I confused the private key as an RSA pkey, n/m. Thanks. On Monday, March 3, 2014 3:47:16 PM UTC-7, Fedor Indutny wrote: > > Ah, well, it is expected. How could you use diffie hellman private key > as a RSA input? > > On Tue, Mar 4, 2014 at 12:37 AM, jas <[email protected] <javascript:>> > wrote: > > Sure... And the gist in case the formatting gets buggered. Thanks for > your > > help. The problem is with the > > crypto.createSign(algo).update(ct).final(privKey, enc) not allowing for > > anything except a PEM formatted ascii key which eliminates the following > use > > case as a possible method for signing using a private key generated with > the > > crypto.DiffieHellman class of functions which only export the keys in > > binary, hex or base64 formats. > > > >> /* Bob's environment */ > >> var crypto = require('crypto'); > >> crypto.DEFAULT_ENCODING = 'hex' > >> > >> var dhBob = crypto.getDiffieHellman('modp18') > >> , kBob = dhBob.generateKeys() > >> , keysBob = { > >> pubKey: dhBob.getPublicKey(), > >> privKey: dhBob.getPrivateKey() > >> }; > >> > >> /* Alice's envrionment setup (different computer emulation) */ > >> var dhAlice = crypto.getDiffieHellman('modp18') > >> , kAlice = dhAlice.generateKeys() > >> , keysAlice = { > >> pubKey: dhAlice.getPublicKey(), > >> privKey: dhAlice.getPrivateKey() > >> }; > >> > >> > >> /* Bob recieves Alice's public key & generates a shared secret */ > >> var secret = dhBob.computeSecret(keysAlice.pubKey); > >> > >> /* Bob uses shared secret to create cipher text */ > >> try { > >> var cipher = crypto.createCipher('aes-256-cbc', secret) > >> , ct = []; > >> > >> ct.push(cipher.update('This is a secret message for Alice')); > >> ct.push(cipher.final()); > >> var result = ct.join(''); > >> } catch(e){ > >> throw new Error('Could not create encryption object'); > >> } > >> > >> /* Bob then computes a digest of the cipher text */ > >> var digest = crypto.createHmac('sha256', secret); > >> digest.update(result); > >> var hmac = digest.digest(); > >> > >> /* Create object of ct & hmac and stringify it */ > >> var sendToAlice = JSON.stringify({ message: result, digest: hmac }); > >> > >> /* Bob then signs the object using his DH private key as Alice already > has > >> his > >> public key for verification */ > >> var sig = crypto.createSign('RSA-SHA256'); > >> sig.update(sendToAlice); > >> sig.sign(keysBob.privKey); > > > > > > On Monday, March 3, 2014 1:32:17 PM UTC-7, Fedor Indutny wrote: > >> > >> Hm... could you please paste an example of code that doesn't work for > you? > >> > >> On Mon, Mar 3, 2014 at 10:13 PM, jas <[email protected]> wrote: > >> > Also, here is the error from using > >> > crypto.createSign.update('msg').sign(privateKey, 'hex') due to the > >> > export of > >> > crypto.DiffieHellman.generateKeys lack of ascii output / > >> > crypto.createSign.update('msg').sign(privKey, 'hex') lack of anything > >> > but > >> > ascii input > >> > > >> > 139797041080096:error:0906D06C:PEM routines:PEM_read_bio:no start > >> > line:../deps/openssl/openssl/crypto/pem/pem_lib.c:703:Expecting: ANY > >> > PRIVATE > >> > KEY > >> > > >> > > >> > On Monday, March 3, 2014 10:49:01 AM UTC-7, jas wrote: > >> >> > >> >> Hello, thanks for the response! > >> >> > >> >> Perhaps my original question would be better to include a more > robust > >> >> use > >> >> case: https://gist.github.com/jas-/9330405 > >> >> > >> >> Attempting to specify privKey.toString('hex') would not work in that > >> >> use > >> >> case due to crypto.DiffieHellman.generateKeys() only exporting > binary, > >> >> hex > >> >> or base64 private key formats. > >> >> > >> >> On Monday, March 3, 2014 10:01:56 AM UTC-7, Fedor Indutny wrote: > >> >>> > >> >>> Hi! > >> >>> > >> >>> It is just a convenience thing, the key itself is usually PEM > encoded > >> >>> and > >> >>> you could pass it as a string or Buffer, without any additional > >> >>> encoding > >> >>> set. > >> >>> > >> >>> However, if you do following thing: > >> >>> > >> >>> var key = fs.readFileSync('key.pem').toString('hex'); > >> >>> s.sign(key, 'hex'); > >> >>> > >> >>> The additional encoding param could suddenly become useful ;) > >> >>> > >> >>> So, answering your question - it is a design decision. > >> >>> > >> >>> On Mon, Mar 3, 2014 at 8:56 PM, jas <[email protected]> wrote: > >> >>> > Does anyone know if the privKey arg when using > >> >>> > crypto.createSign().update(ct).sign(privKey, encoding) can be a > >> >>> > buffer, > >> >>> > hex > >> >>> > encoding string etc? > >> >>> > > >> >>> > It seems (according to the docs & source) that it requires an > ascii > >> >>> > PEM > >> >>> > (L#2974) formatted private key, which eliminates the use of the > >> >>> > crypto.DiffieHellman.generateKeys() private key as its only > output > >> >>> > options > >> >>> > are binary, hex or base64. > >> >>> > > >> >>> > Is this a design decision? > >> >>> > > >> >>> > -- > >> >>> > -- > >> >>> > Job Board: http://jobs.nodejs.org/ > >> >>> > Posting guidelines: > >> >>> > > https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines > >> >>> > You received this message because you are subscribed to the > Google > >> >>> > Groups "nodejs" group. > >> >>> > To post to this group, send email to [email protected] > >> >>> > To unsubscribe from this group, send email to > >> >>> > [email protected] > >> >>> > For more options, visit this group at > >> >>> > http://groups.google.com/group/nodejs?hl=en?hl=en > >> >>> > > >> >>> > --- > >> >>> > You received this message because you are subscribed to the > Google > >> >>> > Groups > >> >>> > "nodejs" group. > >> >>> > To unsubscribe from this group and stop receiving emails from it, > >> >>> > send > >> >>> > an > >> >>> > email to [email protected]. > >> >>> > For more options, visit https://groups.google.com/groups/opt_out. > >
-- -- Job Board: http://jobs.nodejs.org/ Posting guidelines: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines You received this message because you are subscribed to the Google Groups "nodejs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nodejs?hl=en?hl=en --- You received this message because you are subscribed to the Google Groups "nodejs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
