Not being able to use passphrase signs #60
Description
I am trying to sign with a private Key string that I have encrypted ( for security reasons) and altough the function called by this sign could be using that feature (since crypto have built in) unfortunately is not there.
The bypass it is a ugly hack:
{ keypairId: 'id', privateKeyString: {privateKeyString, passphrase: 'password', toString: () =>privateKeyString} };
The function below work just fine, since the fine method allows to receive a keyObject with the passphrase in it.
https://nodejs.org/api/crypto.html#crypto_class_keyobject
_createPolicySignature(policy, privateKey) {
var sign = crypto.createSign('RSA-SHA1');
sign.update(policy.toJSON());
return sign.sign(privateKey, 'base64');
}
The problem it is with the validation function itself that assumes that I am sending a string while I am sending a object (because I need the passphrase property)
More specifically:
function _getPrivateKey(params) {
var privateKeyString = params.privateKeyString;
var newLinePattern = /\r|\n/;
var lineBreakExists = newLinePattern.test(privateKeyString);
if (!lineBreakExists) {
throw new Error('Invalid private key string, must include line breaks');
}
return privateKeyString;
}
I guess it should use destructuring to get the variable inside the object. What are your thoughts on this?