Digital signature in Node.js

-

What is a digital signature?

In short it is a piece of data sent by the sender to the receiver to establish the identity of the sender. Upon receiving the data, receiver can identify if the sender is the one it says it is.

It is made possible by making use of Asymmetric Cryptography. Sender encrypts some data with the private key, to generate the signature. The signature and public key will be sent to the receiver. Receiver decrypts the signature using the public key and compares the decrypted value, to the expected data (data encrypted by the sender). Both the sender and receiver has to agree beforehand, on what will be the data they would be using.

Wiki Link: Digital Signature

Node.js Implementation - Sender

const crypto = require('crypto');
const privateKey = `-----BEGIN RSA PRIVATE KEY-----MIICXQIBAAKBgQDCtTEic76GBqUetJ1XXrrWZcxd8vJr2raWRqBjbGpSzLqa3YLvVxVeK49iSlI+5uLX/2WFJdhKAWoqO+03oH4TDSupolzZrwMFSylxGwR5jPmoNHDMS3nnzUkBtdr3NCfq1C34fQV0iUGdlPtJaiiTBQPMt4KUcQ1TaazB8TzhqwIDAQABAoGAM8WeBP0lwdluelWoKJ0lrPBwgOKilw8W0aqB5y3ir5WEYL1ZnW5YXivS+l2stNELrEdapSbE9hieNBCvKMViABQXj4DRw5Dgpfz6Hc8XIzoEl68DtxL313EyouZDjOiOGWW5UTBatLh05Fa5rh0FbZn8GsHrA6nhz4Fg2zGzpyECQQDi8rN6qhjEk5If+fOBT+kjHZ/SLrH6OIeAJ+RYstjOfS0bWiM9Wvrhtr7DZkIUA5JNsmeANUGlCrQ2cBJU2cJJAkEA26HyehCmnCkCjit7s8g3MdT0ys5WvrAFO6z3+kCbCAsGS+34EgnFyz8dDdfUYP410R5+9Cs/RkYesqindsvEUwJBALCmQVXFeKnqQ99n60ZIMSwILxKnDhm6Tp5Obssryt5PSQD1VGC5pHZ0jGAEBIMXlJWtvCprScFxZ3zIFzy8kyECQQDBlUhHVo3DblIWRTVPDNW5Ul5AswW6JSM3qgkXxgHfYPg3zJOuMnbn4cUWAnnq06VToHF9fPDUW9GK3yRbjNaJAkAB2Al6yY0KUhYLtWoEpQ40HlATbhNel2cn5WNs6Y5F2hedvWdhS/zLzbtbSlOegp00d2/7IBghAfjAc3DE9DZw-----END RSA PRIVATE KEY-----`;
const publicKey = `-----BEGIN PUBLIC KEY-----MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCtTEic76GBqUetJ1XXrrWZcxd8vJr2raWRqBjbGpSzLqa3YLvVxVeK49iSlI+5uLX/2WFJdhKAWoqO+03oH4TDSupolzZrwMFSylxGwR5jPmoNHDMS3nnzUkBtdr3NCfq1C34fQV0iUGdlPtJaiiTBQPMt4KUcQ1TaazB8TzhqwIDAQAB-----END PUBLIC KEY-----`;
//Sender creates the signature using the private key
const data = 'a' + 'b';
const signer = crypto.createSign('sha256');
signer.update(data);
const signature = signer.sign(privateKey,'base64');
console.log(signature);//UszR3gGQKsc6w93kqg8aTYpOaGDiFHSOapCaT6wvMQy1wlCqn8v7lWN1q6P01AhhhCII3ar9ykmVCk+CfCSrbXsxIIORtnLWePugekKgyqvVc8HylYt1MPsttr22vhCe7fxD7kytH9H/scJakk9mFEnPjswVwxvo0Z4mPQP2uj8=
//Now the signature and public key will be sent to the receiver

Node.js Implementation - Receiver

const crypto = require('crypto'); //public key received from sender
const publicKey = `-----BEGIN PUBLIC KEY-----MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCtTEic76GBqUetJ1XXrrWZcxd8vJr2raWRqBjbGpSzLqa3YLvVxVeK49iSlI+5uLX/2WFJdhKAWoqO+03oH4TDSupolzZrwMFSylxGwR5jPmoNHDMS3nnzUkBtdr3NCfq1C34fQV0iUGdlPtJaiiTBQPMt4KUcQ1TaazB8TzhqwIDAQAB-----END PUBLIC KEY-----`;
//signature received from sender
const signature = `UszR3gGQKsc6w93kqg8aTYpOaGDiFHSOapCaT6wvMQy1wlCqn8v7lWN1q6P01AhhhCII3ar9ykmVCk+CfCSrbXsxIIORtnLWePugekKgyqvVc8HylYt1MPsttr22vhCe7fxD7kytH9H/scJakk9mFEnPjswVwxvo0Z4mPQP2uj8=`;
const expected = 'a' + 'b';
const verifier = crypto.createVerify('sha256');
verifier.update(expected);
const valid = verifier.verify(publicKey, signature,'base64');
console.log(valid);//true






Comments

Post a Comment

Popular posts from this blog

My First Full Marathon

-
Image
Marathon Thoughts It was the first week of August 2017. My last run was on January 2017 after which I had knee pain and was diagnosed with meniscus strain. So I was mostly on rest since then, in the sense I did no running and very less badminton. I t was towards the end of July when I saw a youtube video of David Goggins . He was a navy seal and he explains how he had to do a 24 hour 100 mile run with shin splits and stress fractures in the last 20 miles of the race. It was appalling to me the way he pushed himself that last 20 miles. I had always dreamt of running a full marathon after having done 5 half marathons. David Goggins was doing 100 miles while a full marathon is just 26.2 miles. Am I not strong enough to do a full marathon? I had thought myself to be a tough person and running the marathon would be a good enough test. So the motivational talk by David Goggins was a good reason, that implanted in me the idea of running the Wipro Chennai Marathon 2017 . Another re
Read more

My Second Full Marathon

-
Image
This is the second time I'm doing a Full Marathon (FM). And when compared to the first one , this is way less dramatic (only 2 months training compared to 4 months and no injury scares/doubt of participation) and hence the post itself is much smaller. Marathon Thoughts It is October. I guess the registration for SPCM 2020 has started. I'm thinking. It's been around 2 years since I did my first FM. I did a Half Marathon (HM) in July (DRHM 2019) and achieved a respectable timing of 2.04 hours. Should I improve my HM timing or do a second FM ? I did my first FM in 5.15 and I thought there is definitely good scope of improving that time. Panneer (friend of mine and an ultra runner) was also pushing me to do FM in SPCM 2020. Okay, I I will do another FM and probably bring my time  under 5 hours.  But the training needed for FM is too long and much difficult when compared to HM.  By Googling, I found a short 8 week (2 month) training plan for FM . I made slight modi
Read more

ASP.Net Core saves me $4 a month!

-
Image
Background It has been more than 2 years since my website www.codingsoldier.com was conceived. It was created in ASP.Net MVC. Since then the site has evolved a lot technology wise. The website is used as a repository of my studies, as a means to publish my technical thoughts and also a place where I can try out the technologies/areas that I don’t usually get to do as part of my regular office work like full time DevOps or migrating sites to newer technologies without having to convince the management. Technology Migration History Initially created in ASP.Net MVC with SQL server as the database. Site was hosted in IIS in a windows server. It was migrated to Node.Js + Express and later to Node.js + React. Database was MongoDb and site hosted in Node in a windows server. Of late, the site has been migrated to ASP.Net core with SQLite as the Database. Site runs on a Linux instance, with Kestrel as the web server and Nginx as the Reverse Proxy. Migrating to ASP.Net Core
Read more