堆栈内存溢出
  简体   繁体   English

Nodejs `crypto.publicEncrypt` 不会使用 `ssh-keygen rsa` 生成的公钥

[英]Nodejs `crypto.publicEncrypt` would not take public key generated by `ssh-keygen rsa`

 原文  2021-03-20 19:43:48       node.js/ rsa/ cryptojs

问题描述

I used ssh-keygen rsa to generate an RSA keypair.我使用ssh-keygen rsa生成一个 RSA 密钥对。 The generated public key looks like this:生成的公钥如下所示:

ssh-rsa AAAAB3NzaC1yc2EAAA...

When I try to use crypto in Node.js to encrypt a plain string,当我尝试在 Node.js 中使用crypto来加密纯字符串时,

const fs = require('fs');
const { publicEncrypt } = require('crypto');

const publicKey = fs.readFileSync('$path/to/publicKey').toString();

const encryptedToken = publicEncrypt(publicKey, Buffer.from('some plain string'));

it would give out the following error:它会给出以下错误:

Error: error:0909006C:PEM routines:get_name:no start line
  at node:internal/crypto/cipher:78:12
  ...
 library: 'PEM routines',
 function: 'get_name',
 reason: 'no start line',
 code: 'ERR_OSSL_PEM_NO_START_LINE'

I am pretty new to cryptography and know only the general idea of public/private key encryption so would really appreciate any advice.我对密码学很陌生,只知道公钥/私钥加密的一般概念,所以非常感谢任何建议。

Edit:编辑:

I understand that crypto comes with method to generate key pairs, so I guess the question is more about why the ssh-rsa public key did not work here.我知道crypto带有生成密钥对的方法,所以我想问题更多是关于为什么ssh-rsa公钥在这里不起作用。

1 个解决方案

解决方案1
 2 已采纳  2021-03-20 21:29:40

The posted public key is in OpenSSH format, which is not supported by NodeJS's crypto module, see documentation of crypto.publicEncrypt(key, buffer) .发布的公钥是OpenSSH格式,NodeJS 的加密模块不支持,请参阅crypto.publicEncrypt(key, buffer)的文档。

However, keys in OpenSSH format can be converted to formats that can be processed by NodeJS.但是,OpenSSH 格式的密钥可以转换为 NodeJS 可以处理的格式。 This can be done via tools, eg ssh-keygen , or via libraries, eg node-sshpk .这可以通过工具(例如ssh-keygen )或库(例如node-sshpk )来完成

Alternatively, keys can be generated directly in the required format using OpenSSL .或者,可以使用OpenSSL直接以所需格式生成密钥。

The following example uses the node-sshpk library and converts an OpenSSH private key to a PEM encoded PKCS8 key and an OpenSSH public key to a PEM encoded X.509/SPKI key.以下示例使用 node-sshpk 库并将 OpenSSH 私钥转换为 PEM 编码的 PKCS8 密钥,并将 OpenSSH 公钥转换为 PEM 编码的 X.509/SPKI 密钥。 Both target formats are supported by NodeJS: NodeJS 支持两种目标格式:

var sshpk = require('sshpk');
var crypto = require('crypto');

var privateKeyOpenSSH = `-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn
NhAAAAAwEAAQAAAQEApcFmUiObzYdRrKivbYrUwJ8plRfjcgA1nXIHpMKj4q0l4vatprYe
vNS2l06y2Qvz1Txu7AeS9+zT673zczwvLgENcZb6lXA576XMLjcmZhnNKXDRnRV/UCMlea
jdwdhQ93YJpsGRCUewD8k6IOO6G/MVAQ433ybBuCPJysTLWNk2Vv/J3VrLkBWGLiwOUcnZ
pR17/mm6QBOsLRAuBs1jELcid1Jdpc8wfULlrSdCfw/P2mXOqpuTMhSEBy4yE+W6V54MSI
Vw4BaxlrcAmC/Rh7OHJrhuIEmmOStqmMPe7HvFKNTjqzISAiyWmPWWwI9UuP4g7b0p7GAk
0YMevLPQnwAAA9jLWAaqy1gGqgAAAAdzc2gtcnNhAAABAQClwWZSI5vNh1GsqK9titTAny
mVF+NyADWdcgekwqPirSXi9q2mth681LaXTrLZC/PVPG7sB5L37NPrvfNzPC8uAQ1xlvqV
cDnvpcwuNyZmGc0pcNGdFX9QIyV5qN3B2FD3dgmmwZEJR7APyTog47ob8xUBDjffJsG4I8
nKxMtY2TZW/8ndWsuQFYYuLA5RydmlHXv+abpAE6wtEC4GzWMQtyJ3Ul2lzzB9QuWtJ0J/
D8/aZc6qm5MyFIQHLjIT5bpXngxIhXDgFrGWtwCYL9GHs4cmuG4gSaY5K2qYw97se8Uo1O
OrMhICLJaY9ZbAj1S4/iDtvSnsYCTRgx68s9CfAAAAAwEAAQAAAQAstgRxt6U5RX0kg8P+
WmqVItnGm9EAWUodFDs3mEE4zdfgZwXkaE/WQ9KU8eeQYIb/R/PruwdL1Rg9CNn4hY18bV
BBCabCVKlsGV8AQGQdOmx69zGzm67h4Pkk3gYjWcRNXAuybZg/1pSJTZBees8i5ukNhdZQ
XVX347908KyhZFb4jlYws7gbOkVBP7ludHSnnrodL91F2ouKrgplLfWu40sgU3fSpSybby
3Llt+FUW6UjCErp54c2LS5vZtvTJK+wVr2fYF4Y1Sgmv+JZ4bJUkZgaxzcHoOLF5GfuQFo
dvJVxbSXPUhk7JW7ur9hHLkEaJtYf0xf1TwJdPRQxu3xAAAAgQCui5wvYjZrCM9wWDXpWh
1dNGPIJQuX8aCxi2tfTkRYlkPUWFSYd+orQr53/FPTxLdwe9lAe8x0Xkr+wMga6771ywHw
sT6xk7nCabXcN6PQCn5DjYMtLPfa5rY3+yHR01pVSzo9l6JcvangU1xyw7MRYj0LGZVSbp
U/beRO/bXekQAAAIEA0uUTVG9wPiqZRTLT6H8rQ4ZK96VcTF+CnmJUO+3Fsp/D7jfYItZF
2GcqzWYv6tsvumdhZt0dziXBy7fAJDW88k/nq+BNTlDXEYzkEA+x13eaLAzfI08SwlAnF5
zxZUo8yIsjKtyt9gs1+VVgtwpvvqUVDUibjbWxaE4OWtdLjwUAAACBAMk02gcYkJylXw12
4me1vtWpw7/7pga3eK0Y4ZTZgpCZXhrLnl9yWXrVIlvV8dLJQI88s7+1CRU9HPi+2BGtgI
mJ5crYws7q0QgLODg1rDosd4vkkKok5XPUsrKDLxwme+Ipq26IdRyoJF2ZiRHvPG5ajjmK
gWByjcdktmXM+UpTAAAAHHRmbG9yZXNfZHQwMUB0ZmxvcmVzX2R0MDEtUEMBAgMEBQY=
-----END OPENSSH PRIVATE KEY-----`

var publicKeyOpenSSH = `ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClwWZSI5vNh1GsqK9titTAnymVF+NyADWdcgekwqPirSXi9q2mth681LaXTrLZC/PVPG7sB5L37NPrvfNzPC8uAQ1xlvqVcDnvpcwuNyZmGc0pcNGdFX9QIyV5qN3B2FD3dgmmwZEJR7APyTog47ob8xUBDjffJsG4I8nKxMtY2TZW/8ndWsuQFYYuLA5RydmlHXv+abpAE6wtEC4GzWMQtyJ3Ul2lzzB9QuWtJ0J/D8/aZc6qm5MyFIQHLjIT5bpXngxIhXDgFrGWtwCYL9GHs4cmuG4gSaY5K2qYw97se8Uo1OOrMhICLJaY9ZbAj1S4/iDtvSnsYCTRgx68s9Cf whatever`;

// Convert
var privateKey = sshpk.parsePrivateKey(privateKeyOpenSSH, 'ssh');
var publicKey = sshpk.parseKey(publicKeyOpenSSH, 'ssh');
var privateKeyPkcs8 = privateKey.toBuffer('pkcs8');
var publicKeyX509 = publicKey.toBuffer('pkcs8');
console.log(privateKey.toString('ssh'));
console.log(publicKey.toString('ssh'));
console.log(privateKeyPkcs8.toString('utf8')); // -----BEGIN PRIVATE KEY-----...
console.log(publicKeyX509.toString('utf8')); // -----BEGIN PUBLIC KEY-----...

// Encrypt/Decrypt
var plaintext = Buffer.from('The quick brown fox jumps over the lazy dog', 'utf8');
var ciphertext = crypto.publicEncrypt(publicKeyX509.toString('utf8'), plaintext);
var decryptedText = crypto.privateDecrypt(privateKeyPkcs8.toString('utf8'), ciphertext);

console.log('Ciphertext, base64 encoded: ', ciphertext.toString('base64'));
console.log('Decrypted text: ', decryptedText.toString('utf8'));

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Nodejs crypto.publicEncrypt 在不同的机器上产生不同的结果 - Nodejs crypto.publicEncrypt yields different results on different machines 节点 crypto.publicEncrypt 每次使用都会返回不同的值 - node crypto.publicEncrypt returns different value each time it is used 香草节点中的ssh-keygen - ssh-keygen in vanilla Node 将公共 RSA 密钥导入 nodejs - Imported a public RSA key into nodejs nodejs密钥对rsa模块公钥不起作用 - nodejs keypair rsa module public key not working 从Java到NodeJS的RSA公钥 - RSA Public Key from Java into NodeJS Node.js crypto.publicEncrypt:'错误:错误:0906D06C:PEM例程:PEM_read_bio:无起始行' - Node.js crypto.publicEncrypt: 'Error: error:0906D06C:PEM routines:PEM_read_bio:no start line' 使用nodejs加密(公钥对)加密的字符串的openssl解密 - Decryption with openssl of a string encrypted with nodejs crypto (public private key pair) Nodejs加密:椭圆曲线签署消息并将公钥导出为文本 - Nodejs crypto: Elliptic Curve to sign message and export public key as text 具有nodeJS和Objective-C的非对称公钥/私钥加密RSA - Asymmetric public / private key encryption RSA with nodeJS and Objective-C
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM