search

nats-io / nats.go

Golang client for NATS, the cloud native messaging system.
https://nats.io
Apache License 2.0
5.44k stars 686 forks source link

panic: cryptobackend: invalid code execution #1706

Open santhoshhpe opened 3 weeks ago

santhoshhpe commented 3 weeks ago

Observed behavior

Unable to sign the request nats authentication request

Expected behavior

signing the nats authentication request should work as expected.

Server and client version

Connected Server Version: 2.10.14 Client version : v0.1.4

Host environment

docker ubuntu image

Steps to reproduce

Run the go code to sign the nonce sent by nats server for authentication

Sample code:

// Handle nats signature request for challenge response authentication.
func sigHandler(seedKey string, nonce []byte) ([]byte, error) {
    log.Info("handling signature check for nats, nonce: %v", nonce)
    kp, err := nkeys.FromSeed([]byte(seedKey))
    if err != nil {
        log.Errorf("unable to load key pair from NkeySeed, %v", err)
        return nil, err
    }
    // Wipe our key on exit.
    defer kp.Wipe()

    sig, err := kp.Sign(nonce)
    if err != nil {
        log.Errorf("Failed to sign the nonce, %v", err)
    }
    return sig, nil
}

Code to setup seeds:

conn, err = natsgo.Connect(url, natsgo.Nkey(nkeyPub, func(nonce []byte) ([]byte, error) {
            return sigHandler(nkeySeed, nonce)
        }),
        )
        if err == nil {
            break
        }
wallyqs commented 3 weeks ago

the panic is in the Go client?

santhoshhpe commented 3 weeks ago

Full stack here: cryptobackend: unexpected code execution in ./main

2024-08-26 16:14:08.407 panic: cryptobackend: invalid code execution 2024-08-26 16:14:08.407 2024-08-26 16:14:08.407 goroutine 1 [running]: 2024-08-26 16:14:08.407 crypto/internal/backend.UnreachableExceptTests() 2024-08-26 16:14:08.407 /usr/local/go/src/crypto/internal/backend/common.go:81 +0xd8 2024-08-26 16:14:08.407 crypto/ed25519.GenerateKey({0x14ee940?, 0xc0004a8210?}) 2024-08-26 16:14:08.407 /usr/local/go/src/crypto/ed25519/ed25519.go:158 +0x7f 2024-08-26 16:14:08.407 golang.org/x/crypto/ed25519.GenerateKey(...)

2024-08-26 16:14:08.407 /glcp/unified-events-ingestion/vendor/golang.org/x/crypto/ed25519/ed25519.go:48

2024-08-26 16:14:08.407 github.com/nats-io/nkeys.(*kp).keys(0xc0000da0e0?) 2024-08-26 16:14:08.407 /glcp/unified-events-ingestion/vendor/github.com/nats-io/nkeys/keypair.go:71 +0x98

2024-08-26 16:14:08.407 github.com/nats-io/nkeys.(*kp).Sign(0x137af80?, {0xc0005167b0, 0xf, 0x10}) 2024-08-26 16:14:08.407 /glcp/unified-events-ingestion/vendor/github.com/nats-io/nkeys/keypair.go:114 +0x25 2024-08-26 16:14:08.407 main.sigHandler({0x137af80, 0x3a}, {0xc0005167b0, 0xf, 0x10}) 2024-08-26 16:14:08.407 /glcp/unified-events-ingestion/cmd/unified-events-ingestion/main.go:340 +0x1f2 2024-08-26 16:14:08.407 main.retryNATSConnection.func1({0xc0005167b0?, 0xc000516770?, 0xf?}) 2024-08-26 16:14:08.407 /glcp/unified-events-ingestion/cmd/unified-events-ingestion/main.go:360 +0x2f

2024-08-26 16:14:08.407 github.com/nats-io/nats%2ego.(*Conn).connectProto(0xc000214008)

2024-08-26 16:14:08.407 /glcp/unified-events-ingestion/vendor/github.com/nats-io/nats.go/nats.go:2587 +0x1ff

2024-08-26 16:14:08.408 github.com/nats-io/nats%2ego.(Conn).sendConnect(0xc000214008) 2024-08-26 16:14:08.408 /glcp/unified-events-ingestion/vendor/github.com/nats-io/nats.go/nats.go:2644 +0x45 2024-08-26 16:14:08.408 github.com/nats-io/nats%2ego.(Conn).processConnectInit(0xc000214008) 2024-08-26 16:14:08.408 /glcp/unified-events-ingestion/vendor/github.com/nats-io/nats.go/nats.go:2380 +0x13a 2024-08-26 16:14:08.408 github.com/nats-io/nats%2ego.(*Conn).connect(0xc000214008) 2024-08-26 16:14:08.408 /glcp/unified-events-ingestion/vendor/github.com/nats-io/nats.go/nats.go:2429 +0x29e 2024-08-26 16:14:08.408 github.com/nats-io/nats%2ego.Options.Connect({{0x0, 0x0}, {0x0, 0x0}, {0xc0001150c0, 0x1, 0x1}, 0x0, 0x0, {0x0, ...}, ...}) 2024-08-26 16:14:08.408 /glcp/unified-events-ingestion/vendor/github.com/nats-io/nats.go/nats.go:1585 +0x32d 2024-08-26 16:14:08.408 github.com/nats-io/nats%2ego.Connect({0xc000044049, 0x35}, {0xc000597448, 0x1, 0x0?}) 2024-08-26 16:14:08.408 /glcp/unified-events-ingestion/vendor/github.com/nats-io/nats.go/nats.go:855 +0x1bc 2024-08-26 16:14:08.408 main.retryNATSConnection({0xc000044049, 0x35}) 2024-08-26 16:14:08.408 /glcp/unified-events-ingestion/cmd/unified-events-ingestion/main.go:359 +0x175 2024-08-26 16:14:08.408 main.createStream({0x14fcc10, 0x1eca660}) 2024-08-26 16:14:08.408 /glcp/unified-events-ingestion/cmd/unified-events-ingestion/main.go:206 +0xe7 2024-08-26 16:14:08.408 main.main() 2024-08-26 16:14:08.408 /glcp/unified-events-ingestion/cmd/unified-events-ingestion/main.go:127 +0xd88

ripienaar commented 3 weeks ago

@santhoshhpe what version go is this?

santhoshhpe commented 3 weeks ago

go 1.21

ripienaar commented 3 weeks ago

I do not see paths like src/crypto/internal/backend/common.go in the go source code, so this is pretty weird. Is this normal go as downloaded from golang.org?