search

bungle / lua-resty-nettle

LuaJIT FFI bindings for Nettle (a low-level cryptographic library)
BSD 2-Clause "Simplified" License
182 stars 45 forks source link

library.lua error #34

Open yondersever opened 3 years ago

yondersever commented 3 years ago

Hi,

I got the following error while using "resty.nettle.pbkdf2".

Config:

location /lua4encrypt {

set $tsk $2;
add_header Content-Type text/plain;
content_by_lua_block {
    local pbkdf2 = require "resty.nettle.pbkdf2"
    local hmac = pbkdf2.hmac_sha1("password", 1, "salt", 20)
    print("pbkdf2 sha1", #hmac, hex(hmac))
    local hmac = pbkdf2.hmac_sha256("pass\0word", 4096, "sa\0lt", 32)
    print("pbkdf2 sha256", #hmac, hex(hmac))

}

}

Error:

2021/04/20 19:22:43 [error] 13199#13199: *494 lua entry thread aborted: runtime error: /usr/local/openresty/lualib/resty/nettle/library.lua:55: unable to load nettle stack traceback: coroutine 0: [C]: in function 'require' content_by_lua(locationtraining.conf:203):2: in main chunk, client: ..., server: , request: "POST /lua4encrypt HTTP/1.1", host: "xxx:8081"

bungle commented 3 years ago

@yondersever

Have you installed libnettle to your system?

r-oueslati commented 3 years ago

Hi @bungle

I'm having the same issue.

I would like to use nettle in a kong plugin that needs to decrypt using aes-256-gcm (Kong 1.5.1 on Ubuntu 18.04). I have libnettle6, libhogweed4 and libgmp10 installed with apt package manager. And I installed lua-resty-nettle successfully with: luarocks install lua-resty-nettle.

Importing the module with local aes = require "resty.nettle.aes" raises /usr/local/share/lua/5.1/resty/nettle/library.lua:55: unable to load nettle error message at kong init.

Any help would be greatly appreciated. Thank you

suochenxiao commented 2 years ago

Hi @bungle

I'm having the same issue.

I would like to use nettle in a kong plugin that needs to decrypt using aes-256-gcm (Kong 1.5.1 on Ubuntu 18.04). I have libnettle6, libhogweed4 and libgmp10 installed with apt package manager. And I installed lua-resty-nettle successfully with: luarocks install lua-resty-nettle.

Importing the module with local aes = require "resty.nettle.aes" raises /usr/local/share/lua/5.1/resty/nettle/library.lua:55: unable to load nettle error message at kong init.

Any help would be greatly appreciated. Thank you

wget https://ftp.gnu.org/gnu/nettle/nettle-3.4.1.tar.gz tar -zxf nettle-3.4.1.tar.gz cd nettle-3.4.1 ./configure --prefix=/usr --enable-mini-gmp && make make install

AnshumanRohella commented 1 year ago

Seems like the problem lies here in library.lua

local ffi = require "ffi"
local ffi_load = ffi.load
local ipairs = ipairs
local assert = assert
local pcall = pcall

local lib_path = _NETTLE_LIB_PATH -- luacheck: ignore
root@a27232cff808:/usr# luajit test.lua 
nil
luajit: test.lua:56: unable to load nettle
stack traceback:
        [C]: in function 'assert'
        test.lua:56: in main chunk
        [C]: at 0x5589e2257300

even after install nettle, it doesn't pick up the correct shared libraries. Once I hardcode the path in the script, I am able to load nettle.

local ffi = require "ffi"
local ffi_load = ffi.load
local ipairs = ipairs
local assert = assert
local pcall = pcall

_NETTLE_LIB_PATH = "/usr/local/nettle/3_5/lib64"
local lib_path = _NETTLE_LIB_PATH -- luacheck: ignore
root@a27232cff808:/usr# luajit test.lua 
/usr/local/nettle/3_5/lib64/

Maybe it would make sense to either use $PATH or allow setting an environment variable for this. I don't see how this lookup can work otherwise. Please correct me if I am missing something here. @bungle