node.js - Generate Key for signing within nodejs -
i have seems rather simple problem, never had deal cryptography in nodejs before.
want implement system generates new keypair every 4 months, used signing , verifying generated result.
current code:
'use strict'; const fs = require('fs'); const crypto = require('crypto'); const algorithm = 'rsa-sha512'; const sign = crypto.createsign(algorithm); const verify = crypto.createverify(algorithm); const base64 = 'base64'; const keydir = './keys/'; const validator = {}; validator.check = function(dataarray, signature, date){ verify.update(buffer.from(dataarray)); return verify.verify(getpublickey(date), signature); }; validator.sign = function(dice){ sign.update(buffer.from(dice)); return sign.sign(getprivatekey(), base64);//error happens here }; validator.getpublickey = function(date){ date = todateobject(date); for(current of getfilesdescending()){ if(filenametodate(current).getmilliseconds() <= date.getmilliseconds()){ const prefix = '-----begin rsa public key-----'; const suffix = '-----end rsa public key-----'; return prefix + fs.readfilesync(keydir + filename, 'utf8').split('\n')[0] + suffix; } } } function filenametodate(filename){ const array = filename.split("-"); return new date(array[0], parseint(array[1]) - 1); } function getprivatekey(){ const file = getfilesdescending()[0]; if(!file || monthdiff(new date(), filenametodate(file)) > 4){ generatekeys(); return getprivatekey(); } const prefix = '-----begin rsa private key-----'; const suffix = '-----end rsa private key-----'; return prefix + fs.readfilesync(keydir + file, 'utf8').split('\n')[1] + suffix; } function monthdiff(d1, d2) { var months; months = (d2.getfullyear() - d1.getfullyear()) * 12; months -= d1.getmonth() + 1; months += d2.getmonth(); return months; } function getfilesdescending(){ return fs.readdirsync(keydir).sort().reverse(); } function getmonth(date){ return ('0' + (date.getmonth()+1)).slice(-2) } function generatekeys(){ const filename = getfilename(); if(!fs.existssync(filename)){ const diffiehell = crypto.creatediffiehellman(1024);//todo change value stronger 1 diffiehell.generatekeys(base64); fs.writefilesync(filename, diffiehell.getpublickey(base64) + '\n' + diffiehell.getprivatekey(base64)); return true; } return false; } function getfilename(){ const = new date(); return keydir + now.getfullyear() + '-' + getmonth(now); } function todateobject(date){ return date.from(date) || new date(); } module.exports = validator;
basically whenever sign method invoked, code checks if there keypair fiƱe generated within last 4 months , if not generate such keypair , use one. data param iso string returned date.toisostring().
i'm getting following error: error: error:0d07207b:asn1 encoding routines:asn1_get_object:header long
.
2 questions: i'm probaly doing obvious wrong here, should instead?
, should dump attempt entirely , use https certificates instead?
i'd prefer not because makes local testing lot harder.
Comments
Post a Comment