Using a secret key with crypto.createSign passphrase protection

Question

Using a secret key with crypto.createSign passphrase protection

I am trying to sign and verify the message using the node.js crypto API and the private key protected by the passphrase that gets me:

> var sig = crypto.createSign('RSA-SHA256').update('psst').sign(pk,'hex'); Enter PEM pass phrase:

And node just blocks at that point. It seems I can’t find the option to pass the passphrase programmatically.

+6

node.js cryptography openssl

Arne claassen Aug 9 '12 at 6:57

source share

1 answer

Thom sededon · Accepted Answer · 2013-10-03T08:56:29+0000

Update: I fixed it in the kernel

My fix for this just landed basically , ~~it hasn't released an official release yet, but when it does~~ you can use it like this:

 var sig = crypto.createSign('RSA-SHA256').update('psst').sign({ key: pk, passphrase: 'password' }, 'hex');

~~Will be updated after it lands in the release.~~ Landed in version v0.11.8.

Original answer:

Here's a solution that works, you can decrypt the private key when the application starts, and then use it in normal mode, for example:

 var childProcess = require('child_process'), crypto = require('crypto'); var pk; var sign = function () { var sig = crypto.createSign('RSA-SHA256').update('psst').sign(pk,'hex'); console.log(sig); }; childProcess.exec('openssl rsa -in /path/to/private_key -passin pass:your_password', {}, function (err, stdout, stderr) { if (err) throw err; pk = stdout; // Save in memory for later use sign(); });

Using a secret key with crypto.createSign passphrase protection

Update: I fixed it in the kernel

Original answer:

More articles: