'Error using sign.sign() in Node.js crypto, bad decrypt
New to node.js and I got error using sign() in crypto.Please help!
I created sign
using const sign = crypto.createSign('sha256'); and then tried to sign with var signature = sign.sign(key,'hex'); the key is generated using
const { privateKey, publicKey } = crypto.generateKeyPairSync('rsa', {
modulusLength: 2048,
publicKeyEncoding: {
type: 'spki',
format: 'pem'
},
privateKeyEncoding: {
type: 'pkcs8',
format: 'pem',
cipher: 'aes-256-cbc',
passphrase: 'top secret'
}
});
const key = privateKey;
const seller_public_key = publicKey
what I tried to sign is an JSON object that are converted to string using jsonData = JSON.stringify(menu);return signData(jsonData);
function signData(plaintext){
sign.update(plaintext);
sign.end();
var signature = sign.sign(key,'hex');
return signature;
}
I got error message:
internal/crypto/sig.js:80
var ret = this._handle.sign(key, passphrase, rsaPadding, pssSaltLength);
^
Error: error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt
And I've seen some people talk about key format, my key format indeed starts with -----BEGIN ENCRYPTED PRIVATE KEY-----, end with -----END ENCRYPTED PRIVATE KEY-----
Solution 1:[1]
Since your private key is encrypted, you should pass the passphrase in the sign call:
sign.sign({ key, passphrase: 'top secret' }, 'hex');
The privateKey argument can be an object or a string. If privateKey is a string, it is treated as a raw key with no passphrase. If privateKey is an object, it must contain one or more of the following properties:
key: - PEM encoded private key (required)
passphrase: - passphrase for the private key
...
Reference: https://nodejs.org/docs/latest-v10.x/api/crypto.html#crypto_sign_sign_privatekey_outputencoding
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | Community |