I can generate a key with crypto.generateKeyPairSync()
But how do I go about loading it from a string/file?
Related
I have a public key pubkey.asc.
Also I have a file file.txt and its detached signature file.txt.asc.
I want to check the following steps:
file.txt.asc is a signature for file.txt
file.txt.asc was created using secret key from a keyring with public key pubkey.asc
I can do the 1st step using gpg --verify file.txt.asc file.txt. This command outputs public key fingerprint which was used to create a signature:
gpg: Signature made <date and time>
gpg: using RSA key <fingerprint>
...
I can see pubkey.asc fingerprint just by running gpg pubkey.asc.
Can I use this information and just check if fingerprints are equal to perform 2nd step? If not, how can I verify a file signature with given public key?
I saw this question about how to verify if signature matches public key, but it only works if key has extension .gpg which is not my case.
OpenPGP key's fingerprint is a SHA1 hash of public key itself plus some additional data, and it uniquely identifies the key (excluding collision cases, which are not known yet for OpenPGP key fingerprints).
So, yeah, seeing 'good signature made by key [fingerprint]' is enough to rely on fact that signature is made by the aforementioned key.
I have a .cer file containing the public key of an entity, to make a request to the entity I need to encrypt the session key using this public key(RSA algorithm). How do I get the public key from the .cer file to use here?
const encrypted = crypto.publicEncrypt(publicKey, buffer)
CER file is used to store X.509 certificate. The file contains information about the certificate owner and public key. A CER file can be in binary (ASN.1 DER) or encoded with Base-64
The public key is going to be in a block (after decoding if it was base64)
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCsM+whXrxmbCkPfkwY2EehYpIp
*blah blah blah blah*
-----END PUBLIC KEY-----
Open the file with the fs module and decode is if it is already encoded with base64. Then you can split the entire string by ----- which will give you an array whose 2nd element is going to be the key.
I am having great difficulty implementing some encryption for a node.js project. I am using node-rsa which in turn uses the built in node crypto module.
My code appears to encrypt the data just fine and I can decrypt it. Unfortunately, the system I am sending the data to cannot. Having hit a bit of a wall I've tried decryption some data generated the other end. That also fails.
What is unusual in this case is that the data has to be encrypted using the PRIVATE key and decrypted using the PUBLIC key. As stupid as this is, I had no say in the decision to use this mechanism and it is already in wide use in a UK pubic transport ticketing system. So there is no possibility of doing anything different.
The specification [only] says:
The payload data (Appendix A) is encrypted using the TIS private key,
using 1024Bit RSA PKCS#1v1.5. (This is a freely available public
standard). This protects a payload of up to 116 bytes, or 928Bits,
creating a 128 byte or 1024Bit encrypted output. The RSA encryption
algorithm adds a header of length 12 bytes to the payload before
encryption to improve security. For decryption purposes, this header
should be removed to get the correct payload.
The format of this header is: 0x00 [10 non-zero bytes which are
padding] 0x00 [content]. This is often done automatically by
encryption/decryption software.
Here is an example public key:
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDriuvWAKiTKFgmjHjHYjWK4IZ6
W1UOdrntxFAGT1szZlbKJfWGeBOPSk6MnW6AeX54zEta74Dnoj4MBT+MlekVQ2zp
G3qIZpp4DR+kF6eVRlguUg9l/Fgr9ZrFgkumCKIx/ccc6rvZcNvPnOVdPCBVoMRr
3X59WlLmH4d+RAivAQIDAQAB
-----END PUBLIC KEY-----
I've derived this from the Modules / Exponent listed below... I think it is correct...?
Which is [supposedly] valid to decode this encrypted data:
1f876b22ea8af4341c4198347aabf1b1ba40649ad6918bbe26ebfcf4633786a2669ee499d796cf438a76ff0d4f6efc43f605994330e6fb88c8117eea6aad1a12c2525940f7b9946b3f6cbd674e2740070400ae6f2cf1ed6d36f610822a23d5a8a4717ecf671bf0530200f75a269951020be9f69a992d423f55eb6fefe6caa449
I get the following error:
decryptData error Error: Error during decryption (probably incorrect key). Original error: Error: error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01
I hate to say it, but I am now completely stumped. If anyone is able to decrypt that data using the supplied key and can explain how I would be very grateful.
Just to save the usual response to this sort of question that I see whenever anyone else has asked a similar question in the past. Please do not comment if all you want to say is the process is wrong. That is not helpful in any way. Just to confirm, whilst encryption with the private key is unusual, it is not impossible....It is supported by the RSA specification.
There are several ticket retailers who are encrypting their data this way and several scanning equipment manufacturers who are producing equipment that decrypts in this way. It's out there, it's working.
The only issue seems to be that there is some small mismatch between the encrypted data I am seeing from node-rsa (node.js crypto library) and the example data I have been given.
This is the original format the keys were given to me.....
Appendix D - Example Security Keys for Tickets
All example tickets are encrypted using the following fixed 1024Bit RSA key
(Never use these keys in production, you must generate your own key pair for this purpose as this private key cannot be considered secure and is for testing only)
Modulus = 16540368155253773454125654483794538435594869143015457768150677916704644349481001621163 93533906833356026635527060528398017212524170789714748325265707476885395169247950736258 76338137535298120673942399072260833758038152595105311260002268650951968659366409471762 707986435753824060971148933772149012757770173722369
= HEX [00eb8aeb d600a893 2858268c 78c76235 8ae0867a 5b550e76 b9edc450 064f5b33 6656ca25 f5867813 8f4a4e8c 9d6e8079 7e78cc4b 5aef80e7 a23e0c05 3f8c95e9 15436ce9 1b7a8866 9a780d1f a417a795 46582e52 0f65fc58 2bf59ac5 824ba608 a231fdc7 1ceabbd9 70dbcf9c e55d3c20 55a0c46b dd7e7d5a 52e61f87 7e4408af 01]
Public Exponent = 65537
= HEX [010001]
Private Exponent = 23262061627321059848127951748956201956280865601289878122136319690902346303487555417896 45421978315004119428666694674801184773156427997741861134011936129888508204465790901818 10860126020371138225614906842567831455763314175530505369901364910691824152015094858350 72189773434923487177372245370361799421231555208773
= HEX [21205394 b0590501 3a8c895a ff2797c2 255ba45f adf1afce ec5a9caa 96848c11 0b89b896 f44774f0 c5119103 1f246071 e209515b c3ad4c66 6bf582d3 72312f2b 7250fe61 f6abed7f e219c08d c3985ae1 3f6b6db2 0e3c040b df7a817d 14a5a6f1 20d94047 08512132 aca00baa 29805440 4ad5dec2 1bd544bb 8938c74b 2904e645]
Just to confirm... I was given incorrect data.
I'm using Bouncy Castle API and I have ECPublicKey object but I'm not sure exactly how to construct a OpenSSH authorized key from there. I don't know what the format looks like. I'm thinking my solution would be similar to how it's done for RSA and DSA.. Decoding RSA/DSA Public Key
Does anyone have any suggestions?
The format of ECDSA keys is described in the RFC5656:
In short:
The "ecdsa-sha2-*" key formats all have the following encoding:
string "ecdsa-sha2-[identifier]"
byte[n] ecc_key_blob
The ecc_key_blob value has the following specific encoding:
string [identifier]
string Q
I created mykey.pem using command
"openssl genrsa -out mykey.pem 1024"
and then I separate public key using command
'openssl rsa -in key.pem -pubout -out pubkey.pem'
I am reading private key using function,
PEM_read_RSAPrivateKey(fp,NULL,NULL,NULL)
But I could not retrieve the private key.
Do i have to get rid of headers like 'Begin RSA private key' and 'End RSA private key'? //Which i tried but didn't work
Do I have to send any other value to the PEM_read_RSAPrivateKey function?
or use some other function to retrieve the private key?
if you are still not able to retrieve the private key using
PEM_read_RSAPrivateKey()
even after supplying the passphrase, a reason could be that you have not initialised the OpenSSL library properly, try adding
OpenSSL_add_all_algorithms();
OpenSSL_add_all_ciphers();
OpenSSL_add_all_digests();
before you call
PEM_read_RSAPrivateKey()
You do not need to get rid of headers from the file. However, if the file is password protected, you need to pass the password into function PEM_read_RSAPrivateKey.
You can also see PEM_read_PrivateKey. Other functions are listed here.
If the fp points to a file with RSA private key in PEM form and without any password, then it should succeed.