Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

signing data with private key generated by new openssh 8.0 not working. #46

Open
dartedfa opened this issue Dec 18, 2019 · 3 comments
Open

Comments

@dartedfa
Copy link

Trying to sign some data with private key which is generated by new openssh 8.0, signature output is always random, Output is always different, when passing same data. I have checked and think that problem comes from var "crt" func related to browserify-rsa. for older keys it works as expected, problem occurs only in case of using new private key. Can someone help me with this ? Thanks in advance.

@gustavosbarreto
Copy link

Trying to sign some data with private key which is generated by new openssh 8.0, signature output is always random, Output is always different, when passing same data. I have checked and think that problem comes from var "crt" func related to browserify-rsa. for older keys it works as expected, problem occurs only in case of using new private key. Can someone help me with this ? Thanks in advance.

The same here.

Test code:

var keyPriv = `-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAlwAAAAdzc2gtcn
NhAAAAAwEAAQAAAIEAvzqy5E3zSn2TG3QRvOmXyfU7UAJDBLEQ9/ocKTFLGPKbF506xGfK
fbksNFg/rbMvVbTSNlouQTTdu7jNiQBwBaHvuJz/PwvY5iz7mVoNue/7g+Ndn09TVWM+yi
sQtNUbpX6UqPV0pLp9er5QG1V6YsJouh5A3nFWR0LJ+HQmj8UAAAIQ3RIN190SDdcAAAAH
c3NoLXJzYQAAAIEAvzqy5E3zSn2TG3QRvOmXyfU7UAJDBLEQ9/ocKTFLGPKbF506xGfKfb
ksNFg/rbMvVbTSNlouQTTdu7jNiQBwBaHvuJz/PwvY5iz7mVoNue/7g+Ndn09TVWM+yisQ
tNUbpX6UqPV0pLp9er5QG1V6YsJouh5A3nFWR0LJ+HQmj8UAAAADAQABAAAAgFSAe8ynJX
slQnw/LhdsocZ8t1kDptnL5NOvkgIh5i2AB0jIEc/4jWJBEWeQF5OKOsCExt99ujLWSaVK
ZIjFyLnwmPL6tN6Zm/yTiWZxs5VE6S4eRW6V2TXqx6FvFsMn5w0zol8E/HDtoEwtC4tSZo
g3cTwdj5QEwgomIYNoITwBAAAAQDHxgSxkJuuciPYULz65l53ABEOGL4cQzSwx6yZ1jxhY
87W2Si0c2+ZWhtw6P5vfiQ5BsG1UArWVCaS+2FRgEhoAAABBAOovulyHjVohZtpwJurCMK
sByIkQFy97Td297PLkjW0cb4s3xoXDcSbLId41iCbUsuvffMWIElcZOMWVFlmVfQkAAABB
ANEKo9dzywZX+Rp7qMomaxGBoCGOMiw4qvydU4rXIXpLHfQS48kewy/5HsS9Au9ookctan
m28dPkGkwqnZAzZ90AAAAUZ3VzdGF2b0BkcmVyYS1tb2JpbGUBAgMEBQYH
-----END OPENSSH PRIVATE KEY-----`
var key = sshpk.parsePrivateKey(keyPriv);

var data = 'some data';

/* Sign some data with the key */
var s = key.createSign('sha1');
s.update(data);
var signature = s.sign();

console.log(signature.toBuffer().toString('base64'));

/* Now load the public key (could also use just key.toPublic()) */
var keyPub = `ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQC/OrLkTfNKfZMbdBG86ZfJ9TtQAkMEsRD3+hwpMUsY8psXnTrEZ8p9uSw0WD+tsy9VtNI2Wi5BNN27uM2JAHAFoe+4nP8/C9jmLPuZWg257/uD412fT1NVYz7KKxC01RulfpSo9XSkun16vlAbVXpiwmi6HkDecVZHQsn4dCaPxQ== gustavo@drera-mobile`;

key = sshpk.parseKey(keyPub);

/* Make a crypto.Verifier with this key */
var v = key.createVerify('sha1');
v.update(data);
var valid = v.verify(signature);
console.log(valid);

The signature output is always random

@gustavosbarreto
Copy link

@dartedfa Did you found solution for this?

@gustavosbarreto
Copy link

Maybe someone could implement support for OpenSSH key format based on this:
https://github.com/rzcoder/node-rsa/pull/181/files

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants