The docs don't seem to tell us how to specify the passphrase for the "private_key" pem file.

Question

The docs don't seem to tell us how to specify the passphrase for the "private_key" pem file.

PaulSender opened this issue 4 years ago · 3 comments

I need to specify a passphrase for my key.pem file in order for the service provider to send a signed request. When doing so, I receive
var ret = this._handle.sign(toBuf(key), passphrase, rsaPadding,
Error: error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt

which from my experience just means you need to specify that passphrase but the docs don't tell us how to do that with this particular package. Is this possible or should I use passport-saml?

Answer 1 · 2021-02-03T18:48:45.000Z

Specifying a password to use with the private_key is not directly supported by this library.

However, the underlying dependency (xml-crypto) hints that this error is different: node-saml/xml-crypto#123. Similarly, #168 mentions a different issue on encountering a passphrase.

Can you attempt the issue with and without a passphrase on the private_key?

Answer 2 · 2021-02-04T23:08:42.000Z

I was able to bypass this issue by creating a pem file without a passphrase.

Answer 3 · 2021-02-09T18:43:49.000Z

Given the proposed solution, I'll close this issue out.

If you don't believe this is satisfactory, feel free to reopen.