search

oven-sh / bun

Incredibly fast JavaScript runtime, bundler, test runner, and package manager – all in one
https://bun.sh
Other
73.01k stars 2.66k forks source link

Diffie-Hellman key generation breaks with large primes #11809

Open edde746 opened 2 months ago

edde746 commented 2 months ago

What version of Bun is running?

1.1.13+bd6a60512, 1.1.16+bf7b327f6

What platform is your computer?

Darwin 24.0.0 arm64 arm

What steps can reproduce the bug?

const prime = 'Q0Y2NTcwQjY3QzAyRkQ5MzYwMkNGRUIyQjQwMzc5RjkwRDdDMjA0MDg2QTBDMUEzODAwM0IxNUM2MzQ2MTEyMEY1NDczOUU3Q0JBMUZFODNDNDdDNTgzOTcxRjUyMzE5QzkxMEM2NUYzNTdDMUYwNzQzQTZBMzgxMjc5MDdDQThDNjY0ODM3MTUyNEI2MDUyRjdCOUQwQzc3NjU1OTY5MEY5QUFCRDI0ODZBNDJBMTgyNTkyM0MyREZFNTU3RTQwRURFOTM2NTM2MzRGRjhFQUNEQUVFMzExMTg3RjZCNDkxRThDMTE3NkM0QkVBRDY2RUJGMThDQ0UwN0Q1Mjc1Qg==';
const diffie = crypto.createDiffieHellman(Buffer.from(prime, 'base64').toString(), 'hex', 2);
console.log(diffie.generateKeys().length);

Bun output: 1 Node output: 128

What is the expected behavior?

No response

What do you see instead?

No response

Additional information

No response

edde746 commented 2 months ago

A workaround is passing the prime as a buffer instead, example:

let prime = 'Q0Y2NTcwQjY3QzAyRkQ5MzYwMkNGRUIyQjQwMzc5RjkwRDdDMjA0MDg2QTBDMUEzODAwM0IxNUM2MzQ2MTEyMEY1NDczOUU3Q0JBMUZFODNDNDdDNTgzOTcxRjUyMzE5QzkxMEM2NUYzNTdDMUYwNzQzQTZBMzgxMjc5MDdDQThDNjY0ODM3MTUyNEI2MDUyRjdCOUQwQzc3NjU1OTY5MEY5QUFCRDI0ODZBNDJBMTgyNTkyM0MyREZFNTU3RTQwRURFOTM2NTM2MzRGRjhFQUNEQUVFMzExMTg3RjZCNDkxRThDMTE3NkM0QkVBRDY2RUJGMThDQ0UwN0Q1Mjc1Qg==';
prime = Buffer.from(Buffer.from(prime, 'base64').toString(), 'hex');
const diffie = crypto.createDiffieHellman(prime, 'buffer', 2);
console.log(diffie.generateKeys().length);

Bun output: 128