by Anish
Posted on Monday september 24, 2018
This sample chapter extracted from the book, Cryptography for JavaScript Developers.
The Web crypto api RSASSA-PKCS1-v1_5 algorithm identifier is used to perform signing and verification using the RSASSA-PKCS1-v1_5 algorithm specified in [RFC3447] and using the SHA hash functions defined in this specification.
This is the web cryptography api example of performing RSASSA-PKCS1-v1_5 message signing and verifying the signature, for the demo purpose the RSASSA-PKCS1-v1_5 keys are extracted in JWK format
Generate RSASSA-PKCS1-v1_5 Keys for the signing and verifying purpose, message signing is done through
window.crypto.subtle.generateKey({
name: "RSASSA-PKCS1-v1_5",
modulusLength: 2048, //can be 1024, 2048, or 4096
publicExponent: new Uint8Array([0x01, 0x00, 0x01]),
hash: {name: "SHA-256"}, //can be "SHA-1", "SHA-256", "SHA-384", or "SHA-512"
},
true, //whether the key is extractable (i.e. can be used in exportKey)
["sign", "verify"] //can be any combination of "sign" and "verify"
)
.then(function(key) {
publicKey = key.publicKey;
privateKey = key.privateKey;
// For Demo Purpos Only Exported in JWK format
window.crypto.subtle.exportKey("jwk", key.publicKey).then(
function(keydata) {
publicKeyhold = keydata;
publicKeyJson = JSON.stringify(publicKeyhold);
document.getElementById("rsapublic").value = publicKeyJson;
}
);
window.crypto.subtle.exportKey("jwk", key.privateKey).then(
function(keydata) {
privateKeyhold = keydata;
privateKeyJson = JSON.stringify(privateKeyhold);
document.getElementById("rsaprivate").value = privateKeyJson;
}
);
The sign process using the user private key.
window.crypto.subtle.sign({
name: "RSASSA-PKCS1-v1_5",
},
privateKey, //from generateKey or importKey above
asciiToUint8Array(plainText) //ArrayBuffer of data you want to sign
)
.then(function(signature) {
//returns an ArrayBuffer containing the signature
document.getElementById("cipherText").value = bytesToHexString(signature);
})
.catch(function(err) {
console.error(err);
});
})
.catch(function(err) {
console.error(err);
});
RSASSA-PKCS1-v1_5 Verify the message signature using the public key
window.crypto.subtle.verify({
name: "RSASSA-PKCS1-v1_5",
},
publicKey, //from generateKey or importKey above
hexStringToUint8Array(cipherText), //ArrayBuffer of the data
asciiToUint8Array(plainText)
)
.then(function(decrypted) {
alert("Verified " + decrypted);
})
.catch(function(err) {
console.error(err);
});
Thanku for reading !!! Give a Share for Support
Asking for donation sound bad to me, so i'm raising fund from by offering all my Nine book for just $9