
github.com/nats-io/nats%2ego.(*Conn).connectProto(0xc000214008)

2024-08-26 16:14:08.407
/glcp/unified-events-ingestion/vendor/github.com/nats-io/nats.go/nats.go:2587 +0x1ff

2024-08-26 16:14:08.408
github.com/nats-io/nats%2ego.(*Conn).sendConnect(0xc000214008)
2024-08-26 16:14:08.408
/glcp/unified-events-ingestion/vendor/github.com/nats-io/nats.go/nats.go:2644 +0x45
2024-08-26 16:14:08.408
github.com/nats-io/nats%2ego.(*Conn).processConnectInit(0xc000214008)
2024-08-26 16:14:08.408
/glcp/unified-events-ingestion/vendor/github.com/nats-io/nats.go/nats.go:2380 +0x13a
2024-08-26 16:14:08.408
github.com/nats-io/nats%2ego.(*Conn).connect(0xc000214008)
2024-08-26 16:14:08.408
/glcp/unified-events-ingestion/vendor/github.com/nats-io/nats.go/nats.go:2429 +0x29e
2024-08-26 16:14:08.408
github.com/nats-io/nats%2ego.Options.Connect({{0x0, 0x0}, {0x0, 0x0}, {0xc0001150c0, 0x1, 0x1}, 0x0, 0x0, {0x0, ...}, ...})
2024-08-26 16:14:08.408
/glcp/unified-events-ingestion/vendor/github.com/nats-io/nats.go/nats.go:1585 +0x32d
2024-08-26 16:14:08.408
github.com/nats-io/nats%2ego.Connect({0xc000044049, 0x35}, {0xc000597448, 0x1, 0x0?})
2024-08-26 16:14:08.408
/glcp/unified-events-ingestion/vendor/github.com/nats-io/nats.go/nats.go:855 +0x1bc
2024-08-26 16:14:08.408
main.retryNATSConnection({0xc000044049, 0x35})
2024-08-26 16:14:08.408
/glcp/unified-events-ingestion/cmd/unified-events-ingestion/main.go:359 +0x175
2024-08-26 16:14:08.408
main.createStream({0x14fcc10, 0x1eca660})
2024-08-26 16:14:08.408
/glcp/unified-events-ingestion/cmd/unified-events-ingestion/main.go:206 +0xe7
2024-08-26 16:14:08.408
main.main()
2024-08-26 16:14:08.408
/glcp/unified-events-ingestion/cmd/unified-events-ingestion/main.go:127 +0xd88

@ripienaar
Copy link
Contributor

@santhoshhpe what version go is this?

@wallyqs wallyqs transferred this issue from nats-io/nats-server Aug 27, 2024
@santhoshhpe
Copy link
Author

go 1.21

@ripienaar
Copy link
Contributor

I do not see paths like src/crypto/internal/backend/common.go in the go source code, so this is pretty weird. Is this normal go as downloaded from golang.org?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
defect Suspected defect such as a bug or regression
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@wallyqs @ripienaar @santhoshhpe and others