DiffieHellman/ECDH Generates invalid keypairs #14628
Description
- Version: 6.11.1
- Platform: Windows 10
- Subsystem:
Error is thrown:
error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long
User Experience Log:
A user should not have to manually wrap the generated keys in the proper "PEM" format since PEM is very precious about spaces. Without wanting to be pejorative, that sucks. The fact that this code example still doesn't work after the fact also sucks.
Suggestion:
Remove/deprecate this API or fix it or provide clearer examples to perform this common functionality.
Workaround:
Utilize openssl executable as a child proc to generate keys instead.
/**
* @fileoverview Everything below this comment is from the documentation example.
*/
const crypto = require('crypto');
const assert = require('assert');
// Generate Alice's keys...
const alice = crypto.createDiffieHellman(2048);
const aliceKey = alice.generateKeys();
// Generate Bob's keys...
const bob = crypto.createDiffieHellman(alice.getPrime(), alice.getGenerator());
const bobKey = bob.generateKeys();
// Exchange and generate the secret...
const aliceSecret = alice.computeSecret(bobKey);
const bobSecret = bob.computeSecret(aliceKey);
// OK
assert.strictEqual(aliceSecret.toString('hex'), bobSecret.toString('hex'));
/**
* Everything below this comment is in addition to the docs example!!!
* @omg
*/
// Attempts improvement...
const publicKey = '-----BEGIN PUBLIC KEY-----\n' +
aliceKey.toString('base64').match(/.{1,64}/g).join('\n') +
'\n-----END PUBLIC KEY-----\n';
const privateKey = '-----BEGIN PRIVATE KEY-----\n' +
aliceSecret.toString('base64').match(/.{1,64}/g).join('\n') +
'\n-----END PRIVATE KEY-----\n';
console.log(crypto.privateDecrypt(crypto.publicEncrypt(publicKey, new Buffer('racecar')), privateKey)); // throws!