This was originally posted to the nodejs Github issues page, but it appears that it is an issue with Ubuntu 22.04, so I'm re-posting it here hoping to get further advice. The original thread on Github is here: https://github.com/nodejs/node/issues/43132.
Whenever trying to sign data using nodejs's crypto module, I get an error that OpenSSL cannot load a shared library. If I set the OPENSSL_CONF variable to /dev/null before starting node then I am able to sign data without an issue. This indicates that the problem is likely to be in the /etc/ssl/openssl.cnf config file; however, I'm at a loss on how to track it down further. What can I do to determine what part of the config is failing? If there is a missing/broken engine, how can I provide a working copy?
Steps to Reproduce
I am running Ubuntu 22.04 upgraded from a prior version (21.10 probably but I'm not certain). I originally ran into this issue while using a verison of node installed using nvm, but I can also reproduce it using the nodejs package installed by apt.
Start node and then run this code (NOTE: this key was generated for this example):
var crypto = require('crypto')
var sign = crypto.createSign('RSA-SHA256')
sign.update("TEST INPUT")
sign.sign(`-----BEGIN PRIVATE KEY-----
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDHCN7vsxauuh4M
+VCqxdMwYMV2zLTcCGOIYYRMuCd6Rt3TNKpLmjxmXx3QPvv1QNjDeokFGlnpcxOG
DPs7abkULC12Qdk1wld8apo0qU5xDXDT/beLzc52ykOOySkz0+WxI4sNMqUnLcQq
4FMMTM2CCk4W9z/hZitjqlUyYxLWqgn/Vtp6C1qMD2gFOU3WAFe9jQNvDHJ7H6+5
2nWwFzkaswxHy++6PvzsLtop6/D+cqdKpaiXLzUJvHJbLX4ZLxdMdGq0y7hwhvA8
o2vLf+5cqeoQyobcdczUNC+GjKo9gaMw3j2RSxkfkJT1Mgs0AtBopFrIKLr1Medu
CObjb2vPAgMBAAECggEARrbvokFCQ1UL/TcNQodjp9ISBknnzi9K0bc37pwVJpwM
DxCsmozTfdm4eXcPRM1D1nvwN7hrjoZcvulYz3yaDcE+a8AsgK2qMKGdZS1sGb2Z
QzBnKIw4GTt2skHlWi0kdAG5UziVtexMQKGP0BRvhY7MvNsevqHys4femjbaCBsk
Nv+RoAT1Q/xOAXAy0tBVCOEdVmwiy+beVzl164wjABv8KhVNjnDZYUlCRtlm0hpn
r9+mQ1Gq5d97LaFojgXLKbpPv5Hi6nyaFzA1HVGnqGP97GfAgj/aFg0j/0k19l2l
YLiDtxN7B4ZOhS/B6q5y2KMd1lZIbR8VMpN9Uc9vqQKBgQDtJxiOyjtnAl9eaNhH
9HHI8DG2i406FO0zTzlhAJY0ZFZDJtrfy5ggIu6tAg2VDurbSlvHxepThvX856g0
TjDbAJQB5sNouB7M+k5+eyZxH8ctnhEXrp3FiryZME7maQOepUaT6sK4eaaXwgIb
2zWWVvi5WG9uHtvWvCGCk+JOeQKBgQDW2kH40LIdYh+WU3TFh8676PewN66BRoJp
s/V0vm8Nj2dgM9dpIgekmPpjdMGYhqWC++dSkl7ix76ivHIg31Wg1x2ugV9Mr/Dd
HITCrsF/McCOdDvx2RQJtPI/BRVimZJmFXr5MbyVXcrUkIhQBvMV+/1kGr2x7Tn8
xtoKTS3ahwKBgQCJJhwIsCHsb63Rvpad/lszlt1ZMZmKJoILM1z+oUU8pW5RxY28
8VRX+XvIqDBMrOTbz0QG44mhpqJqEVrwbOvKK6ps8xS9YgXGC1gLw5K2x2b8FbbS
2FQ74wExIoPusnq6a+DGOHVGFGxoxXVMwNhbyo5rOh6vM791jzVd+8JcGQJ/V0hT
hMFDmqxCKM++oICLe8so1G3KdrouQMLa9JJoixm25V4qJIuujy+WiNDl1RDeLFgp
oWHVKkv7JiFoO/J+1tiNNldYX88aCrmLNYvJD+MmVrjhoV6OxWK9Bt0J0wSQdOhF
DPcnpYZ03+XXeqtYFZZJWmGCrsWwyP//lC/GcQKBgQC9TIvLQb3s6BZyjuJLV/Lg
99+sJG8hUJ9KWgSkUYCByCUjFv4W+nByhgie5kP07cL5oIZbWmxWdJ/sRLYvZ+n7
aRkhcCzYPzYRDNu7erzzWVS31vGWXUeUiMMO9/Q4SVIBPN1c/VSkjgZcn/Hft3C1
tSy7RFfrQHILNt5U3N60XA==
-----END PRIVATE KEY-----`)
You get the following error:
Uncaught:
Error: error:25066067:DSO support routines:dlfcn_load:could not load the shared library
at Sign.sign (internal/crypto/sig.js:103:29) {
opensslErrorStack: [
'error:0E076071:configuration file routines:module_run:unknown module name',
'error:0E07506E:configuration file routines:module_load_dso:error loading dso',
'error:25070067:DSO support routines:DSO_load:could not load the shared library'
],
library: 'DSO support routines',
function: 'dlfcn_load',
reason: 'could not load the shared library',
code: 'ERR_OSSL_DSO_COULD_NOT_LOAD_THE_SHARED_LIBRARY'
}
Signing data outside of nodejs works just fine (junk.pem contains the same key as above):
$ openssl dgst -sha256 -sign junk.pem junk.pem | openssl base64
L5ujucYKKzi+ajZi4vVkJNIpoznMLbzZOdgYtS9Y6qrwBlbt9VTpNpzUM3IeWtDe
2gDk563T3qL+1TeLwcbUHiCWeUrCBUdsQofnrAf5pJq9PW4zaWEHjre3g9Gcnqu6
jaWX7K/g1s9RRM0Kif10a3gAzV6Ij3Bw/NsXMouupBd8hUZrqaxwXtcv3pKAtKIS
aIXP34FXtB5qdsAC9kDNH0Sk9hBlhs33eCxhBIOP4xq4IpLWct0aGGDYD8OB1LTC
6JybDir2QqlZ/qmNuesaI7EmW1Pi90MGeTdSG/9nhBTCE0Q0JttNxOfWkSusJADE
N/rBdOR3Fp0PS6FB7hWNzQ==
