How to sign command line?

How do I sign command line to get the signature field in the json payload when posting to /upload?

Hi,

you have to put your signature Public Key in the config.ini file as

signatureKey = "yourLongSignatureWith\nToPutEverythingOnALine"

Once you created your own key than can be obtained with lines like:

$ openssl genrsa -out commandline 2048
$ openssl rsa -pubout -in commandline -out public.key
$ sed ':a;N;$!ba;s/\n/\\n/g' public.key
$ cat public.key

you can use your custom server.

Here is then the algorithm we use to decode the key:

https://github.com/arduino/arduino-create-agent/blob/b199b1a39b0600fde57eabee7f7475e4ff38853e/conn.go#L131

So you can either use our server and then there is no way to sign the json payload for security reasons (we own the private key and we want to avoid every website run arbitrary commands on your own desktop) or you can create your own server and use your own set of keys.

Awesome!! Thanks for the info. Yes, I'm trying to test on my own server with my own keys, but after having my key generated and setup on the server, how to I sign the command line string to enter in the payload in the client side? Do you have a js script to point me to?

Here is what we use:

https://nodejs.org/api/crypto.html#crypto_class_sign

The key is a RSA-SHA256 and you can sign the command line the same way as stated in the example:

const crypto = require('crypto');
const sign = crypto.createSign('RSA-SHA256');

sign.write('yourcommandline');
sign.end();

const private_key = getPrivateKeySomehow();
console.log(sign.sign(private_key, 'hex'));
  // Prints the calculated signature

Awesome!! Thanks :)