Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Can't sign data - example on documentation doesn't work

See original GitHub issue

Package Name: @azure/keyvault-keys
Package Version: 4.0.4/4.1.0
Operating system: Ubuntu 20.04.1
[x ] nodejs
- version: 10.16.3
browser
- name/version:
typescript
- version:
Is the bug related to documentation in
- README.md
- source code documentation
- [ x ] SDK API docs on https://docs.microsoft.com

Describe the bug Tried the example at https://docs.microsoft.com/en-us/javascript/api/overview/azure/keyvault-keys-readme?view=azure-node-latest#sign-data but keep getting this error:

(node:43146) UnhandledPromiseRejectionWarning: RestError: Invalid length of 'value': 10 bytes. RS256 requires 32 bytes, encoded with base64url. at new RestError (/home/andre/projects/eth/carbon-registry/api/functions/node_modules/@azure/core-http/dist/index.js:2344:28) at /home/andre/projects/eth/carbon-registry/api/functions/node_modules/@azure/core-http/dist/index.js:3137:25 at process._tickCallback (internal/process/next_tick.js:68:7) To Reproduce Steps to reproduce the behavior:

Create a script with the example: `const { ClientSecretCredential } = require(“@azure/identity”) const { KeyClient, CryptographyClient } = require(“@azure/keyvault-keys”);

const credential = new ClientSecretCredential( configs.tenant_id, configs.client_id, configs.secret )

const vaultName = configs.name; const url = https://${vaultName}.vault.azure.net;

const keysClient = new KeyClient(url, credential);

async function main() { let myKey = await keysClient.createKey(“MyKey”, “RSA”); const cryptographyClient = new CryptographyClient(myKey.id, credential);

const signResult = await cryptographyClient.sign(“RS256”, Buffer.from(“My Message”)); console.log("sign result: ", signResult.result); }

main();`

Expected behavior It should log the signing result

Screenshots If applicable, add screenshots to help explain your problem.

Additional context Add any other context about the problem here.

Issue Analytics

State:
Created 3 years ago
Comments:5 (3 by maintainers)

Top GitHub Comments

1reaction

afmeirellescommented, Nov 24, 2020

Hi, Daniel, thanks for taking the time to respond my inquiry.

I read you suggestion, but I still have doubts… Do you mean I can only sign strings with 32 bytes exactly? The method also throws an error for string greater than 32 bytes.

Regards,

André Meirelles

Em seg, 23 de nov de 2020 20:26, Daniel Rodríguez notifications@github.com escreveu:

Hello @afmeirelles https://github.com/afmeirelles ! I’m here to help.

You’ve found something we need to fix in our documentation. Thank you so much for making this issue!

Key Vault’s sign method accepts digest values depending on the algorithm requirement. In the sample you shared above, you’re using RS256, which, as the error says, requires at least 32 bytes (so, 256 bites!).

You’ll be able to pass through this issue by applying the following change:

const signResult = await cryptographyClient.sign(“RS256”, Buffer.from(“My Message”));

const signResult = await cryptographyClient.sign(“RS256”, Buffer.from(“My 32 bytes, to sign with RS256.”));

That is a fix since My 32 bytes, to sign with RS256. has 32 characters 😄

I’ve made a PR to our docs making this fix: MicrosoftDocs/azure-docs-sdk-node#969 https://github.com/MicrosoftDocs/azure-docs-sdk-node/pull/969

Anything else I can help with? 🙇‍♂️

Once again, thank you so much for bringing this to our attention!

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/Azure/azure-sdk-for-js/issues/12654#issuecomment-732484803, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABSAIHZCYUEH5E5NQSC3XRTSRLVTVANCNFSM4T5LDXAA .

0reactions

sadasantcommented, Nov 24, 2020

@afmeirelles that is correct! sign() expects a fixed size based on the algorithm, and signData() allows you to have buffers of variable size! If that helps, I’ll make sure our docs are updated! Let me know if I can help with anything else.

Top Results From Across the Web

eSignature troubleshooting tricks - One Legal

Ever have trouble getting your documents signed, sealed, and delivered? Check out these eSignature troubleshooting issues we've solved for ...

Digitally Sign DATA, Not Documents [closed] - Stack Overflow

For example, drug companies cannot submit their paperwork to the FDA with electronic signatures, digital signatures are required.

Enable or disable digital signatures - Microsoft Support

In the Select a Field or Group dialog box, click the field or group for which you want to enable digital signatures, and...

Understanding Digital Signatures | CISA - US-CERT

Digital signatures work by proving that a digital message or document was not modified—intentionally or unintentionally—from the time it was ...

Complying with Medicare Signature Requirements - CMS

We accept a signature attestation for medical documentation, except orders. The attestation must be associated with a medical record and created by the...