Score:0

Prepare signing/verifying module from node js crypto

cn flag

I'm working on a node crypt module that will signing/verifying. I have managed the verifying module:

'use strict';

const crypto = require('crypto');
const fs = require('fs');
const path = require('path');

const publicKey = fs.readFileSync(path.join(__dirname, 'key.pub'));
const encryptDataPath = path.join(__dirname, 'encryptData.txt');
let encryptData = fs.readFileSync(encryptDataPath).toString();

//console.log(encryptData);


// start decoding
const plainEncryptData = Buffer.from(encryptData, 'base64').toString();


const [signatureb64, contentb64] = plainEncryptData.split('\n');


const signature = Buffer.from(signatureb64, 'base64');
const content = Buffer.from(contentb64, 'base64').toString();

const verifier = crypto.createVerify('RSA-SHA256');
verifier.update(content);
verifier.end();

const isValid = verifier.verify(publicKey, signature);

if (!isValid) {
    console.log('not valid');
} else {    
    console.log(content);
}

Here is the public key (pub.key):

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuI1XlPkYos3WsSeVPtS
l1Q2k8GnLEO5vFZ4EuSghMbqI+yE0tWVEaiptdV3KgERaALRXmH+IFrHqvSRjKQC
1ORUarBU5ntWbNEr713R3K0BPOzz9OOoWHdk+Wmr4ViOTk0iD1u4bw/97RpyMoBm
+pXeBLHbEESK2kelk+LEmKUoY5nXp6KzZV5wxgD5QweZheU7mjXL5WMpIBJva8kp
RZMYXEF+uSZIep0q5FHEo2AazGUMAU3GjY/dpXisLmtleOa1xlKZmkvaXl/D2Mhb
BBqPbDMa72ToZg2J8K5UP9zXUP41FHr7o9rwSJ2uOkuZPg5nhDXeoVbrJwxP/U1M
nQIDAQAB
-----END PUBLIC KEY-----

Here is encryptData.txt (encrypt data)

ZmZzeUNhcmU2Q1pTRHo2M0VrT0tGeGJUWitDMGJydnF0dzRWZDc5STJIUTJuWndPZzVoaE8rbU5keEhIMHBEak0xVUxHRGNYQ0w1Wk5maVN4M096dDJXZEowSmk4R1pGZTZOc0s1dm05SDJHd1hUR3Q0VHl1ejFkbGlqbjRwcTBSM0xLSDl6SThWT1RLNTdySWlGeVZQa0pxQzJJMkowaW1LYTZxbWpGU0hsVTVQU3BrVk9YYUxGMVJNQjBsWm5ncDcwMEJXT1k4V3FlSHlvS0pKY0NXTkpJRGRDWEw1ZWpuTXFpY0VUTzZWV25BMThkVitRQUZRS2k5SG5SR1VuVGhlYUI2QU9jcWRzMGZzWVlvM0xZZlQwbDZELzJHd0dJZXZ3LzlxMmoxVmJKcFNBUTBldTJYUlJ4Z2VFZmFlQys0MUZIZ0haNHc4UXBmb09leW1WSkN3PT0KZXlKMGVYQmxJam9pWW5KdmJucGxJaXdpWTNWemRHOXRaWEpKWkNJNklqRTJRMDlXVWxOak9YZ3lNV1pEU0c1Rklpd2laWGh3YVhKbFFYUWlPakUyTWpZMU56WXpOakl3TURBc0ltbHpWSEpwWVd3aU9uUnlkV1VzSW14cFkyVnVjMlZMWlhraU9pSmpPVEk1TldJMk9TMWlaV1UyTFRRek1XRXRPR1EzWkMwd1lqYzBNR1l3TVdOaE1tUWlMQ0pqY21WaGRHVmtRWFFpT2pFMk1qVXpOalkzTmprMU16Rjk=

Now, I am trying to create its signing module which will create encrypt data as same as encryptData.txt:

'use strict';

const crypto = require('crypto');
const fs = require('fs');
const path = require('path');

const publicKey = fs.readFileSync(path.join(__dirname, 'key.pub'));

let content = {}
content.type = "bronze";
content.customerId = "16COVRSc9x21fCHnE";
content.expireAt = 1626576362000;
content.isTrial = true;
content.licenseKey = "c9295b69-bee6-431a-8d7d-0b740f01ca2d";
content.createdAt = 1625366769531;


const encryptDataPath = path.join(__dirname, 'encryptData.txt');
let a = fs.readFileSync(encryptDataPath).toString();

// signing
const signer = crypto.createSign('RSA-SHA256');
signer.update(content);
signer.end();

const signature = signer.sign(publicKey, 'base64');

console.log('sign: ', signature);
 

But when I run this encrypt module, it is throwing this error:

internal/crypto/util.js:97
    throw new ERR_INVALID_ARG_TYPE(
    ^

TypeError [ERR_INVALID_ARG_TYPE]: The "data" argument must be one of type string, Buffer, TypedArray, or DataView. Received type object
    at Sign.update (internal/crypto/sig.js:49:10)
    at Object.<anonymous> (/home/ubuntu/www/node-encrpt/encode.js:23:8)
    at Module._compile (internal/modules/cjs/loader.js:959:30)
    at Object.Module._extensions..js (internal/modules/cjs/loader.js:995:10)
    at Module.load (internal/modules/cjs/loader.js:815:32)
    at Function.Module._load (internal/modules/cjs/loader.js:727:14)
    at Function.Module.runMain (internal/modules/cjs/loader.js:1047:10)
    at internal/main/run_main_module.js:17:11 {
  code: 'ERR_INVALID_ARG_TYPE'
}

I can not figure out why this occurs.

How can I complete the encrypt module?

DannyNiu avatar
vu flag
Because the *roles* of RSA public and private key are mathematically symmetric, many confuse RSA signing as "encrypt with private key". RSA signing does require private key, but you seem to be using public-key for signing in your code. Consider rechecking your key pair and API usage.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.