-
Notifications
You must be signed in to change notification settings - Fork 16
RSA
Visal .In edited this page Dec 12, 2020
·
14 revisions
import { RSA } from "https://deno.land/x/god_crypto/rsa.ts";
import { RSA } from "https://deno.land/x/god_crypto/rsa.ts";
const publicKey = RSA.parseKey(Deno.readTextFileSync("./public.pem"));
const cipher = await new RSA(publicKey).encrypt("Hello World");
console.log(ciper.base64());
const privateKey = RSA.parseKey(Deno.readTextFileSync("./private.pem"));
const plain = await new RSA(privateKey).decrypt(cipher);
console.log(plain.toString());
RSA.parseKey(key: string);
Example:
const pem = `-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzyis1ZjfNB0bBgKFMSv
vkTtwlvBsaJq7S5wA+kzeVOVpVWwkWdVha4s38XM/pa/yr47av7+z3VTmvDRyAHc
aT92whREFpLv9cj5lTeJSibyr/Mrm/YtjCZVWgaOYIhwrXwKLqPr/11inWsAkfIy
tvHWTxZYEcXLgAXFuUuaS3uF9gEiNQwzGTU1v0FqkqTBr4B8nW3HCN47XUu0t8Y0
e+lf4s4OxQawWD79J9/5d3Ry0vbV3Am1FtGJiJvOwRsIfVChDpYStTcHTCMqtvWb
V6L11BWkpzGXSW4Hv43qa+GSYOD2QU68Mb59oSk2OB+BtOLpJofmbGEGgvmwyCI9
MwIDAQAB
-----END PUBLIC KEY-----`;
const publicKey = RSA.parseKey(pem);
new RSA(key)
Take either public or private key generated by RSA.parseKey
.
const rsa = new RSA(key);
await rsa.encrypt(message, options);
Parameters | Default | Description |
---|---|---|
message |
Message to encrypt. Take Uint8Array or string
|
|
options |
||
>>options.padding |
oaep |
Padding. Support two padding: pkcs1 and oaep
|
>>options.hash |
sha256 |
Hash algorithm used in mask generation function. Support sha1 , sha256 , and sha512 Applied only oaep padding mode |
Example
const rsa = new RSA(publicKey);
await rsa.encrypt("Hello World");
await rsa.encrypt("Hello World", { hash: "sha1" });
await rsa.encrypt("Hello World", { padding: "pkcs1" });
(await rsa.encrypt("Hello World")).hex();
(await rsa.encrypt("Hello World")).base64();
const rsa = new RSA(key);
await rsa.decrypt(cipher, options);
Parameters | Default | Description |
---|---|---|
cipher |
Uint8Array Cipher text to decrypt |
|
options |
||
>>options.padding |
oaep |
Padding. Support two padding: pkcs1 and oaep
|
>>options.hash |
sha256 |
Hash algorithm used in mask generation function. Support sha1 , sha256 , and sha512 Applied only oaep padding mode |
Example
const cipher = await new RSA(publicKey).encrypt("Hello World");
const plain = await new RSA(privateKey).decrypt(cipher);
const rsa = new RSA(key);
await rsa.sign(message, options);
Parameters | Default | Description |
---|---|---|
message |
Message to sign. Take Uint8Array or string
|
|
options |
||
>>options.algorithm |
rsassa-pkcs1-v1_5 |
rsassa-pkcs1-v1_5 and rsassa-pss
|
>>options.hash |
sha256 |
sha1 , sha256 , and sha512
|
Example
const rsa = new RSA(privateKey);
await rsa.sign("Hello World");
// Convert it to different encoding
(await rsa.sign("Hello World")).hex();
(await rsa.sign("Hello World")).base64();
(await rsa.sign("Hello World")).base64url();
const rsa = new RSA(key);
await rsa.verify(signature, message, options);
Parameters | Default | Description |
---|---|---|
signature |
Signature in Uint8Array
|
|
message |
Message to verify. Take Uint8Array or string
|
|
options |
||
>>options.algorithm |
rsassa-pkcs1-v1_5 |
rsassa-pkcs1-v1_5 and rsassa-pss
|
>>options.hash |
sha256 |
sha1 , sha256 , and sha512
|
Example
const signature = await new RSA(privateKey).sign("Hello World");
await new RSA(privateKey).verify(signature, "Hello World");
Verifying JSON Web Token (JWT)
import { RSA } from "https://deno.land/x/god_crypto/rsa.ts";
import { encode} from "https://deno.land/x/god_crypto/encode.ts";
const jwt =
"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiw" +
"iYWRtaW4iOnRydWUsImlhdCI6MTUxNjIzOTAyMn0.POstGetfAytaZS82wHcjoTyoqhMyxXiWdR7Nn7A29DNSl0E" +
"iXLdwJ6xC6AfgZWF1bOsS_TuYI3OG85AmiExREkrS6tDfTQ2B3WXlrr-wp5AokiRbz3_oB4OxG-W9KcEEbDRcZc0" +
"nH3L7LzYptiy1PtAylQGxHTWZXtGz4ht0bAecBgmpdgXMguEIcoqPJ1n3pIWk_dUZegpqx0Lka21H6XxUTxiy8Oc" +
"aarA8zdnPUnV6AmNP3ecFawIFYdvJB_cm-GvpCSbr8G8y_Mllj8f4x9nBH8pQux89_6gUY618iYv7tuPWBFfEbLx" +
"tF2pZS6YC1aSfLQxeNe8djT9YjpvRZA";
const publicKey = `-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzyis1ZjfNB0bBgKFMSv
vkTtwlvBsaJq7S5wA+kzeVOVpVWwkWdVha4s38XM/pa/yr47av7+z3VTmvDRyAHc
aT92whREFpLv9cj5lTeJSibyr/Mrm/YtjCZVWgaOYIhwrXwKLqPr/11inWsAkfIy
tvHWTxZYEcXLgAXFuUuaS3uF9gEiNQwzGTU1v0FqkqTBr4B8nW3HCN47XUu0t8Y0
e+lf4s4OxQawWD79J9/5d3Ry0vbV3Am1FtGJiJvOwRsIfVChDpYStTcHTCMqtvWb
V6L11BWkpzGXSW4Hv43qa+GSYOD2QU68Mb59oSk2OB+BtOLpJofmbGEGgvmwyCI9
MwIDAQAB
-----END PUBLIC KEY-----`;
const [header, payload, signature] = jwt.split(".");
const key = RSA.parseKey(publicKey);
const rsa = new RSA(key);
console.log(await rsa.verify(
encode.base64url(signature),
header + "." + payload,
{ algorithm: "rsassa-pkcs1-v1_5", hash: "sha256" },
));
Signing JSON Web Token (JWT)
const privateKey = `-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAnzyis1ZjfNB0bBgKFMSvvkTtwlvBsaJq7S5wA+kzeVOVpVWw
kWdVha4s38XM/pa/yr47av7+z3VTmvDRyAHcaT92whREFpLv9cj5lTeJSibyr/Mr
m/YtjCZVWgaOYIhwrXwKLqPr/11inWsAkfIytvHWTxZYEcXLgAXFuUuaS3uF9gEi
NQwzGTU1v0FqkqTBr4B8nW3HCN47XUu0t8Y0e+lf4s4OxQawWD79J9/5d3Ry0vbV
3Am1FtGJiJvOwRsIfVChDpYStTcHTCMqtvWbV6L11BWkpzGXSW4Hv43qa+GSYOD2
QU68Mb59oSk2OB+BtOLpJofmbGEGgvmwyCI9MwIDAQABAoIBACiARq2wkltjtcjs
kFvZ7w1JAORHbEufEO1Eu27zOIlqbgyAcAl7q+/1bip4Z/x1IVES84/yTaM8p0go
amMhvgry/mS8vNi1BN2SAZEnb/7xSxbflb70bX9RHLJqKnp5GZe2jexw+wyXlwaM
+bclUCrh9e1ltH7IvUrRrQnFJfh+is1fRon9Co9Li0GwoN0x0byrrngU8Ak3Y6D9
D8GjQA4Elm94ST3izJv8iCOLSDBmzsPsXfcCUZfmTfZ5DbUDMbMxRnSo3nQeoKGC
0Lj9FkWcfmLcpGlSXTO+Ww1L7EGq+PT3NtRae1FZPwjddQ1/4V905kyQFLamAA5Y
lSpE2wkCgYEAy1OPLQcZt4NQnQzPz2SBJqQN2P5u3vXl+zNVKP8w4eBv0vWuJJF+
hkGNnSxXQrTkvDOIUddSKOzHHgSg4nY6K02ecyT0PPm/UZvtRpWrnBjcEVtHEJNp
bU9pLD5iZ0J9sbzPU/LxPmuAP2Bs8JmTn6aFRspFrP7W0s1Nmk2jsm0CgYEAyH0X
+jpoqxj4efZfkUrg5GbSEhf+dZglf0tTOA5bVg8IYwtmNk/pniLG/zI7c+GlTc9B
BwfMr59EzBq/eFMI7+LgXaVUsM/sS4Ry+yeK6SJx/otIMWtDfqxsLD8CPMCRvecC
2Pip4uSgrl0MOebl9XKp57GoaUWRWRHqwV4Y6h8CgYAZhI4mh4qZtnhKjY4TKDjx
QYufXSdLAi9v3FxmvchDwOgn4L+PRVdMwDNms2bsL0m5uPn104EzM6w1vzz1zwKz
5pTpPI0OjgWN13Tq8+PKvm/4Ga2MjgOgPWQkslulO/oMcXbPwWC3hcRdr9tcQtn9
Imf9n2spL/6EDFId+Hp/7QKBgAqlWdiXsWckdE1Fn91/NGHsc8syKvjjk1onDcw0
NvVi5vcba9oGdElJX3e9mxqUKMrw7msJJv1MX8LWyMQC5L6YNYHDfbPF1q5L4i8j
8mRex97UVokJQRRA452V2vCO6S5ETgpnad36de3MUxHgCOX3qL382Qx9/THVmbma
3YfRAoGAUxL/Eu5yvMK8SAt/dJK6FedngcM3JEFNplmtLYVLWhkIlNRGDwkg3I5K
y18Ae9n7dHVueyslrb6weq7dTkYDi3iOYRW8HRkIQh06wEdbxt0shTzAJvvCQfrB
jg/3747WSsf/zBTcHihTRBdAv6OmdhV4/dD5YBfLAkLrd+mX7iE=
-----END RSA PRIVATE KEY-----`;
const key = RSA.parseKey(privateKey);
const rsa = new RSA(key);
const header = "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9"
const payload = "eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWUsImlhdCI6MTUxNjIzOTAyMn0";
const signature = await rsa.sign(
header + "." + payload,
{ algorithm: "rsassa-pkcs1-v1_5", hash: "sha256" },
);
console.log(header + "." + payload+ "." + signature);