【发布时间】:2019-06-27 13:31:19
【问题描述】:
我正在构建一个 Node.js ACMEv2 客户端,并尝试仅依赖一个加密库来保持代码简单。原生 Node Crypto 模块不支持 CSR,所以我不得不使用Node-Forge。到目前为止一切正常,但我很难找到使用 Node-Forge 的等效代码:
const crypto = require('crypto');
const signer = crypto.createSign('RSA-SHA256').update(`${requestBase64Url.protected}.${requestBase64Url.payload}`, 'utf8');
const signature = signer.sign(this.keys.accountKey.privatePem, 'base64').replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, '');
console.log(signature);
输出是:
oZpJuZlNgU48t8l-39V1LUZScOPHTFzHDWYT6ttf1KBGnm6jNuGkogwc0QiANrt5h5z6mp0Wz3rPz7etxjby_znQsGuaGdxvtVDf30_6j0mN-Rh7OXkS489JK6kDSQRbhpoyulb75QZyhDoA2pbmqyPc6HnfnQ2gUGr8HZf3K_LnfXCAX807MAzXd_bOx2dE0NbnwoVQQgGG1u5s7Q9-DY1WNjolYmkTt_skNoXgbAKZwj-8x6oSbfGk5_7-mbuEXcxUAJuXmGQsHrHAp7lKBZ9ZhTyZUlZjEhfRYb7cMYHSAJccalMPC5y5uzrIQYILhGtuDcXBsY1rCanJw6eRqg P>
我还可以使用以下 OpenSSL 实现相同的输出(并将结果编码为 base64url):
openssl dgst -sha256 -sign account.key -out signature.sha256 signature.b64
如何使用Node-Forge 模块获得相同的结果?我尝试了以下没有任何运气:
let messageDigest = forge.md.sha256.create();
messageDigest.update(`${requestBase64Url.protected}.${requestBase64Url.payload}`, 'utf8');
const accountKey = await forge.pki.privateKeyFromPem(this.keys.accountKey.privatePem);
request.signature = accountKey.sign(messageDigest);
输出是:
wqHCmknCucKZTcKBTjzCt8OJfsOfw5V1LUZScMOjw4dMXMOHDWYTw6rDm1_DlMKgRsKebsKjNsOhwqTCogwcw5EIwoA2wrt5wofCnMO6wprCnRbDj3rDj8OPwrfCrcOGNsOyw785w5DCsGvCmhnDnG_CtVDDn8OfT8O6wo9Jwo3DuRh7OXkSw6PDj0krwqkDSQRbwobCmjLCulbDu8OlBnLChDoAw5rClsOmwqsjw5zDqHnDn8KdDcKgUGrDvB3Cl8O3K8Oyw6d9cMKAX8ONOzAMw5d3w7bDjsOHZ0TDkMOWw6fDgsKFUEIBwobDlsOubMOtD34Nwo1WNjolYmkTwrfDuyQ2woXDoGwCwpnDgj_CvMOHwqoSbcOxwqTDp8O-w77CmcK7woRdw4xUAMKbwpfCmGQsHsKxw4DCp8K5SgXCn1nChTzCmVJWYxIXw5Fhwr7DnDHCgcOSAMKXHGpTDwvCnMK5wrs6w4hBwoILwoRrbg3DhcOBwrHCjWsJwqnDicODwqfCkcKq P>
【问题讨论】:
标签: javascript node.js openssl cryptography lets-encrypt