Chromium54 brave password causes crashes on for instance hacker news

[posix4e]

I can't seem to save in my local brave password store

An uncaught exception occurred in the main process Uncaught Exception:
Error: Unknown cipher
    at new Cipheriv (crypto.js:191:16)
    at Object.Cipheriv (crypto.js:189:12)
    at Object.module.exports.encryptAuthenticateInternal (/usr/share/brave/resources/app.asar/js/lib/cryptoUtil.js:81:23)
    at Object.module.exports.encryptAuthenticate (/usr/share/brave/resources/app.asar/js/lib/cryptoUtil.js:21:34)
    at Object.passwordCallbacks.(anonymous function) (/usr/share/brave/resources/app.asar/app/index.js:696:38)
    at EventEmitter.ipcMain.on (/usr/share/brave/resources/app.asar/app/index.js:710:35)
    at emitMany (events.js:132:20)
    at EventEmitter.emit (events.js:201:7)
    at WebContents.<anonymous> (/usr/share/brave/resources/electron.asar/browser/api/web-contents.js:172:13)
    at emitTwo (events.js:106:13)
    at WebContents.emit (events.js:191:7)
/usr/share/brave/resources/app.asar/node_modules/node-anonize2-relic-emscripten/anonize2.js:18
if(!Module)Module=(typeof Module!=="undefined"?Module:null)||{};var moduleOverrides={};for(var key in Module){if(Module.hasOwnProperty(key)){moduleOverrides[key]=Module[key]}}var ENVIRONMENT_IS_WEB=false;var ENVIRONMENT_IS_WORKER=false;var ENVIRONMENT_IS_NODE=false;var ENVIRONMENT_IS_SHELL=false;if(Module["ENVIRONMENT"]){if(Module["ENVIRONMENT"]==="WEB"){ENVIRONMENT_IS_WEB=true}else if(Module["ENVIRONMENT"]==="WORKER"){ENVIRONMENT_IS_WORKER=true}else if(Module["ENVIRONMENT"]==="NODE"){ENVIRONMENT_IS_NODE=true}else if(Module["ENVIRONMENT"]==="SHELL"){ENVIRONMENT_IS_SHELL=true}else{throw new Error("The provided Module['ENVIRONMENT'] value is not valid. It must be one of: WEB|WORKER|NODE|SHELL.")}}else{ENVIRONMENT_IS_WEB=typeof window==="object";ENVIRONMENT_IS_WORKER=typeof importScripts==="function";ENVIRONMENT_IS_NODE=typeof process==="object"&&typeof require==="function"&
[ ] Not implemented reached in static bool blink::PlatformKeyboardEvent::currentCapsLockState()
[ ] 
 ``` [5453:5453:1208/095056:ERROR:CONSOLE(219)] "Uncaught Error: Could not call remote function 'isFocused'. Check that the function signature is correct. Underlying error: Object has been destroyed
Error: Could not call remote function 'isFocused'. Check that the function signature is correct. Underlying error: Object has been destroyed
    at callFunction (/usr/share/brave/resources/electron.asar/browser/rpc-server.js:226:11)
    at EventEmitter.<anonymous> (/usr/share/brave/resources/electron.asar/browser/rpc-server.js:319:5)
    at emitMany (events.js:127:13)
    at EventEmitter.emit (events.js:201:7)&!ENVIRONMENT_IS_WEB&&!ENVIRONMENT_IS_WORKE

Error: Unknown cipher
    at new Cipheriv (crypto.js:191:16)
    at Object.Cipheriv (crypto.js:189:12)
    at Object.module.exports.encryptAuthenticateInternal (/usr/share/brave/resources/app.asar/js/lib/cryptoUtil.js:81:23)
    at Object.module.exports.encryptAuthenticate (/usr/share/brave/resources/app.asar/js/lib/cryptoUtil.js:21:34)
    at Object.passwordCallbacks.(anonymous function) (/usr/share/brave/resources/app.asar/app/index.js:696:38)
    at EventEmitter.ipcMain.on (/usr/share/brave/resources/app.asar/app/index.js:710:35)
    at emitMany (events.js:132:20)
    at EventEmitter.emit (events.js:201:7)
    at WebContents.<anonymous> (/usr/share/brave/resources/electron.asar/browser/api/web-contents.js:172:13)
    at emitTwo (events.js:106:13)
    at WebContents.emit (events.js:191:7)

Test Plan:

1. Set built-in password manager
2. Go to https://github.com/login
3. Type username and password then submit
4. Choose save password for this site shouldn't crash

[posix4e]

Is this bad enough to block?

[bsclifton]

Absolutely- this is a problem

[diracdeltas]

@posix4e i think this is because your version of openssl doesn't support AES-GCM. what version are you running?

[diracdeltas]

@posix4e nvm the above, @bridiver informed me that chromium54 uses boringssl only

[diracdeltas]

i can repro this now. appears that node crypto's crypto.createCipheriv throws Error: Unknown cipher for algorithm 'aes-256-gcm' even though it should be supported in boringssl

[bridiver]

we can switch back to openssl if we need to. The original reason for switching to boringssl no longer exists

[diracdeltas]

@bridiver boringssl is more secure than openssl but OTOH it is not guaranteed to be stable for non-Google projects. https://www.imperialviolet.org/2014/06/20/boringssl.html

[posix4e]

This is fixed on my newest c54 build

…

On Fri, Dec 16, 2016 at 8:07 AM Brian Johnson ***@***.***> wrote: this should be fixed in the latest preview. Can someone verify? — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#6099 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AAxN20AFpwA6BnvBCO9LQlmblklrIKJDks5rIrcjgaJpZM4LIQwX> .

[luixxiul]

Test plan is available on the 1st post: #6099 (comment)

[bsclifton]

added release-notes/exclude; this was intro'd with C54