RSA

import { RSA } from "https://deno.land/x/god_crypto/rsa.ts";

Overview

Usage
References
Examples
- Sign and Verify with RS256 for JWT

Usage

import { RSA } from "https://deno.land/x/god_crypto/rsa.ts";

const publicKey = RSA.parseKey(Deno.readTextFileSync("./public.pem"));
const cipher = await new RSA(publicKey).encrypt("Hello World");
console.log(ciper.base64());

const privateKey = RSA.parseKey(Deno.readTextFileSync("./private.pem"));
const plain = await new RSA(privateKey).decrypt(cipher);
console.log(plain.toString());

References

Import with `parseKey`

RSA.parseKey(key: string);

Example:

const pem = `-----BEGIN PUBLIC KEY-----
  MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzyis1ZjfNB0bBgKFMSv
  vkTtwlvBsaJq7S5wA+kzeVOVpVWwkWdVha4s38XM/pa/yr47av7+z3VTmvDRyAHc
  aT92whREFpLv9cj5lTeJSibyr/Mrm/YtjCZVWgaOYIhwrXwKLqPr/11inWsAkfIy
  tvHWTxZYEcXLgAXFuUuaS3uF9gEiNQwzGTU1v0FqkqTBr4B8nW3HCN47XUu0t8Y0
  e+lf4s4OxQawWD79J9/5d3Ry0vbV3Am1FtGJiJvOwRsIfVChDpYStTcHTCMqtvWb
  V6L11BWkpzGXSW4Hv43qa+GSYOD2QU68Mb59oSk2OB+BtOLpJofmbGEGgvmwyCI9
  MwIDAQAB
  -----END PUBLIC KEY-----`;

const publicKey = RSA.parseKey(pem);

constructor

new RSA(key)

Take either public or private key generated by RSA.parseKey.

encrypt

const rsa = new RSA(key);
await rsa.encrypt(message, options);

Parameters	Default	Description
`message`		Message to encrypt. Take `Uint8Array` or `string`
`options`
`>>options.padding`	`oaep`	Padding. Support two padding: `pkcs1` and `oaep`
`>>options.hash`	`sha256`	Hash algorithm used in mask generation function. Support `sha1`, `sha256`, and `sha512` Applied only `oaep` padding mode

Example

const rsa = new RSA(publicKey);
await rsa.encrypt("Hello World");
await rsa.encrypt("Hello World", { hash: "sha1" });
await rsa.encrypt("Hello World", { padding: "pkcs1" });

(await rsa.encrypt("Hello World")).hex();
(await rsa.encrypt("Hello World")).base64();

decrypt

const rsa = new RSA(key);
await rsa.decrypt(cipher, options);

Parameters	Default	Description
`cipher`		`Uint8Array` Cipher text to decrypt
`options`
`>>options.padding`	`oaep`	Padding. Support two padding: `pkcs1` and `oaep`
`>>options.hash`	`sha256`	Hash algorithm used in mask generation function. Support `sha1`, `sha256`, and `sha512` Applied only `oaep` padding mode

Example

const cipher = await new RSA(publicKey).encrypt("Hello World");
const plain = await new RSA(privateKey).decrypt(cipher);

sign

const rsa = new RSA(key);
await rsa.sign(message, options);

Parameters	Default	Description
`message`		Message to sign. Take `Uint8Array` or `string`
`options`
`>>options.algorithm`	`rsassa-pkcs1-v1_5`	`rsassa-pkcs1-v1_5` and `rsassa-pss`
`>>options.hash`	`sha256`	`sha1`, `sha256`, and `sha512`

Example

const rsa = new RSA(privateKey);
await rsa.sign("Hello World");

// Convert it to different encoding
(await rsa.sign("Hello World")).hex();
(await rsa.sign("Hello World")).base64();
(await rsa.sign("Hello World")).base64url();

verify

const rsa = new RSA(key);
await rsa.verify(signature, message, options);

Parameters	Default	Description
`signature`		Signature in `Uint8Array`
`message`		Message to verify. Take `Uint8Array` or `string`
`options`
`>>options.algorithm`	`rsassa-pkcs1-v1_5`	`rsassa-pkcs1-v1_5` and `rsassa-pss`
`>>options.hash`	`sha256`	`sha1`, `sha256`, and `sha512`

Example

const signature = await new RSA(privateKey).sign("Hello World");
await new RSA(privateKey).verify(signature, "Hello World");

Examples

Sign and Verify with RS256 for JWT

Verifying JSON Web Token (JWT)

import { RSA }    from "https://deno.land/x/god_crypto/rsa.ts";
import { encode}  from "https://deno.land/x/god_crypto/encode.ts";

const jwt =
  "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiw" +
  "iYWRtaW4iOnRydWUsImlhdCI6MTUxNjIzOTAyMn0.POstGetfAytaZS82wHcjoTyoqhMyxXiWdR7Nn7A29DNSl0E" +
  "iXLdwJ6xC6AfgZWF1bOsS_TuYI3OG85AmiExREkrS6tDfTQ2B3WXlrr-wp5AokiRbz3_oB4OxG-W9KcEEbDRcZc0" +
  "nH3L7LzYptiy1PtAylQGxHTWZXtGz4ht0bAecBgmpdgXMguEIcoqPJ1n3pIWk_dUZegpqx0Lka21H6XxUTxiy8Oc" +
  "aarA8zdnPUnV6AmNP3ecFawIFYdvJB_cm-GvpCSbr8G8y_Mllj8f4x9nBH8pQux89_6gUY618iYv7tuPWBFfEbLx" +
  "tF2pZS6YC1aSfLQxeNe8djT9YjpvRZA";

const publicKey = `-----BEGIN PUBLIC KEY-----
  MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzyis1ZjfNB0bBgKFMSv
  vkTtwlvBsaJq7S5wA+kzeVOVpVWwkWdVha4s38XM/pa/yr47av7+z3VTmvDRyAHc
  aT92whREFpLv9cj5lTeJSibyr/Mrm/YtjCZVWgaOYIhwrXwKLqPr/11inWsAkfIy
  tvHWTxZYEcXLgAXFuUuaS3uF9gEiNQwzGTU1v0FqkqTBr4B8nW3HCN47XUu0t8Y0
  e+lf4s4OxQawWD79J9/5d3Ry0vbV3Am1FtGJiJvOwRsIfVChDpYStTcHTCMqtvWb
  V6L11BWkpzGXSW4Hv43qa+GSYOD2QU68Mb59oSk2OB+BtOLpJofmbGEGgvmwyCI9
  MwIDAQAB
  -----END PUBLIC KEY-----`;

const [header, payload, signature] = jwt.split(".");

const key = RSA.parseKey(publicKey);
const rsa = new RSA(key);

console.log(await rsa.verify(
  encode.base64url(signature),
  header + "." + payload,
  { algorithm: "rsassa-pkcs1-v1_5", hash: "sha256" },
));

Signing JSON Web Token (JWT)

const privateKey = `-----BEGIN RSA PRIVATE KEY-----
  MIIEogIBAAKCAQEAnzyis1ZjfNB0bBgKFMSvvkTtwlvBsaJq7S5wA+kzeVOVpVWw
  kWdVha4s38XM/pa/yr47av7+z3VTmvDRyAHcaT92whREFpLv9cj5lTeJSibyr/Mr
  m/YtjCZVWgaOYIhwrXwKLqPr/11inWsAkfIytvHWTxZYEcXLgAXFuUuaS3uF9gEi
  NQwzGTU1v0FqkqTBr4B8nW3HCN47XUu0t8Y0e+lf4s4OxQawWD79J9/5d3Ry0vbV
  3Am1FtGJiJvOwRsIfVChDpYStTcHTCMqtvWbV6L11BWkpzGXSW4Hv43qa+GSYOD2
  QU68Mb59oSk2OB+BtOLpJofmbGEGgvmwyCI9MwIDAQABAoIBACiARq2wkltjtcjs
  kFvZ7w1JAORHbEufEO1Eu27zOIlqbgyAcAl7q+/1bip4Z/x1IVES84/yTaM8p0go
  amMhvgry/mS8vNi1BN2SAZEnb/7xSxbflb70bX9RHLJqKnp5GZe2jexw+wyXlwaM
  +bclUCrh9e1ltH7IvUrRrQnFJfh+is1fRon9Co9Li0GwoN0x0byrrngU8Ak3Y6D9
  D8GjQA4Elm94ST3izJv8iCOLSDBmzsPsXfcCUZfmTfZ5DbUDMbMxRnSo3nQeoKGC
  0Lj9FkWcfmLcpGlSXTO+Ww1L7EGq+PT3NtRae1FZPwjddQ1/4V905kyQFLamAA5Y
  lSpE2wkCgYEAy1OPLQcZt4NQnQzPz2SBJqQN2P5u3vXl+zNVKP8w4eBv0vWuJJF+
  hkGNnSxXQrTkvDOIUddSKOzHHgSg4nY6K02ecyT0PPm/UZvtRpWrnBjcEVtHEJNp
  bU9pLD5iZ0J9sbzPU/LxPmuAP2Bs8JmTn6aFRspFrP7W0s1Nmk2jsm0CgYEAyH0X
  +jpoqxj4efZfkUrg5GbSEhf+dZglf0tTOA5bVg8IYwtmNk/pniLG/zI7c+GlTc9B
  BwfMr59EzBq/eFMI7+LgXaVUsM/sS4Ry+yeK6SJx/otIMWtDfqxsLD8CPMCRvecC
  2Pip4uSgrl0MOebl9XKp57GoaUWRWRHqwV4Y6h8CgYAZhI4mh4qZtnhKjY4TKDjx
  QYufXSdLAi9v3FxmvchDwOgn4L+PRVdMwDNms2bsL0m5uPn104EzM6w1vzz1zwKz
  5pTpPI0OjgWN13Tq8+PKvm/4Ga2MjgOgPWQkslulO/oMcXbPwWC3hcRdr9tcQtn9
  Imf9n2spL/6EDFId+Hp/7QKBgAqlWdiXsWckdE1Fn91/NGHsc8syKvjjk1onDcw0
  NvVi5vcba9oGdElJX3e9mxqUKMrw7msJJv1MX8LWyMQC5L6YNYHDfbPF1q5L4i8j
  8mRex97UVokJQRRA452V2vCO6S5ETgpnad36de3MUxHgCOX3qL382Qx9/THVmbma
  3YfRAoGAUxL/Eu5yvMK8SAt/dJK6FedngcM3JEFNplmtLYVLWhkIlNRGDwkg3I5K
  y18Ae9n7dHVueyslrb6weq7dTkYDi3iOYRW8HRkIQh06wEdbxt0shTzAJvvCQfrB
  jg/3747WSsf/zBTcHihTRBdAv6OmdhV4/dD5YBfLAkLrd+mX7iE=
  -----END RSA PRIVATE KEY-----`;

const key = RSA.parseKey(privateKey);
const rsa = new RSA(key);

const header = "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9"
const payload = "eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWUsImlhdCI6MTUxNjIzOTAyMn0";
const signature = await rsa.sign(
  header + "." + payload,
  { algorithm: "rsassa-pkcs1-v1_5", hash: "sha256" },
);

console.log(header + "." + payload+ "." + signature);

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

RSA

Overview

Usage

References

Import with `parseKey`

constructor

encrypt

decrypt

sign

verify

Examples

Sign and Verify with RS256 for JWT

About

Reference

Utility

Clone this wiki locally

RSA

Overview

Usage

References

Import with parseKey

constructor

encrypt

decrypt

sign

verify

Examples

Sign and Verify with RS256 for JWT

About

Reference

Utility

Clone this wiki locally

Import with `parseKey`