Cannot use "sha384": No such hash algorithm

michelp / pgjwt

PostgreSQL implementation of JWT (JSON Web Tokens)

MIT License

364 stars 60 forks source link

Cannot use "sha384": No such hash algorithm #3

Closed esmeetu closed 7 years ago

esmeetu commented 7 years ago

when i run: select basic_auth.sign('{"sub":"1234567890","name":"John Doe","admin":true}', 'secret', 'HS384')

output this:

 [22023] ERROR: Cannot use "sha384": No such hash algorithm
 Where: SQL function "algorithm_sign" statement 1
 SQL function "sign" statement 1

other hash algorithms are same.

This is my algorithm_sign function:

create function basic_auth.algorithm_sign(signables text, secret text, algorithm text) returns text
LANGUAGE SQL
AS $$
WITH
  alg AS (
    SELECT CASE
      WHEN algorithm = 'HS256' THEN 'sha256'
      WHEN algorithm = 'HS384' THEN 'sha384'
      WHEN algorithm = 'HS512' THEN 'sha512'
      ELSE '' END AS id)  -- hmac throws error
SELECT basic_auth.url_encode(basic_auth.hmac(signables, secret, alg.id)) FROM alg;
$$;

michelp commented 7 years ago

I'm not sure why you have 'basic_auth.hmac', it should just be 'hmac' unless you installed pgcypto into the same schema, I presume you did something like that since the function is being called.

@esmeetu try this:

select basic_auth.hmac('foo', 'secret', 'sha384');

You should get:

\x0edb7068ecbf4de2c47b8819fd534333379f208f989c51018d03ee1155e4c0740a418ec220d4260eabcb2d090b16de6e

If not, then it sounds like your pgcypto is not correctly installed.

esmeetu commented 7 years ago

Thanks for your reply! Well, I install pgcypto in the same schema basic_auth. Under your code, i still get the error: [22023] ERROR: Cannot use "sha384": No such hash algorithm I reinstall pgcrypto and pgjwt, there is error as before. But the extension works fine a few days before, I don't know what's wrong.

michelp commented 7 years ago

Are you reinstall pgcrypto by a os package like apt or rpm or did you build it from source? If you built it you might be missing some libraries.

After you reinstalled did you restart postgres? 'hmac' comes from pycrypto, so I'm not really an expert in building it, I installed it from an ubuntu package.

esmeetu commented 7 years ago

I use datagrip, enter this CREATE EXTENSION pgjwt CASCADE in my console. It has pgcrypto default, and i drop it, recreate it. As you say, i should try down the source code, and rebuild it.

esmeetu commented 7 years ago

@michelp I find the reason, It my fault thati forget that i updated my postgresql today. After reboot the system, It works fine! But i am not clear why it fails, may be pgcrypto has some changes. Thanks you again. Good extention. :)