hsalokor
commented
6 years ago I'm seeing this too
Closed jinceon closed 6 years ago
hsalokor
commented
6 years ago I'm seeing this too
shmoop207
commented
6 years ago +1
uditalias
commented
6 years ago +1
coolaj86
commented
6 years ago Fixed by using node v8.x :trollface:
(I also had problems with v9.x for entirely different reasons, so I don't suggest that either)
crypto.generateKeyPair()
Rasha.generate() (RSA + PEM<->JWK)
Keypairs.generate() (RSA/ECDSA + PEM<->JWK)
coolaj86
commented
6 years ago In all seriousness though:
I just got a bug report in greenlock.js about this the other day.
My workaround for times like these (as they do happen from time-to-time between major releases or testing code on a new CPU platform and such) is that I created rsa-compat.js as a wrapper around both forge.js and ursa.js so that even if it's degraded performance (i.e. pure JS only) I always have working code.
I just wanted to mention that in case anyone else's use case is limited to the same set of features that forge also supports you can use both in the interim.
jkuri
commented
6 years ago https://github.com/JoshKaufman/ursa/pull/169 fixes this issue.
rzr
commented
6 years ago Also breaking on v8.10.0 on Ubuntu-18.04 LTS
But:
npm install git+https://github.com/jkuri/ursa.git/#node10came to rescue
postal286
commented
6 years ago Which node v builds ursa fine ? Have the same issue with node 8.9.0 / docker / carbon image
raideltorres
commented
6 years ago I solved this using node v8 but I was facing this issue with node v10
danwdart
commented
6 years ago Once you merge the patch to deal with Node 10, then this should be closed. Until then, it's not fixed, right? For most downgrading is not an option.
syzer
commented
6 years ago :+1:
igmsantos
commented
5 years ago I've tested the patch and this works fine, please merge the fix to enable us to upgrade the nodeJS or maybe fork the project for another one who'll do the merge.
bobiscool
commented
5 years ago aha
rzr
commented
5 years ago Please also release package on npm, if not yet done
coolaj86
commented
5 years ago I've loved uRSA and I'm so glad it's been around this long time, however, it is no longer necessary for generating keypair PEMs and DERs (which I think is its primary use case) in node v10 and higher:
If you have a use case that is solved by uRSA and isn't solved by the new node APIs, I'd love to hear about it so I can think on it (and perhaps go back and poke at the issue and encourage the node devs to include it).
That said, I still haven't migrated all of my code that uses it away from it, but I'm pretty confident that now I can.
crypto.generateKeyPair()
Rasha.generate() (RSA + PEM<->JWK)
Keypairs.generate() (RSA/ECDSA + PEM<->JWK)
delfuego
commented
5 years ago I think the issue is that while Node 10 is the new LTS, it's still not yet standard in actual use — mostly because there are still a bunch of heavy-use modules that haven't been upgraded to be compatible with Node 10. I certainly know I have a project that uses Ursa that I can't yet upgrade to Node 10... meaning I'm stuck at Node 8, and very much need Ursa.
delfuego
commented
5 years ago (Also, I don't think I'd say that the major use case of Ursa is to generate keypairs; I certainly use it for actual asymmetric encryption of data.)
coolaj86
commented
5 years ago @delfuego Is there a reason that crypto.publicEncrypt(key, buffer) and crypto.privateDecrypt(privateKey, buffer) don't work for your use case?
delfuego
commented
5 years ago @coolaj86 Maybe because I'm a slight moron? I recall having looked and thinking that it wouldn't do what I needed it to — but sure enough, crypto is perfectly adequate for what I need. Well, most of what I need; it doesn't appear to be able to give me the bit length of a public key, so I can't warn someone if they're about to try to encrypt something that's too long for the given key. But I'll be OK with what it can do for now!
Thanks.
coolaj86
commented
5 years ago @delfuego I took on the task of writing a complete PEM-to-JWK and JWK-to-PEM solution from scratch (0 dependencies, great tests, only about 550 lines of code (sans comments and newlines) using node's native RSA support, which you could use to get the length you need:
'use strict';
var Rasha = require("rasha");
var pem = require('fs').readFileSync(process.argv[2], 'ascii');
var jwk = Rasha.importSync({ pem: pem });
console.log(Buffer.from(jwk.n, 'base64').byteLength);Docs for Rasha.js at https://git.coolaj86.com/coolaj86/rasha.js
crypto.generateKeyPair()
Rasha.generate() (RSA + PEM<->JWK)
Keypairs.generate() (RSA/ECDSA + PEM<->JWK)
jampy
commented
5 years ago 
rzr
commented
5 years ago hey @jampy check
loretoparisi
commented
5 years ago This still happens in node LTS at current time:
> ursa@0.9.4 install /node_modules/ursa
> node-gyp rebuild
CXX(target) Release/obj.target/ursaNative/src/ursaNative.o
../src/ursaNative.cc:389:13: error: member access into incomplete type 'RSA' (aka 'rsa_st')
obj->rsa->n = BN_bin2bn(data_n, n_length, NULL);
^
/Users/loretoparisi/.node-gyp/10.1.0/include/node/openssl/ossl_typ.h:110:16: note: forward declaration of 'rsa_st'
typedef struct rsa_st RSA;
^
../src/ursaNative.cc:390:13: error: member access into incomplete type 'RSA' (aka 'rsa_st')
obj->rsa->e = BN_bin2bn(data_e, e_length, NULL);
^
/Users/loretoparisi/.node-gyp/10.1.0/include/node/openssl/ossl_typ.h:110:16: note: forward declaration of 'rsa_st'
typedef struct rsa_st RSA;
^
../src/ursaNative.cc:407:35: error: member access into incomplete type 'RSA' (aka 'rsa_st')
if ((obj == NULL) || (obj->rsa->d != NULL)) {
^
/Users/loretoparisi/.node-gyp/10.1.0/include/node/openssl/ossl_typ.h:110:16: note: forward declaration of 'rsa_st'
typedef struct rsa_st RSA;
^
../src/ursaNative.cc:536:34: error: member access into incomplete type 'RSA' (aka 'rsa_st')
bignumToBuffer(args, obj->rsa->e);
^
/Users/loretoparisi/.node-gyp/10.1.0/include/node/openssl/ossl_typ.h:110:16: note: forward declaration of 'rsa_st'
typedef struct rsa_st RSA;
^
../src/ursaNative.cc:552:34: error: member access into incomplete type 'RSA' (aka 'rsa_st')
bignumToBuffer(args, obj->rsa->d);
^
/Users/loretoparisi/.node-gyp/10.1.0/include/node/openssl/ossl_typ.h:110:16: note: forward declaration of 'rsa_st'
typedef struct rsa_st RSA;
^
../src/ursaNative.cc:567:34: error: member access into incomplete type 'RSA' (aka 'rsa_st')
bignumToBuffer(args, obj->rsa->n);
^
/Users/loretoparisi/.node-gyp/10.1.0/include/node/openssl/ossl_typ.h:110:16: note: forward declaration of 'rsa_st'
typedef struct rsa_st RSA;
^
../src/ursaNative.cc:1218:17: error: member access into incomplete type 'RSA' (aka 'rsa_st')
obj->rsa->n = modulus;
^
/Users/loretoparisi/.node-gyp/10.1.0/include/node/openssl/ossl_typ.h:110:16: note: forward declaration of 'rsa_st'
typedef struct rsa_st RSA;
^
../src/ursaNative.cc:1219:17: error: member access into incomplete type 'RSA' (aka 'rsa_st')
obj->rsa->e = exponent;
^
/Users/loretoparisi/.node-gyp/10.1.0/include/node/openssl/ossl_typ.h:110:16: note: forward declaration of 'rsa_st'
typedef struct rsa_st RSA;
^
../src/ursaNative.cc:1220:17: error: member access into incomplete type 'RSA' (aka 'rsa_st')
obj->rsa->p = p;
^
/Users/loretoparisi/.node-gyp/10.1.0/include/node/openssl/ossl_typ.h:110:16: note: forward declaration of 'rsa_st'
typedef struct rsa_st RSA;
^
../src/ursaNative.cc:1221:17: error: member access into incomplete type 'RSA' (aka 'rsa_st')
obj->rsa->q = q;
^
/Users/loretoparisi/.node-gyp/10.1.0/include/node/openssl/ossl_typ.h:110:16: note: forward declaration of 'rsa_st'
typedef struct rsa_st RSA;
^
../src/ursaNative.cc:1222:17: error: member access into incomplete type 'RSA' (aka 'rsa_st')
obj->rsa->dmp1 = dp;
^
/Users/loretoparisi/.node-gyp/10.1.0/include/node/openssl/ossl_typ.h:110:16: note: forward declaration of 'rsa_st'
typedef struct rsa_st RSA;
^
../src/ursaNative.cc:1223:17: error: member access into incomplete type 'RSA' (aka 'rsa_st')
obj->rsa->dmq1 = dq;
^
/Users/loretoparisi/.node-gyp/10.1.0/include/node/openssl/ossl_typ.h:110:16: note: forward declaration of 'rsa_st'
typedef struct rsa_st RSA;
^
../src/ursaNative.cc:1224:17: error: member access into incomplete type 'RSA' (aka 'rsa_st')
obj->rsa->iqmp = inverseQ;
^
/Users/loretoparisi/.node-gyp/10.1.0/include/node/openssl/ossl_typ.h:110:16: note: forward declaration of 'rsa_st'
typedef struct rsa_st RSA;
^
../src/ursaNative.cc:1225:17: error: member access into incomplete type 'RSA' (aka 'rsa_st')
obj->rsa->d = d;
^
/Users/loretoparisi/.node-gyp/10.1.0/include/node/openssl/ossl_typ.h:110:16: note: forward declaration of 'rsa_st'
typedef struct rsa_st RSA;
^
../src/ursaNative.cc:1270:17: error: member access into incomplete type 'RSA' (aka 'rsa_st')
obj->rsa->n = modulus;
^
/Users/loretoparisi/.node-gyp/10.1.0/include/node/openssl/ossl_typ.h:110:16: note: forward declaration of 'rsa_st'
typedef struct rsa_st RSA;
^
../src/ursaNative.cc:1271:17: error: member access into incomplete type 'RSA' (aka 'rsa_st')
obj->rsa->e = exponent;
^
/Users/loretoparisi/.node-gyp/10.1.0/include/node/openssl/ossl_typ.h:110:16: note: forward declaration of 'rsa_st'
typedef struct rsa_st RSA;
^
16 errors generated.
make: *** [Release/obj.target/ursaNative/src/ursaNative.o] Error 1
gyp ERR! build error
gyp ERR! stack Error: `make` failed with exit code: 2
gyp ERR! stack at ChildProcess.onExit (/usr/local/lib/node_modules/npm/node_modules/node-gyp/lib/build.js:262:23)
gyp ERR! stack at ChildProcess.emit (events.js:182:13)
gyp ERR! stack at Process.ChildProcess._handle.onexit (internal/child_process.js:235:12)
gyp ERR! System Darwin 18.2.0
gyp ERR! command "/usr/local/bin/node" "/usr/local/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js" "rebuild"
gyp ERR! cwd /node_modules/ursa
gyp ERR! node -v v10.1.0
gyp ERR! node-gyp -v v3.8.0
gyp ERR! not ok
@loretoparisi
crypto.generateKeyPair()
Rasha.generate() (RSA + PEM<->JWK)
Keypairs.generate() (RSA/ECDSA + PEM<->JWK)
loretoparisi
commented
5 years ago @solderjs thanks a lot!
exallon72
commented
5 years ago Hi I can't get crypto or Node-RSA to work as replacements for ursa. I have adapted the code but still no succes.
As you can see from the commented code ursa.createPublicKey and key.encrypt (ursa) does not seem to yield the same results. URSA is using the commented out base64 auth. I have of course tried with that also on both crypto and Node-RSA. Does anyone have any input on how to convert this?
`function encryptLogin(user, pass, keyfile) { var rsaPublic = fs.readFileSync(keyfile, 'ascii'); //var key = ursa.createPublicKey(rsaPublic, 'utf8'); const key = new NodeRSA(rsaPublic);
// var key = rsaPublic.toString('utf8'); if (!key) { console.log('KEY error'); }
// var auth = new Buffer(user).toString('base64'); // auth += ':'; // auth += new Buffer(pass).toString('base64'); // auth += ':'; // auth += new Buffer('' + new Date().getTime()).toString('base64');
var auth = user; auth += ':'; auth += pass; auth += ':'; auth += new Date().getTime(); //const loginKey = crypto.publicEncrypt({key: key, padding: crypto.constants.RSA_PKCS1_PADDING}, Buffer.from(auth)); const encrypted = key.encrypt(Buffer.from(auth, 'base64'), 'base64', 'utf8'); return encrypted.toString('base64'); //return key.encrypt(auth, 'utf8', 'base64', ursa.RSA_PKCS1_PADDING); }`
macos 10.13.4 node 10.0.0