Node js crypto sign returns empty string

Question

I am wanting to sign a string with a private key using crypto.

The sign method returns an empty string, I was hoping to get a signiture.

var crypto = require('crypto');
var message = "This is a string I want to ensure is not tampered with.";

var diffieHellman = crypto.createDiffieHellman(1024);
var publicKey = diffieHellman.generateKeys("base64");
var privateKey = diffieHellman.getPrivateKey("base64");

var signer = crypto.createSign('RSA-SHA256');
signer.write(message, "ascii", function()
{
    var signature = signer.sign(privateKey, 'base64');

    console.log(publicKey);
    console.log(privateKey);
    console.log(signature);// Empty string ?
});

The public key and private key are generated fine.

Any help would be much appreciated.

Answer 1

This is a bug with crypto, confirmed here :

https://github.com/joyent/node/issues/6963

To solve, use a bit length of 512 and signer.

Here is working code

var keypair = require('keypair');
var crypto = require('crypto');

var dataA = "This is a string I do not want to be tampered with";
var dataB = "This is a string I do want to be tampered with";

var pair = keypair({bits:256});
console.log("Private   :"+pair['private']);
console.log(" Public   :"+pair['public']);

var sign = crypto.createSign('RSA-SHA256');
sign.write(dataA);
var signiture = sign.sign(pair['private'],'base64');

console.log("Signiture :"+signiture);

Answer 2

The key needed for sign(...) is a PEM encoded RSA key but the key generated by createDiffieHellman is not that as far as I know. I think your best bet would be to generate a PEM key with OpenSSL.