Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto createSign method throws exception when passed PKCS#8 keys #139

Closed
ebenpack opened this issue Dec 17, 2015 · 1 comment
Closed

crypto createSign method throws exception when passed PKCS#8 keys #139

ebenpack opened this issue Dec 17, 2015 · 1 comment
Milestone
Trireme 0.8.9

Comments

@ebenpack
Copy link

The crypto createSign method throws the following exception when it's passed an PKCS#8 RSA key.

Error: invalid key: io.apigee.trireme.kernel.crypto.CryptoException: Input data does not contain a key pair

Trireme version is Trireme 0.8.8 / node 0.10.32

I've tested, and node (v0.10.32) has no problems with these keys. Test case is below. You'll see that node has no problems here, but trireme throws an exception.

var crypto = require('crypto');
var privateKey = "-----BEGIN PRIVATE KEY-----\n" +
    "MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDCGTnG2Qz/jJMC\n" +
    "itJEOG2b2LnoTW3lfoeXDyORPjuGfJoRsFSMkv3Ivu9g33nabhjqBtkP3w18c8n+\n" +
    "NdAYyt/UEHs7olBs9+rIWET31SnsEo0hiblLRGIJ5KWBXyBbOB3D7nJAqLyhTxWW\n" +
    "ZLZL5Jy5u9wUQQayH1E3RImFXh9huqZ7O8lqTSu0/qdlaqMYko1Fii6TOBHMLU5Z\n" +
    "nrr9nUHWwhvLvyoBZXTwy0X+0WTspHYrFaTsWvzktLLdsWYrv9Ydil/b0kEdai3O\n" +
    "wC8teHxpzYnSemIxFJ8Ia6UuAmGpXAeHlxkrX2ELaPi7G7L78mDgxFYdpUi4roFB\n" +
    "4XfgyZRvAgMBAAECggEAX7TGi2kdAqkTGA7RbTgRu+XajVQYmy+PtgmN9SElgsPP\n" +
    "yGcU2ZflMWYMbMzkrbLZ8BNeVngak0IY2JM6P+9Q/KT/zsDTPVflWdJEd5uRJ0li\n" +
    "c6YQSq+2U8B9Z1Q7hR8fdiwOBBnvoO5464ZPaQ6ZxO9/rjD+Fzhf+It/79YgTTQ5\n" +
    "r+ICjkpmwg1CNsa3SAI2elDEAys+tNpFuM/QHcfzP7xxEBPNyKssQZAaxPb7/dL7\n" +
    "gfFSXrF4e+GTictIs8WC8nG5m5V+F8HB/Doru4qndjT/nRezho40hqjn1wuDSVKF\n" +
    "ifwQL4ZsGO42FO1/nZlQ6dsEft4kfICywYB7X+0JqQKBgQD32EwxA7csFQb1QWWn\n" +
    "Xqbbxra3pN0/0OccUFibITBQMw8gesquP3bTsJqBvHu+hlPhwTqCU9h+jG3xyg0l\n" +
    "kdI830VVV/vVz+GMdMz+g9qPMPAPSLxM9cbElJjBcP8SGmlh5Ddo1VyRtVuwNtrp\n" +
    "RvEFCZGP1bcDaIC1x/Yt63yHqwKBgQDIfDMcd19+oo7Ue3ytNpv8bvrl1Ph4KTLE\n" +
    "IB/s0JTk93oYZNMRx+3w9tRqw3clBta8igNIDQk0vxqLyEnt80+ASgteTcDPeYy0\n" +
    "SPzY66rpKsrAn5jMCcEH6PieQzueK30JsHLBeX0nEddDT40cvKiUn9DpO9xG7Jb5\n" +
    "MU/aGqBSTQKBgQDz8if8ToXqk7/HgtkFhjqCM/MAivtipsHzsnmkJ2Sga8FF3NbF\n" +
    "752L+1X4wIakHx9NI53tTY3X8Wz+AjwycHcYh0J9IB62cui0EPr8wNdM/YQr5xHA\n" +
    "RmGgeApqzEejj++N9M09GFUG7hUTOsr5tWPh62skwdxjNGcLhYgf5psqBQKBgQC0\n" +
    "jU3GbCcfN6yj5VYh9FVEYHoqM8NVC91BTaESt8Hv9oQJpfuEPualpNUmFUSenusS\n" +
    "vsQ3xi2tSBHTIxyZZA8L/SMB2cozz0aNMlIr1QmFlVklYlXMI1ipFAGbHfd5+bZQ\n" +
    "3Ixse0nfvqx7XRA7ehfkSY1uDs/RO863OtasGGCb3QKBgA+kAtNvWm8xot6RQ3cX\n" +
    "MKdPU7RrXY4aOQ4OUHH3FSl+7zuqwcv0aKxLJ1zmEDjCdM3CYEfixezbCejjXr5d\n" +
    "7pc/Ftxxw1ciQ29kTWgP1w6LkFa++Ogc7pXEhW46IafBeluD0IMN6YG7UMXWmyPC\n" +
    "pjTfv2yVcz3h9eqXquPFS0US\n" +
    "-----END PRIVATE KEY-----\n";

var s = crypto.createSign('RSA-SHA256').update("foobarbaz").sign(privateKey, 'base64');
console.log(s);

In the meantime, if anyone else is running into this issue, I was able to work around it using the unix openssl utility to convert the key to PKCS#1 format, like so:

openssl rsa -in foobar.pem
@gbrail
Copy link
Contributor

gbrail commented Dec 22, 2015

Thanks for catching this and writing up a simple test case!

Fixed this by adding some of the missing code around PEM key parsing. Pushed fix to master.

@gbrail gbrail closed this as completed Dec 22, 2015
@gbrail gbrail added this to the Trireme 0.8.8. milestone Feb 2, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
Trireme 0.8.9
Development

No branches or pull requests
2 participants
@gbrail @ebenpack