TypeError: Passphrase required for encrypted key #4231
Description
Checkboxes for prior research
- I've gone through Developer Guide and API reference
- I've checked AWS Forums and StackOverflow.
- I've searched for previous similar issues and didn't find any solution.
Describe the bug
Need to create new Params of passphrase in @aws-sdk/cloudfront-signer.
Iternally, @aws-sdk/cloudfront-signer is using crypto.sign to create sign.
For creating Viewer Access Restrictions of cloudfront, we must use RSA key only.
Also, we need to provide passphrase of RSA key for crypto.sign when we use this libs.
getSignedUrl and getSignedCookie can receive passphrase params in @aws-sdk/cloudfront-signer/src/sign.ts.
So, these function always throw Error about 'TypeError: Passphrase required for encrypted key'.
SDK version number
@aws-sdk/cloudfront-signer@3.215.0
Which JavaScript Runtime is this issue in?
Node.js
Details of the browser/Node.js/ReactNative version
v16.18.0
Reproduction Steps
prepare RSA-SHA256 key using ssh-keygen
ssh-keygen -t rsa -b 2048 -m PEM -f private.pem -P abcdeabcdeabcdeabcde
ssh-keygen -e -m PEM -f private.pem > public.pemcall getSIgnedUrl
const privateKey = fs.readFileSync(path.join(process.cwd(), 'private.pem'), 'utf8');
const { getSignedUrl } = require('@aws-sdk/cloudfront-signer');
// Sample Variables
const url= 'sample.com';
const keyPairId= 'KEY_PAIR_ID';
const signedUrl = getSignedUrl({
url,
keyPairId,
privateKey,
dateLessThan: new Date(Date.now() + 1000 * 60 * 60)
});Observed Behavior
TypeError: Passphrase required for encrypted key
at Sign.sign (node:internal/crypto/sig:131:29)
at CloudfrontSignBuilder.signData (~\node_modules\@aws-sdk\cloudfront-signer\dist-cjs\sign.js:212:21)
at CloudfrontSignBuilder.signPolicy (~\node_modules\@aws-sdk\cloudfront-signer\dist-cjs\sign.js:215:42)
at CloudfrontSignBuilder.createCloudfrontAttribute (~\node_modules\@aws-sdk\cloudfront-signer\dist-cjs\sign.js:240:32)
at getSignedUrl (~\node_modules\@aws-sdk\cloudfront-signer\dist-cjs\sign.js:27:57)
at Object.<anonymous> (~\api\video\controllers\videoController.js:60:1)
at Module._compile (node:internal/modules/cjs/loader:1155:14)
at Object.Module._extensions..js (node:internal/modules/cjs/loader:1209:10)
at Module.load (node:internal/modules/cjs/loader:1033:32)
at Function.Module._load (node:internal/modules/cjs/loader:868:12) {
code: 'ERR_MISSING_PASSPHRASE'
}Expected Behavior
When I run this code, I expect to return getSignedUrl (string).
Possible Solution
I create folk and PR to sovle it.
Additional Information/Context
Our campany need to use @aws-sdk/cloudfront-signer, so we wanna quickly changes this error.
@Jeff-edint, @Edint-Lay. @Kevin-edint(me)