Skip to content

Instantly share code, notes, and snippets.

@thelebster
Forked from sohamkamani/rsa.js
Created December 16, 2022 07:20
Show Gist options
  • Save thelebster/b457ba5bf5be4750649043c29a556519 to your computer and use it in GitHub Desktop.
Save thelebster/b457ba5bf5be4750649043c29a556519 to your computer and use it in GitHub Desktop.
An example of RSA Encryption implemented in Node.js
const crypto = require("crypto")
// The `generateKeyPairSync` method accepts two arguments:
// 1. The type ok keys we want, which in this case is "rsa"
// 2. An object with the properties of the key
const { publicKey, privateKey } = crypto.generateKeyPairSync("rsa", {
// The standard secure default length for RSA keys is 2048 bits
modulusLength: 2048,
})
console.log(
publicKey.export({
type: "pkcs1",
format: "pem",
}),
privateKey.export({
type: "pkcs1",
format: "pem",
})
)
// This is the data we want to encrypt
const data = "my secret data"
const encryptedData = crypto.publicEncrypt(
{
key: publicKey,
padding: crypto.constants.RSA_PKCS1_OAEP_PADDING,
oaepHash: "sha256",
},
// We convert the data string to a buffer using `Buffer.from`
Buffer.from(data)
)
// The encrypted data is in the form of bytes, so we print it in base64 format
// so that it's displayed in a more readable form
console.log("encypted data: ", encryptedData.toString("base64"))
const decryptedData = crypto.privateDecrypt(
{
key: privateKey,
// In order to decrypt the data, we need to specify the
// same hashing function and padding scheme that we used to
// encrypt the data in the previous step
padding: crypto.constants.RSA_PKCS1_OAEP_PADDING,
oaepHash: "sha256",
},
encryptedData
)
// The decrypted data is of the Buffer type, which we can convert to a
// string to reveal the original data
console.log("decrypted data: ", decryptedData.toString())
// Create some sample data that we want to sign
const verifiableData = "this need to be verified"
// The signature method takes the data we want to sign, the
// hashing algorithm, and the padding scheme, and generates
// a signature in the form of bytes
const signature = crypto.sign("sha256", Buffer.from(verifiableData), {
key: privateKey,
padding: crypto.constants.RSA_PKCS1_PSS_PADDING,
})
console.log(signature.toString("base64"))
// To verify the data, we provide the same hashing algorithm and
// padding scheme we provided to generate the signature, along
// with the signature itself, the data that we want to
// verify against the signature, and the public key
const isVerified = crypto.verify(
"sha256",
Buffer.from(verifiableData),
{
key: publicKey,
padding: crypto.constants.RSA_PKCS1_PSS_PADDING,
},
signature
)
// isVerified should be `true` if the signature is valid
console.log("signature verified: ", isVerified)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment