1//src https://www.sohamkamani.com/nodejs/rsa-encryption/
2//e.g. https://gist.github.com/sohamkamani/b14a9053551dbe59c39f83e25c829ea7
3////////////////////////////////////////////////////////////////
4npm install crypto
5///////////////////////////////////////////////////////////////
6const crypto = require("crypto")
7
8
9// The `generateKeyPairSync` method accepts two arguments:
10// 1. The type ok keys we want, which in this case is "rsa"
11// 2. An object with the properties of the key
12const { publicKey, privateKey } = crypto.generateKeyPairSync("rsa", {
13 // The standard secure default length for RSA keys is 2048 bits
14 modulusLength: 2048,
15})
16
17// use the public and private keys
18// ...
19
20
21
22// This is the data we want to encrypt
23const data = "my secret data"
24
25const encryptedData = crypto.publicEncrypt(
26 {
27 key: publicKey,
28 padding: crypto.constants.RSA_PKCS1_OAEP_PADDING,
29 oaepHash: "sha512",
30 },
31 // We convert the data string to a buffer using `Buffer.from`
32 Buffer.from(data)
33)
34
35// The encrypted data is in the form of bytes, so we print it in base64 format
36// so that it's displayed in a more readable form
37console.log("encypted data: ", encryptedData.toString("base64"))
38
39
40
41const decryptedData = crypto.privateDecrypt(
42 {
43 key: privateKey,
44 // In order to decrypt the data, we need to specify the
45 // same hashing function and padding scheme that we used to
46 // encrypt the data in the previous step
47 padding: crypto.constants.RSA_PKCS1_OAEP_PADDING,
48 oaepHash: "sha512",
49 },
50 encryptedData
51)
52
53// The decrypted data is of the Buffer type, which we can convert to a
54// string to reveal the original data
55console.log("decrypted data: ", decryptedData.toString())
56
57
58
59
60
61
62// Create some sample data that we want to sign
63const verifiableData = "this need to be verified"
64
65// The signature method takes the data we want to sign, the
66// hashing algorithm, and the padding scheme, and generates
67// a signature in the form of bytes
68const signature = crypto.sign("sha512", Buffer.from(verifiableData), {
69 key: privateKey,
70 padding: crypto.constants.RSA_PKCS1_PSS_PADDING,
71})
72
73console.log(signature.toString("base64"))
74
75// To verify the data, we provide the same hashing algorithm and
76// padding scheme we provided to generate the signature, along
77// with the signature itself, the data that we want to
78// verify against the signature, and the public key
79const isVerified = crypto.verify(
80 "sha512",
81 Buffer.from(verifiableData),
82 {
83 key: publicKey,
84 padding: crypto.constants.RSA_PKCS1_PSS_PADDING,
85 },
86 signature
87)
88
89// isVerified should be `true` if the signature is valid
90console.log("signature verified: ", isVerified)
1// 1. The type ok keys we want, which in this case is "rsa"
2// 2. An object with the properties of the key
3const { publicKey, privateKey } = crypto.generateKeyPairSync("rsa", {
4 // The standard secure default length for RSA keys is 2048 bits
5 modulusLength: 2048,
6})
7
8// use the public and private keys
9// ...
10
11
12
13// This is the data we want to encrypt
14const data = "my secret data"
15
16const encryptedData = crypto.publicEncrypt(
17 {
18 key: publicKey,
19 padding: crypto.constants.RSA_PKCS1_OAEP_PADDING,
20 oaepHash: "sha512",
21 },
22 // We convert the data string to a buffer using `Buffer.from`
23 Buffer.from(data)
24)
25
26// The encrypted data is in the form of bytes, so we print it in base64 format
27// so that it's displayed in a more readable form
28console.log("encypted data: ", encryptedData.toString("base64"))
29
30
31
32const decryptedData = crypto.privateDecrypt(
33 {
34 key: privateKey,
35 // In order to decrypt the data, we need to specify the
36 // same hashing function and padding scheme that we used to
37 // encrypt the data in the previous step
38 padding: crypto.constants.RSA_PKCS1_OAEP_PADDING,
39 oaepHash: "sha512",
40 },
41 encryptedData
42)
43
44// The decrypted data is of the Buffer type, which we can convert to a
45// string to reveal the original data
46console.log("decrypted data: ", decryptedData.toString())
47
48
49
50
51
52
53// Create some sample data that we want to sign
54const verifiableData = "this need to be verified"
55
56// The signature method takes the data we want to sign, the
57// hashing algorithm, and the padding scheme, and generates
58// a signature in the form of bytes
59const signature = crypto.sign("sha512", Buffer.from(verifiableData), {
60 key: privateKey,
61 padding: crypto.constants.RSA_PKCS1_PSS_PADDING,
62})
63
64console.log(signature.toString("base64"))
65
66// To verify the data, we provide the same hashing algorithm and
67// padding scheme we provided to generate the signature, along
68// with the signature itself, the data that we want to
69// verify against the signature, and the public key
70const isVerified = crypto.verify(
71 "sha512",
72 Buffer.from(verifiableData),
73 {
74 key: publicKey,
75 padding: crypto.constants.RSA_PKCS1_PSS_PADDING,
76 },
77 signature
78)
79
80// isVerified should be `true` if the signature is valid
81console.log("signature verified: ", isVerified)
82
1 <script type="text/javascript">
2 $(function () {
3
4 //Change the key size value for new keys
5 $(".change-key-size").each(function (index, value) {
6 var el = $(value);
7 var keySize = el.attr('data-value');
8 el.click(function (e) {
9 var button = $('#key-size');
10 button.attr('data-value', keySize);
11 button.html(keySize + ' bit <span class="caret"></span>');
12 e.preventDefault();
13 });
14 });
15
16 // Execute when they click the button.
17 $('#execute').click(function () {
18
19 // Create the encryption object.
20 var crypt = new JSEncrypt();
21
22 // Set the private.
23 crypt.setPrivateKey($('#privkey').val());
24 //return;
25 // If no public key is set then set it here...
26 var pubkey = $('#pubkey').val();
27 if (!pubkey) {
28 $('#pubkey').val(crypt.getPublicKey());
29 }
30
31 // Get the input and crypted values.
32 var input = $('#input').val();
33 var crypted = $('#crypted').val();
34
35 // Alternate the values.
36 if (input) {
37 $('#crypted').val(crypt.encrypt(input));
38 $('#input').val('');
39 }
40 else if (crypted) {
41 var decrypted = crypt.decrypt(crypted);
42 if (!decrypted)
43 decrypted = 'This is a test!';
44 $('#input').val(decrypted);
45 $('#crypted').val('');
46 }
47 });
48
49 var generateKeys = function () {
50 var sKeySize = $('#key-size').attr('data-value');
51 var keySize = parseInt(sKeySize);
52 var crypt = new JSEncrypt({ default_key_size: keySize });
53 var async = $('#async-ck').is(':checked');
54 var dt = new Date();
55 var time = -(dt.getTime());
56 if (async) {
57 $('#time-report').text('.');
58 var load = setInterval(function () {
59 var text = $('#time-report').text();
60 $('#time-report').text(text + '.');
61 }, 500);
62 crypt.getKey(function () {
63 clearInterval(load);
64 dt = new Date();
65 time += (dt.getTime());
66 $('#time-report').text('Generated in ' + time + ' ms');
67 $('#privkey').val(crypt.getPrivateKey());
68 $('#pubkey').val(crypt.getPublicKey());
69 });
70 return;
71 }
72 crypt.getKey();
73 dt = new Date();
74 time += (dt.getTime());
75 $('#time-report').text('Generated in ' + time + ' ms');
76 $('#privkey').val(crypt.getPrivateKey());
77 $('#pubkey').val(crypt.getPublicKey());
78 };
79
80 // If they wish to generate new keys.
81 $('#generate').click(generateKeys);
82 generateKeys();
83 });
84</script>
85