search

samuel-lucas6 / Kryptor

A simple, modern, and secure encryption and signing tool that aims to be a better version of age and Minisign.
https://www.kryptor.co.uk
GNU General Public License v3.0
414 stars 33 forks source link

🐛Bug: Cannot run Kryptor binary on NixOS #71

Closed c0gn1tion closed 2 weeks ago

c0gn1tion commented 3 months ago

Description

After trying to run the binary with all the dynamic libraries (this being libz and libstdc++), the program works fine but when trying to generate keys or verify a signature, it gives the error "Illegal Instruction (core dumped)". The missing dynamic libraries was found by running ldd kryptor in the directory of the binary.

Steps to reproduce

  1. Have the lines in configuration.nix programs.nix-ld.enable = true programs.nix-ld.libraries = with pkgs; [ libz libstdcxx5 icu ]
  2. Run ./kryptor -g and select any of the key pair type.
  3. See "Illegal instruction (core dumped)"

Expected behavior

Successfully generate a key pair.

Platform info

samuel-lucas6 commented 3 months ago

Thanks for reporting this. Unfortunately, I know nothing about NixOS. I wonder if this is a .NET problem on NixOS as there was an issue before about that (#59).

After trying to run the binary with all the dynamic libraries (this being libz and libstdc++), the program works fine

What do you mean by this? That it executes? Which binary are you using or did you build from source?

when trying to generate keys or verify a signature, it gives the error "Illegal Instruction (core dumped)".

Do other commands also produce that error, even stuff like -h|--help?

c0gn1tion commented 2 months ago

Thanks for reporting this. Unfortunately, I know nothing about NixOS. I wonder if this is a .NET problem on NixOS as there was an issue before about that (#59).

Thanks for reading my issue. This probably is a .NET problem, but I compiled binary from source and the problem still persisted. Won't say much about this as I don't know anything about C# or .NET like you with NixOS.

What do you mean by this? That it executes? Which binary are you using or did you build from source?

Basically, running any command that doesn't require any cryptography works such as kryptor -h or kryptor --version will work fine, but commands such as kryptor -g will work fine till it actually starts generating the key, then the error pops up. And what I meant by the 'dynamic libraries', well in NixOS, you cannot run a random binary that you see online because the OS doesn't follow the File system Hierarchy Standard (FHS) and doesn't have a global library path it can use. There are a few ways to get around this, and the one I used was using nix-ld. To find the missing libraries, I used ldd kryptor and added it to the nix-ld libraries section but even then popped out an error of not having an ICU package (which is needed for proper globalization, don't know if that's needed for Kryptor or not) either way, I then added the ICU package, and then it was able to run help commands as mentioned before, but cryptographical tasks produced errors.

samuel-lucas6 commented 2 months ago

Basically, running any command that doesn't require any cryptography works such as kryptor -h or kryptor --version will work fine, but commands such as kryptor -g will work fine till it actually starts generating the key, then the error pops up.

Thanks for getting back to me. It sounds like it might be libsodium then, the cryptographic library. Not sure where to go from here.

I'd be interested to know whether Cahir or Milva built from source work. The former uses Monocypher and the latter uses Monocypher and Bouncy Castle instead of libsodium.

c0gn1tion commented 2 months ago

Sorry for getting back a bit late, had some problems with my computer.

I'd be interested to know whether Cahir or Milva built from source work. The former uses Monocypher and the latter uses Monocypher and Bouncy Castle instead of libsodium.

Well, don't know about Cahir as it has no pre-built binary and I don't know how to compile it, but Milva's binary seems to work out of the box with no issues. So, the problem as you said may lie in libsodium. The libsodium library also seems to be available as a nixpkg, so there should be a way to get it working on NixOS (probably using flakes).

samuel-lucas6 commented 2 months ago

don't know about Cahir as it has no pre-built binary

Sorry, it's still in development and haven't written up build instructions yet.

Milva's binary seems to work out of the box with no issues

Cool, thanks for testing that out.

The libsodium library also seems to be available as a nixpkg, so there should be a way to get it working on NixOS (probably using flakes).

Let me know if you get it working.

samuel-lucas6 commented 2 months ago

I should've said actually that only BLAKE2b uses Monocypher on Milva (e.g., --blake2b-256). It's less surprising if the other options work because they're either .NET or Bouncy Castle, which means C# code.

c0gn1tion commented 2 months ago

I should've said actually that only BLAKE2b uses Monocypher on Milva (e.g., --blake2b-256). It's less surprising if the other options work because they're either .NET or Bouncy Castle, which means C# code.

Just tried the --blake2b-256 hash function and it worked with no issues.

arthsmn commented 2 weeks ago

Created a package for Kryptor in nixpkgs: https://github.com/NixOS/nixpkgs/pull/326334

c0gn1tion commented 2 weeks ago

Created a package for Kryptor in nixpkgs: https://github.com/NixOS/nixpkgs/pull/326334

Guess that fixes it then, I will close this issue once it gets merged.

arthsmn commented 2 weeks ago

The package is now merged. @samuel-lucas6 maybe you want to add it to the available package managers. If you need any help with nix I'm here :)

samuel-lucas6 commented 2 weeks ago

Thanks @arthsmn! What link should I use? Searching here doesn't find anything at the moment.

arthsmn commented 2 weeks ago

Thanks @arthsmn! What link should I use? Searching here doesn't find anything at the moment.

This is because it was merged on the master branch of the repository, it'll take two or three days to get into nixos-unstable (the rolling release), here is the link of the search in the unstable channel. For the stable release it'll have to wait until the next one, as nixos doesn't add new packages in a stable channel. I'll ping you here when it arrives in unstable.

arthsmn commented 1 week ago

@samuel-lucas6 kryptor is now in the unstable branch!

samuel-lucas6 commented 1 week ago

@arthsmn Thanks for letting me know. I've updated the website and credited you in the Acknowledgements.

arthsmn commented 1 week ago

@arthsmn Thanks for letting me know. I've updated the website and credited you in the Acknowledgements.

Thanks!