You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{"level":50,"time":1716966677374,"pid":8,"hostname":"activepieces-b488877b4-t24gg","err":{"type":"RangeError","message":"Invalid key length","stack":"RangeError: Invalid key length\n at Cipheriv.createCipherBase (node:internal/crypto/cipher:122:19)\n at Cipheriv.createCipherWithIV (node:internal/crypto/cipher:141:3)\n at new Cipheriv (node:internal/crypto/cipher:249:3)\n at Object.createCipheriv (node:crypto:141:10)\n at y (/usr/src/app/dist/packages/server/api/main.js:1:218793)\n at t.encryptObject (/usr/src/app/dist/packages/server/api/main.js:1:218954)\n at Object.<anonymous> (/usr/src/app/dist/packages/server/api/main.js:1:774792)\n at Generator.next (<anonymous>)\n at fulfilled (/usr/src/app/dist/packages/server/api/node_modules/tslib/tslib.js:166:62)\n at process.processTicksAndRejections (node:internal/process/task_queues:95:5)","code":"ERR_CRYPTO_INVALID_KEYLEN"},"msg":"Invalid key length"}
Decoded json:
RangeError: Invalid key length
at Cipheriv.createCipherBase (node:internal/crypto/cipher:122:19)
at Cipheriv.createCipherWithIV (node:internal/crypto/cipher:141:3)
at new Cipheriv (node:internal/crypto/cipher:249:3)
at Object.createCipheriv (node:crypto:141:10)
at y (/usr/src/app/dist/packages/server/api/main.js:1:218793)
at t.encryptObject (/usr/src/app/dist/packages/server/api/main.js:1:218954)
at Object.<anonymous> (/usr/src/app/dist/packages/server/api/main.js:1:774792)
at Generator.next (<anonymous>)
at fulfilled (/usr/src/app/dist/packages/server/api/node_modules/tslib/tslib.js:166:62)
at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
To Reproduce
All the keys (AP_API_KEY, AP_ENCRYPTION_KEY, AP_JWT_SECRET) are set to 128 bytes strings containing random characters from the [A-Za-z0-9] set.
Expected behavior
If there are any constraints on the length of the keys, the code must emit a proper error like "Invalid key length: <key_name> must be longer than XX and shorter than YY bytes" instead of crashing with a generic error that makes it impossible to troubleshoot the issue.
This error occured when the values were generated the same way that this script uses.
My workaround in the end was to reduce the length of all keys to 32 characters.
But that's not the point. The point is that the app must not crash. Any crash is normally (generally across the industry) recognized as a grave severity bug.
If the value of a variable does not meet required constraints, then the app must emit a reasonable error message, mentioning the variable name and the specific constraint that it does not meet, and exit gracefully. Unhandled exceptions are bad, unhandled exceptions with obscure messages are even worse.
Describe the bug
Raw error text:
Decoded json:
To Reproduce
All the keys (AP_API_KEY, AP_ENCRYPTION_KEY, AP_JWT_SECRET) are set to 128 bytes strings containing random characters from the
[A-Za-z0-9]
set.Expected behavior
If there are any constraints on the length of the keys, the code must emit a proper error like "Invalid key length: <key_name> must be longer than XX and shorter than YY bytes" instead of crashing with a generic error that makes it impossible to troubleshoot the issue.
Additional context
The documentation at https://www.activepieces.com/docs/install/configurations/environment-variables does not mention any limitations on the key lengths.
The text was updated successfully, but these errors were encountered: