Digital signature in Node.js

What is a digital signature?

In short it is a piece of data sent by the sender to the receiver to establish the identity of the sender. Upon receiving the data, receiver can identify if the sender is the one it says it is.

It is made possible by making use of Asymmetric Cryptography. Sender encrypts some data with the private key, to generate the signature. The signature and public key will be sent to the receiver. Receiver decrypts the signature using the public key and compares the decrypted value, to the expected data (data encrypted by the sender). Both the sender and receiver has to agree beforehand, on what will be the data they would be using.

Wiki Link: Digital Signature

Node.js Implementation - Sender

const crypto = require('crypto');
const privateKey = `-----BEGIN RSA PRIVATE KEY-----MIICXQIBAAKBgQDCtTEic76GBqUetJ1XXrrWZcxd8vJr2raWRqBjbGpSzLqa3YLvVxVeK49iSlI+5uLX/2WFJdhKAWoqO+03oH4TDSupolzZrwMFSylxGwR5jPmoNHDMS3nnzUkBtdr3NCfq1C34fQV0iUGdlPtJaiiTBQPMt4KUcQ1TaazB8TzhqwIDAQABAoGAM8WeBP0lwdluelWoKJ0lrPBwgOKilw8W0aqB5y3ir5WEYL1ZnW5YXivS+l2stNELrEdapSbE9hieNBCvKMViABQXj4DRw5Dgpfz6Hc8XIzoEl68DtxL313EyouZDjOiOGWW5UTBatLh05Fa5rh0FbZn8GsHrA6nhz4Fg2zGzpyECQQDi8rN6qhjEk5If+fOBT+kjHZ/SLrH6OIeAJ+RYstjOfS0bWiM9Wvrhtr7DZkIUA5JNsmeANUGlCrQ2cBJU2cJJAkEA26HyehCmnCkCjit7s8g3MdT0ys5WvrAFO6z3+kCbCAsGS+34EgnFyz8dDdfUYP410R5+9Cs/RkYesqindsvEUwJBALCmQVXFeKnqQ99n60ZIMSwILxKnDhm6Tp5Obssryt5PSQD1VGC5pHZ0jGAEBIMXlJWtvCprScFxZ3zIFzy8kyECQQDBlUhHVo3DblIWRTVPDNW5Ul5AswW6JSM3qgkXxgHfYPg3zJOuMnbn4cUWAnnq06VToHF9fPDUW9GK3yRbjNaJAkAB2Al6yY0KUhYLtWoEpQ40HlATbhNel2cn5WNs6Y5F2hedvWdhS/zLzbtbSlOegp00d2/7IBghAfjAc3DE9DZw-----END RSA PRIVATE KEY-----`;
const publicKey = `-----BEGIN PUBLIC KEY-----MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCtTEic76GBqUetJ1XXrrWZcxd8vJr2raWRqBjbGpSzLqa3YLvVxVeK49iSlI+5uLX/2WFJdhKAWoqO+03oH4TDSupolzZrwMFSylxGwR5jPmoNHDMS3nnzUkBtdr3NCfq1C34fQV0iUGdlPtJaiiTBQPMt4KUcQ1TaazB8TzhqwIDAQAB-----END PUBLIC KEY-----`;
//Sender creates the signature using the private key
const data = 'a' + 'b';
const signer = crypto.createSign('sha256');
signer.update(data);
const signature = signer.sign(privateKey,'base64');
console.log(signature);//UszR3gGQKsc6w93kqg8aTYpOaGDiFHSOapCaT6wvMQy1wlCqn8v7lWN1q6P01AhhhCII3ar9ykmVCk+CfCSrbXsxIIORtnLWePugekKgyqvVc8HylYt1MPsttr22vhCe7fxD7kytH9H/scJakk9mFEnPjswVwxvo0Z4mPQP2uj8=
//Now the signature and public key will be sent to the receiver

Node.js Implementation - Receiver

const crypto = require('crypto'); //public key received from sender
const publicKey = `-----BEGIN PUBLIC KEY-----MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCtTEic76GBqUetJ1XXrrWZcxd8vJr2raWRqBjbGpSzLqa3YLvVxVeK49iSlI+5uLX/2WFJdhKAWoqO+03oH4TDSupolzZrwMFSylxGwR5jPmoNHDMS3nnzUkBtdr3NCfq1C34fQV0iUGdlPtJaiiTBQPMt4KUcQ1TaazB8TzhqwIDAQAB-----END PUBLIC KEY-----`;
//signature received from sender
const signature = `UszR3gGQKsc6w93kqg8aTYpOaGDiFHSOapCaT6wvMQy1wlCqn8v7lWN1q6P01AhhhCII3ar9ykmVCk+CfCSrbXsxIIORtnLWePugekKgyqvVc8HylYt1MPsttr22vhCe7fxD7kytH9H/scJakk9mFEnPjswVwxvo0Z4mPQP2uj8=`;
const expected = 'a' + 'b';
const verifier = crypto.createVerify('sha256');
verifier.update(expected);
const valid = verifier.verify(publicKey, signature,'base64');
console.log(valid);//true






Comments

Popular posts from this blog

My First Full Marathon

My Second Full Marathon

ASP.Net Core saves me $4 a month!