Web Crypto API RSASSA-PKCS1-v1_5 Generate Keys Sign & verify Message

by Anish

Posted on Monday september 24, 2018


This sample chapter extracted from the book, Cryptography for JavaScript Developers.


The Web crypto api RSASSA-PKCS1-v1_5 algorithm identifier is used to perform signing and verification using the RSASSA-PKCS1-v1_5 algorithm specified in [RFC3447] and using the SHA hash functions defined in this specification.

  • Sign: Perform the signature generation operation
  • Verify: Perform the signature verification operation
  • Generate Key: Generate an RSA key pair, with RSA modulus length equal to the modulusLength attribute of normalizedAlgorithm and RSA public exponent equal to the publicExponent attribute of normalizedAlgorithm

RSASSA-PKCS1-v1_5 Demo

This is the web cryptography api example of performing RSASSA-PKCS1-v1_5 message signing and verifying the signature, for the demo purpose the RSASSA-PKCS1-v1_5 keys are extracted in JWK format

Input Text to Signed
Signature Output (Hex)
RSASSA-PKCS1-v1_5 Public Key (JWK) :
RSASSA-PKCS1-v1_5 Private Key (JWK):

RSASSA-PKCS1-v1_5 Javascript example of using webcrypto api

Generate RSASSA-PKCS1-v1_5 Keys for the signing and verifying purpose, message signing is done through

   window.crypto.subtle.generateKey({
            name: "RSASSA-PKCS1-v1_5",
            modulusLength: 2048, //can be 1024, 2048, or 4096
            publicExponent: new Uint8Array([0x01, 0x00, 0x01]),
            hash: {name: "SHA-256"}, //can be "SHA-1", "SHA-256", "SHA-384", or "SHA-512"
        },
        true, //whether the key is extractable (i.e. can be used in exportKey)
        ["sign", "verify"] //can be any combination of "sign" and "verify"
    )
    .then(function(key) {

        publicKey = key.publicKey;
        privateKey = key.privateKey;
        // For Demo Purpos Only Exported in JWK format
        window.crypto.subtle.exportKey("jwk", key.publicKey).then(
            function(keydata) {
                publicKeyhold = keydata;
                publicKeyJson = JSON.stringify(publicKeyhold);
                document.getElementById("rsapublic").value = publicKeyJson;
            }
        );

        window.crypto.subtle.exportKey("jwk", key.privateKey).then(
            function(keydata) {
                privateKeyhold = keydata;
                privateKeyJson = JSON.stringify(privateKeyhold);
                document.getElementById("rsaprivate").value = privateKeyJson;
            }
        );

The sign process using the user private key.

        window.crypto.subtle.sign({
                    name: "RSASSA-PKCS1-v1_5",
                },
                privateKey, //from generateKey or importKey above
                asciiToUint8Array(plainText) //ArrayBuffer of data you want to sign
            )
            .then(function(signature) {
                //returns an ArrayBuffer containing the signature
                document.getElementById("cipherText").value = bytesToHexString(signature);
            })
            .catch(function(err) {
                console.error(err);
            });


    })
    .catch(function(err) {
        console.error(err);
    });

RSASSA-PKCS1-v1_5 Verify the message signature using the public key

    window.crypto.subtle.verify({
            name: "RSASSA-PKCS1-v1_5",
        },
        publicKey, //from generateKey or importKey above
        hexStringToUint8Array(cipherText), //ArrayBuffer of the data
        asciiToUint8Array(plainText)
    )
    .then(function(decrypted) {
        alert("Verified   " + decrypted);
    })
    .catch(function(err) {
        console.error(err);
    });

Download the sample code here
Next Reading RSA-OAEP generateKey/Encrypt/Decrypt

Thanku for reading !!! Give a Share for Support

Asking for donation sound bad to me, so i'm raising fund from by offering all my Nine book for just $9



python Cryptography Topics
Topics
For Coffee/ Beer/ Amazon Bill and further development of the project Support by Purchasing, The Modern Cryptography CookBook for Just $9 Coupon Price

Kubernetes for DevOps

Hello Dockerfile

Cryptography for Python Developers

Cryptography for JavaScript Developers

Go lang ryptography for Developers

Here