@meeco/cryppo
Version:
In-browser encryption and decryption. Clone of Ruby Cryppo
42 lines • 1.74 kB
JavaScript
import forge from 'node-forge';
import { binaryStringToBytes, bytesToBinaryString, decodeSafe64, encodeSafe64, keyLengthFromPrivateKeyPem, } from '../util.js';
const { md, pki } = forge;
export function signWithPrivateKey(privateKeyPem, data) {
const mdDigest = md.sha256.create();
const key = pki.privateKeyFromPem(privateKeyPem);
mdDigest.update(bytesToBinaryString(data));
const signature = key.sign(mdDigest);
const keySize = keyLengthFromPrivateKeyPem(privateKeyPem);
const serialized = `Sign.Rsa${keySize}.${encodeSafe64(signature)}.${encodeSafe64(bytesToBinaryString(data))}`;
return {
signature,
data,
keySize,
serialized,
};
}
export function loadRsaSignature(serializedPayload) {
const decomposedPayload = serializedPayload.split('.');
const [signed, signingStrategy, encodedSignature, encodedData] = decomposedPayload;
const regex = /Rsa\d{1,4}/g;
if (signed === 'Sign' && regex.test(signingStrategy)) {
const bits = parseInt(signingStrategy.replace('Rsa', ''), 10);
const data = decodeSafe64(encodedData);
return {
serialized: serializedPayload,
signature: decodeSafe64(encodedSignature),
data: binaryStringToBytes(data),
keySize: bits,
};
}
else {
throw new Error('String is not a serialized RSA signature');
}
}
export function verifyWithPublicKey(publicKeyPem, signatureObj) {
const key = pki.publicKeyFromPem(publicKeyPem);
const mdDigest = md.sha256.create();
mdDigest.update(bytesToBinaryString(signatureObj.data));
return key.verify(mdDigest.digest().bytes(), signatureObj.signature);
}
//# sourceMappingURL=rsa-signature.js.map