Sure... And the gist <https://gist.github.com/jas-/9330405> in case the formatting gets buggered. Thanks for your help. The problem is with the crypto.createSign(algo).update(ct).final(privKey, enc) not allowing for anything except a PEM formatted ascii key which eliminates the following use case as a possible method for signing using a private key generated with the crypto.DiffieHellman class of functions which only export the keys in binary, hex or base64 formats.
/* Bob's environment */ > var crypto = require('crypto'); > crypto.DEFAULT_ENCODING = 'hex' > > var dhBob = crypto.getDiffieHellman('modp18') > , kBob = dhBob.generateKeys() > , keysBob = { > pubKey: dhBob.getPublicKey(), > privKey: dhBob.getPrivateKey() > }; > > /* Alice's envrionment setup (different computer emulation) */ > var dhAlice = crypto.getDiffieHellman('modp18') > , kAlice = dhAlice.generateKeys() > , keysAlice = { > pubKey: dhAlice.getPublicKey(), > privKey: dhAlice.getPrivateKey() > }; > > > /* Bob recieves Alice's public key & generates a shared secret */ > var secret = dhBob.computeSecret(keysAlice.pubKey); > > /* Bob uses shared secret to create cipher text */ > try { > var cipher = crypto.createCipher('aes-256-cbc', secret) > , ct = []; > > ct.push(cipher.update('This is a secret message for Alice')); > ct.push(cipher.final()); > var result = ct.join(''); > } catch(e){ > throw new Error('Could not create encryption object'); > } > > /* Bob then computes a digest of the cipher text */ > var digest = crypto.createHmac('sha256', secret); > digest.update(result); > var hmac = digest.digest(); > > /* Create object of ct & hmac and stringify it */ > var sendToAlice = JSON.stringify({ message: result, digest: hmac }); > > /* Bob then signs the object using his DH private key as Alice already has > his > public key for verification */ > var sig = crypto.createSign('RSA-SHA256'); > sig.update(sendToAlice); > sig.sign(keysBob.privKey); > On Monday, March 3, 2014 1:32:17 PM UTC-7, Fedor Indutny wrote: > > Hm... could you please paste an example of code that doesn't work for you? > > On Mon, Mar 3, 2014 at 10:13 PM, jas <jason....@gmail.com <javascript:>> > wrote: > > Also, here is the error from using > > crypto.createSign.update('msg').sign(privateKey, 'hex') due to the > export of > > crypto.DiffieHellman.generateKeys lack of ascii output / > > crypto.createSign.update('msg').sign(privKey, 'hex') lack of anything > but > > ascii input > > > > 139797041080096:error:0906D06C:PEM routines:PEM_read_bio:no start > > line:../deps/openssl/openssl/crypto/pem/pem_lib.c:703:Expecting: ANY > PRIVATE > > KEY > > > > > > On Monday, March 3, 2014 10:49:01 AM UTC-7, jas wrote: > >> > >> Hello, thanks for the response! > >> > >> Perhaps my original question would be better to include a more robust > use > >> case: https://gist.github.com/jas-/9330405 > >> > >> Attempting to specify privKey.toString('hex') would not work in that > use > >> case due to crypto.DiffieHellman.generateKeys() only exporting binary, > hex > >> or base64 private key formats. > >> > >> On Monday, March 3, 2014 10:01:56 AM UTC-7, Fedor Indutny wrote: > >>> > >>> Hi! > >>> > >>> It is just a convenience thing, the key itself is usually PEM encoded > and > >>> you could pass it as a string or Buffer, without any additional > encoding > >>> set. > >>> > >>> However, if you do following thing: > >>> > >>> var key = fs.readFileSync('key.pem').toString('hex'); > >>> s.sign(key, 'hex'); > >>> > >>> The additional encoding param could suddenly become useful ;) > >>> > >>> So, answering your question - it is a design decision. > >>> > >>> On Mon, Mar 3, 2014 at 8:56 PM, jas <jason....@gmail.com> wrote: > >>> > Does anyone know if the privKey arg when using > >>> > crypto.createSign().update(ct).sign(privKey, encoding) can be a > buffer, > >>> > hex > >>> > encoding string etc? > >>> > > >>> > It seems (according to the docs & source) that it requires an ascii > PEM > >>> > (L#2974) formatted private key, which eliminates the use of the > >>> > crypto.DiffieHellman.generateKeys() private key as its only output > >>> > options > >>> > are binary, hex or base64. > >>> > > >>> > Is this a design decision? > >>> > > >>> > -- > >>> > -- > >>> > Job Board: http://jobs.nodejs.org/ > >>> > Posting guidelines: > >>> > https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines > >>> > You received this message because you are subscribed to the Google > >>> > Groups "nodejs" group. > >>> > To post to this group, send email to nod...@googlegroups.com > >>> > To unsubscribe from this group, send email to > >>> > nodejs+un...@googlegroups.com > >>> > For more options, visit this group at > >>> > http://groups.google.com/group/nodejs?hl=en?hl=en > >>> > > >>> > --- > >>> > You received this message because you are subscribed to the Google > >>> > Groups > >>> > "nodejs" group. > >>> > To unsubscribe from this group and stop receiving emails from it, > send > >>> > an > >>> > email to nodejs+un...@googlegroups.com. > >>> > For more options, visit https://groups.google.com/groups/opt_out. > -- -- Job Board: http://jobs.nodejs.org/ Posting guidelines: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines You received this message because you are subscribed to the Google Groups "nodejs" group. To post to this group, send email to nodejs@googlegroups.com To unsubscribe from this group, send email to nodejs+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nodejs?hl=en?hl=en --- You received this message because you are subscribed to the Google Groups "nodejs" group. To unsubscribe from this group and stop receiving emails from it, send an email to nodejs+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.