Ah, well, it is expected. How could you use diffie hellman private key as a RSA input?
On Tue, Mar 4, 2014 at 12:37 AM, jas <[email protected]> wrote: > Sure... And the gist in case the formatting gets buggered. Thanks for your > help. The problem is with the > crypto.createSign(algo).update(ct).final(privKey, enc) not allowing for > anything except a PEM formatted ascii key which eliminates the following use > case as a possible method for signing using a private key generated with the > crypto.DiffieHellman class of functions which only export the keys in > binary, hex or base64 formats. > >> /* Bob's environment */ >> var crypto = require('crypto'); >> crypto.DEFAULT_ENCODING = 'hex' >> >> var dhBob = crypto.getDiffieHellman('modp18') >> , kBob = dhBob.generateKeys() >> , keysBob = { >> pubKey: dhBob.getPublicKey(), >> privKey: dhBob.getPrivateKey() >> }; >> >> /* Alice's envrionment setup (different computer emulation) */ >> var dhAlice = crypto.getDiffieHellman('modp18') >> , kAlice = dhAlice.generateKeys() >> , keysAlice = { >> pubKey: dhAlice.getPublicKey(), >> privKey: dhAlice.getPrivateKey() >> }; >> >> >> /* Bob recieves Alice's public key & generates a shared secret */ >> var secret = dhBob.computeSecret(keysAlice.pubKey); >> >> /* Bob uses shared secret to create cipher text */ >> try { >> var cipher = crypto.createCipher('aes-256-cbc', secret) >> , ct = []; >> >> ct.push(cipher.update('This is a secret message for Alice')); >> ct.push(cipher.final()); >> var result = ct.join(''); >> } catch(e){ >> throw new Error('Could not create encryption object'); >> } >> >> /* Bob then computes a digest of the cipher text */ >> var digest = crypto.createHmac('sha256', secret); >> digest.update(result); >> var hmac = digest.digest(); >> >> /* Create object of ct & hmac and stringify it */ >> var sendToAlice = JSON.stringify({ message: result, digest: hmac }); >> >> /* Bob then signs the object using his DH private key as Alice already has >> his >> public key for verification */ >> var sig = crypto.createSign('RSA-SHA256'); >> sig.update(sendToAlice); >> sig.sign(keysBob.privKey); > > > On Monday, March 3, 2014 1:32:17 PM UTC-7, Fedor Indutny wrote: >> >> Hm... could you please paste an example of code that doesn't work for you? >> >> On Mon, Mar 3, 2014 at 10:13 PM, jas <[email protected]> wrote: >> > Also, here is the error from using >> > crypto.createSign.update('msg').sign(privateKey, 'hex') due to the >> > export of >> > crypto.DiffieHellman.generateKeys lack of ascii output / >> > crypto.createSign.update('msg').sign(privKey, 'hex') lack of anything >> > but >> > ascii input >> > >> > 139797041080096:error:0906D06C:PEM routines:PEM_read_bio:no start >> > line:../deps/openssl/openssl/crypto/pem/pem_lib.c:703:Expecting: ANY >> > PRIVATE >> > KEY >> > >> > >> > On Monday, March 3, 2014 10:49:01 AM UTC-7, jas wrote: >> >> >> >> Hello, thanks for the response! >> >> >> >> Perhaps my original question would be better to include a more robust >> >> use >> >> case: https://gist.github.com/jas-/9330405 >> >> >> >> Attempting to specify privKey.toString('hex') would not work in that >> >> use >> >> case due to crypto.DiffieHellman.generateKeys() only exporting binary, >> >> hex >> >> or base64 private key formats. >> >> >> >> On Monday, March 3, 2014 10:01:56 AM UTC-7, Fedor Indutny wrote: >> >>> >> >>> Hi! >> >>> >> >>> It is just a convenience thing, the key itself is usually PEM encoded >> >>> and >> >>> you could pass it as a string or Buffer, without any additional >> >>> encoding >> >>> set. >> >>> >> >>> However, if you do following thing: >> >>> >> >>> var key = fs.readFileSync('key.pem').toString('hex'); >> >>> s.sign(key, 'hex'); >> >>> >> >>> The additional encoding param could suddenly become useful ;) >> >>> >> >>> So, answering your question - it is a design decision. >> >>> >> >>> On Mon, Mar 3, 2014 at 8:56 PM, jas <[email protected]> wrote: >> >>> > Does anyone know if the privKey arg when using >> >>> > crypto.createSign().update(ct).sign(privKey, encoding) can be a >> >>> > buffer, >> >>> > hex >> >>> > encoding string etc? >> >>> > >> >>> > It seems (according to the docs & source) that it requires an ascii >> >>> > PEM >> >>> > (L#2974) formatted private key, which eliminates the use of the >> >>> > crypto.DiffieHellman.generateKeys() private key as its only output >> >>> > options >> >>> > are binary, hex or base64. >> >>> > >> >>> > Is this a design decision? >> >>> > >> >>> > -- >> >>> > -- >> >>> > Job Board: http://jobs.nodejs.org/ >> >>> > Posting guidelines: >> >>> > https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines >> >>> > You received this message because you are subscribed to the Google >> >>> > Groups "nodejs" group. >> >>> > To post to this group, send email to [email protected] >> >>> > To unsubscribe from this group, send email to >> >>> > [email protected] >> >>> > For more options, visit this group at >> >>> > http://groups.google.com/group/nodejs?hl=en?hl=en >> >>> > >> >>> > --- >> >>> > You received this message because you are subscribed to the Google >> >>> > Groups >> >>> > "nodejs" group. >> >>> > To unsubscribe from this group and stop receiving emails from it, >> >>> > send >> >>> > an >> >>> > email to [email protected]. >> >>> > For more options, visit https://groups.google.com/groups/opt_out. -- -- Job Board: http://jobs.nodejs.org/ Posting guidelines: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines You received this message because you are subscribed to the Google Groups "nodejs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nodejs?hl=en?hl=en --- You received this message because you are subscribed to the Google Groups "nodejs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
