node-postgres icon indicating copy to clipboard operation
node-postgres copied to clipboard
verified publisher icon brianc

Issue with Crypto package used by pg library

Open AkashWarlocks opened this issue 5 years ago • 10 comments

Server is running on port 3000. internal/crypto/keys.js:305 throw new ERR_INVALID_ARG_TYPE( ^

TypeError [ERR_INVALID_ARG_TYPE]: The "key" argument must be of type string or an instance of Buffer, TypedArray, DataView, or KeyObject. Received null at prepareSecretKey (internal/crypto/keys.js:305:13) at new Hmac (internal/crypto/hash.js:113:9) at Object.createHmac (crypto.js:141:10) at createHMAC (F:\Akash\Drife\code_base\api.drife.io\node_modules\pg\lib\sasl.js:133:17) at Hi (F:\Akash\Drife\code_base\api.drife.io\node_modules\pg\lib\sasl.js:137:13) at Object.continueSession (F:\Akash\Drife\code_base\api.drife.io\node_modules\pg\lib\sasl.js:32:24) at Connection. (F:\Akash\Drife\code_base\api.drife.io\node_modules\pg\lib\client.js:189:10) at Connection.emit (events.js:311:20) at F:\Akash\Drife\code_base\api.drife.io\node_modules\pg\lib\connection.js:109:10 at Parser.parse (F:\Akash\Drife\code_base\api.drife.io\node_modules\pg-protocol\dist\parser.js:40:17) { code: 'ERR_INVALID_ARG_TYPE' }

This is the error shown

AkashWarlocks avatar Oct 09 '20 05:10 AkashWarlocks

Check that you are supplying a password. The error is happening because password is null but it needs a non-empty value to perform the SCRAM authentication.

We can improve the driver by throwing a specific error than failing due to the internal crypto handlers rejecting the null value.

sehrope avatar Oct 09 '20 11:10 sehrope

What is the correct method of using a null password to connect? I'm using sequelize which says your connection password can be null, but if I use a null password, I get an error -

TypeError [ERR_INVALID_ARG_TYPE]: The "key" argument must be of type string or an instance of Buffer, TypedArray, DataView, or KeyObject. Received null at prepareSecretKey (internal/crypto/keys.js:322:11) at new Hmac (internal/crypto/hash.js:113:9) at Object.createHmac (crypto.js:147:10) at createHMAC (C:\Users\Max\Documents\GitHub\next-app\PropertyManager\api\node_modules\pg\lib\sasl.js:136:17) at Hi (C:\Users\Max\Documents\GitHub\next-app\PropertyManager\api\node_modules\pg\lib\sasl.js:140:13) at Object.continueSession (C:\Users\Max\Documents\GitHub\next-app\PropertyManager\api\node_modules\pg\lib\sasl.js:33:24) at Client._handleAuthSASLContinue (C:\Users\Max\Documents\GitHub\next-app\PropertyManager\api\node_modules\pg\lib\client.js:249:10) at Connection.emit (events.js:314:20) at C:\Users\Max\Documents\GitHub\next-app\PropertyManager\api\node_modules\pg\lib\connection.js:109:12 at Parser.parse (C:\Users\Max\Documents\GitHub\next-app\PropertyManager\api\node_modules\pg-protocol\dist\parser.js:40:17) { code: 'ERR_INVALID_ARG_TYPE' }

I'm trying to connect to a local postgres server so I'm not worried about security

MaxMcNally avatar Oct 22 '20 18:10 MaxMcNally

I don't think you can have a "null" password with SCRAM. Pretty sure an empty string wouldn't work either. It needs to be a non-empty value.

If you do not want to verify anything for authentication then change your PostgreSQL server to allow "trust" authentication in pg_hba.conf. It's the server that determines how authentication occurs. The client will only use the supplied password for authentication if the server requests an auth method that requires it (i.e. plaintext, md5, or SCRAM).

sehrope avatar Oct 22 '20 18:10 sehrope

I have the same issue but still, my problem did not solve.

sameer8605 avatar Jan 26 '21 13:01 sameer8605

@sameer8605

Do these steps and check whether this works

  1. Delete the node modules and do npm install or yarn install again
  2. make sure that you added the current DB name
  3. try deleting the db and create a new one

Suryadevelops avatar Jan 26 '21 14:01 Suryadevelops

I also had the same problem when i was using pg library in typeorm the mistake was i entered the wrong DB name

Suryadevelops avatar Jan 26 '21 14:01 Suryadevelops

Check that you are supplying a password. The error is happening because password is null but it needs a non-empty value to perform the SCRAM authentication.

We can improve the driver by throwing a specific error than failing due to the internal crypto handlers rejecting the null value.

I just started learning full stack with node, i was scratching my head with this error. Rechecking code with the instructor's many times coz they didn't have issue without adding password I just added password: 'your-db-pass', and this error went away.

debpalash avatar Jan 27 '21 08:01 debpalash

Ladies and gentlemen, I solved mine by simply changing from this:

const DatabaseConfig = { USER: 'eyoel', HOST: 'localhost', DATABASE: 'hwe', PASSWORD: '*********', PORT: 5432, }

TO

const DatabaseConfig = { user: 'eyoel', host: 'localhost', database: 'hwe', password:'********', port: 5432, }

This can only tell me that changing the keys of the map from capital letters to small letters actually fixed the problem. Also, perhaps the key its talking about in the TypeError is also related to the object itself.

eyoeldefare avatar Apr 02 '21 22:04 eyoeldefare

This can only tell me that changing the keys of the map from capital letters to small letters actually fixed the problem. Also, perhaps the key its talking about in the TypeError is also related to the object itself.

Interesting, need to reproduce this error to validate your claim :D

debpalash avatar May 15 '21 11:05 debpalash

I got a similar error using this lib on a Next.js API route.

After console logging my way through the pool.connect function, I figure it was actually coming from an undefined environment variable (salt) used to hash a user password. When trying to save a row with an undefined value for pass_hash, the lib would throw the obscure error.

This is probably something very particular to my implementation, but just to let everyone know.

geoshak avatar Sep 06 '22 22:09 geoshak