Skip to content
Visal .In edited this page Dec 12, 2020 · 14 revisions
import { RSA } from "https://deno.land/x/god_crypto/rsa.ts";

Overview


Usage

import { RSA } from "https://deno.land/x/god_crypto/rsa.ts";

const publicKey = RSA.parseKey(Deno.readTextFileSync("./public.pem"));
const cipher = await new RSA(publicKey).encrypt("Hello World");
console.log(ciper.base64());

const privateKey = RSA.parseKey(Deno.readTextFileSync("./private.pem"));
const plain = await new RSA(privateKey).decrypt(cipher);
console.log(plain.toString());

References

Import with parseKey

RSA.parseKey(key: string);

Example:

const pem = `-----BEGIN PUBLIC KEY-----
  MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzyis1ZjfNB0bBgKFMSv
  vkTtwlvBsaJq7S5wA+kzeVOVpVWwkWdVha4s38XM/pa/yr47av7+z3VTmvDRyAHc
  aT92whREFpLv9cj5lTeJSibyr/Mrm/YtjCZVWgaOYIhwrXwKLqPr/11inWsAkfIy
  tvHWTxZYEcXLgAXFuUuaS3uF9gEiNQwzGTU1v0FqkqTBr4B8nW3HCN47XUu0t8Y0
  e+lf4s4OxQawWD79J9/5d3Ry0vbV3Am1FtGJiJvOwRsIfVChDpYStTcHTCMqtvWb
  V6L11BWkpzGXSW4Hv43qa+GSYOD2QU68Mb59oSk2OB+BtOLpJofmbGEGgvmwyCI9
  MwIDAQAB
  -----END PUBLIC KEY-----`;

const publicKey = RSA.parseKey(pem);

constructor

new RSA(key)

Take either public or private key generated by RSA.parseKey.


encrypt

const rsa = new RSA(key);
await rsa.encrypt(message, options);
Parameters Default Description
message Message to encrypt. Take Uint8Array or string
options
>>options.padding oaep Padding. Support two padding: pkcs1 and oaep
>>options.hash sha256 Hash algorithm used in mask generation function. Support sha1, sha256, and sha512 Applied only oaep padding mode

Example

const rsa = new RSA(publicKey);
await rsa.encrypt("Hello World");
await rsa.encrypt("Hello World", { hash: "sha1" });
await rsa.encrypt("Hello World", { padding: "pkcs1" });

(await rsa.encrypt("Hello World")).hex();
(await rsa.encrypt("Hello World")).base64();

decrypt

const rsa = new RSA(key);
await rsa.decrypt(cipher, options);
Parameters Default Description
cipher Uint8Array Cipher text to decrypt
options
>>options.padding oaep Padding. Support two padding: pkcs1 and oaep
>>options.hash sha256 Hash algorithm used in mask generation function. Support sha1, sha256, and sha512 Applied only oaep padding mode

Example

const cipher = await new RSA(publicKey).encrypt("Hello World");
const plain = await new RSA(privateKey).decrypt(cipher);

sign

const rsa = new RSA(key);
await rsa.sign(message, options);
Parameters Default Description
message Message to sign. Take Uint8Array or string
options
>>options.algorithm rsassa-pkcs1-v1_5 rsassa-pkcs1-v1_5 and rsassa-pss
>>options.hash sha256 sha1, sha256, and sha512

Example

const rsa = new RSA(privateKey);
await rsa.sign("Hello World");

// Convert it to different encoding
(await rsa.sign("Hello World")).hex();
(await rsa.sign("Hello World")).base64();
(await rsa.sign("Hello World")).base64url();

verify

const rsa = new RSA(key);
await rsa.verify(signature, message, options);
Parameters Default Description
signature Signature in Uint8Array
message Message to verify. Take Uint8Array or string
options
>>options.algorithm rsassa-pkcs1-v1_5 rsassa-pkcs1-v1_5 and rsassa-pss
>>options.hash sha256 sha1, sha256, and sha512

Example

const signature = await new RSA(privateKey).sign("Hello World");
await new RSA(privateKey).verify(signature, "Hello World");

Examples

Sign and Verify with RS256 for JWT

Verifying JSON Web Token (JWT)

import { RSA }    from "https://deno.land/x/god_crypto/rsa.ts";
import { encode}  from "https://deno.land/x/god_crypto/encode.ts";

const jwt =
  "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiw" +
  "iYWRtaW4iOnRydWUsImlhdCI6MTUxNjIzOTAyMn0.POstGetfAytaZS82wHcjoTyoqhMyxXiWdR7Nn7A29DNSl0E" +
  "iXLdwJ6xC6AfgZWF1bOsS_TuYI3OG85AmiExREkrS6tDfTQ2B3WXlrr-wp5AokiRbz3_oB4OxG-W9KcEEbDRcZc0" +
  "nH3L7LzYptiy1PtAylQGxHTWZXtGz4ht0bAecBgmpdgXMguEIcoqPJ1n3pIWk_dUZegpqx0Lka21H6XxUTxiy8Oc" +
  "aarA8zdnPUnV6AmNP3ecFawIFYdvJB_cm-GvpCSbr8G8y_Mllj8f4x9nBH8pQux89_6gUY618iYv7tuPWBFfEbLx" +
  "tF2pZS6YC1aSfLQxeNe8djT9YjpvRZA";

const publicKey = `-----BEGIN PUBLIC KEY-----
  MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzyis1ZjfNB0bBgKFMSv
  vkTtwlvBsaJq7S5wA+kzeVOVpVWwkWdVha4s38XM/pa/yr47av7+z3VTmvDRyAHc
  aT92whREFpLv9cj5lTeJSibyr/Mrm/YtjCZVWgaOYIhwrXwKLqPr/11inWsAkfIy
  tvHWTxZYEcXLgAXFuUuaS3uF9gEiNQwzGTU1v0FqkqTBr4B8nW3HCN47XUu0t8Y0
  e+lf4s4OxQawWD79J9/5d3Ry0vbV3Am1FtGJiJvOwRsIfVChDpYStTcHTCMqtvWb
  V6L11BWkpzGXSW4Hv43qa+GSYOD2QU68Mb59oSk2OB+BtOLpJofmbGEGgvmwyCI9
  MwIDAQAB
  -----END PUBLIC KEY-----`;

const [header, payload, signature] = jwt.split(".");

const key = RSA.parseKey(publicKey);
const rsa = new RSA(key);

console.log(await rsa.verify(
  encode.base64url(signature),
  header + "." + payload,
  { algorithm: "rsassa-pkcs1-v1_5", hash: "sha256" },
));

Signing JSON Web Token (JWT)

const privateKey = `-----BEGIN RSA PRIVATE KEY-----
  MIIEogIBAAKCAQEAnzyis1ZjfNB0bBgKFMSvvkTtwlvBsaJq7S5wA+kzeVOVpVWw
  kWdVha4s38XM/pa/yr47av7+z3VTmvDRyAHcaT92whREFpLv9cj5lTeJSibyr/Mr
  m/YtjCZVWgaOYIhwrXwKLqPr/11inWsAkfIytvHWTxZYEcXLgAXFuUuaS3uF9gEi
  NQwzGTU1v0FqkqTBr4B8nW3HCN47XUu0t8Y0e+lf4s4OxQawWD79J9/5d3Ry0vbV
  3Am1FtGJiJvOwRsIfVChDpYStTcHTCMqtvWbV6L11BWkpzGXSW4Hv43qa+GSYOD2
  QU68Mb59oSk2OB+BtOLpJofmbGEGgvmwyCI9MwIDAQABAoIBACiARq2wkltjtcjs
  kFvZ7w1JAORHbEufEO1Eu27zOIlqbgyAcAl7q+/1bip4Z/x1IVES84/yTaM8p0go
  amMhvgry/mS8vNi1BN2SAZEnb/7xSxbflb70bX9RHLJqKnp5GZe2jexw+wyXlwaM
  +bclUCrh9e1ltH7IvUrRrQnFJfh+is1fRon9Co9Li0GwoN0x0byrrngU8Ak3Y6D9
  D8GjQA4Elm94ST3izJv8iCOLSDBmzsPsXfcCUZfmTfZ5DbUDMbMxRnSo3nQeoKGC
  0Lj9FkWcfmLcpGlSXTO+Ww1L7EGq+PT3NtRae1FZPwjddQ1/4V905kyQFLamAA5Y
  lSpE2wkCgYEAy1OPLQcZt4NQnQzPz2SBJqQN2P5u3vXl+zNVKP8w4eBv0vWuJJF+
  hkGNnSxXQrTkvDOIUddSKOzHHgSg4nY6K02ecyT0PPm/UZvtRpWrnBjcEVtHEJNp
  bU9pLD5iZ0J9sbzPU/LxPmuAP2Bs8JmTn6aFRspFrP7W0s1Nmk2jsm0CgYEAyH0X
  +jpoqxj4efZfkUrg5GbSEhf+dZglf0tTOA5bVg8IYwtmNk/pniLG/zI7c+GlTc9B
  BwfMr59EzBq/eFMI7+LgXaVUsM/sS4Ry+yeK6SJx/otIMWtDfqxsLD8CPMCRvecC
  2Pip4uSgrl0MOebl9XKp57GoaUWRWRHqwV4Y6h8CgYAZhI4mh4qZtnhKjY4TKDjx
  QYufXSdLAi9v3FxmvchDwOgn4L+PRVdMwDNms2bsL0m5uPn104EzM6w1vzz1zwKz
  5pTpPI0OjgWN13Tq8+PKvm/4Ga2MjgOgPWQkslulO/oMcXbPwWC3hcRdr9tcQtn9
  Imf9n2spL/6EDFId+Hp/7QKBgAqlWdiXsWckdE1Fn91/NGHsc8syKvjjk1onDcw0
  NvVi5vcba9oGdElJX3e9mxqUKMrw7msJJv1MX8LWyMQC5L6YNYHDfbPF1q5L4i8j
  8mRex97UVokJQRRA452V2vCO6S5ETgpnad36de3MUxHgCOX3qL382Qx9/THVmbma
  3YfRAoGAUxL/Eu5yvMK8SAt/dJK6FedngcM3JEFNplmtLYVLWhkIlNRGDwkg3I5K
  y18Ae9n7dHVueyslrb6weq7dTkYDi3iOYRW8HRkIQh06wEdbxt0shTzAJvvCQfrB
  jg/3747WSsf/zBTcHihTRBdAv6OmdhV4/dD5YBfLAkLrd+mX7iE=
  -----END RSA PRIVATE KEY-----`;

const key = RSA.parseKey(privateKey);
const rsa = new RSA(key);

const header = "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9"
const payload = "eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWUsImlhdCI6MTUxNjIzOTAyMn0";
const signature = await rsa.sign(
  header + "." + payload,
  { algorithm: "rsassa-pkcs1-v1_5", hash: "sha256" },
);

console.log(header + "." + payload+ "." + signature);

About

Reference

Utility

Clone this wiki locally