Product
Introducing SSO
Streamline your login process and enhance security by enabling Single Sign-On (SSO) on the Socket platform, now available for all customers on the Enterprise plan, supporting 20+ identity providers.
crypto-sign
Advanced tools
Readme
const cryptoSign = require('crypto-sign');
http://sandbox.moneyone.in/digitalsign
const digiSign = cryptoSign.digitalSignature;
/**
* API Signature
*/
// Sample public key from CR
let pub_jwk={
kty: 'RSA',
n: 'q3jotq3fX9nY9G89hdQCGPPZspzPpjjr5MO3qJRRhhPR7GDN1pgVAWoPHJlzx9Uvu43jgMKDU-f_05hbM-cIcs8JjEtbhsus6iJ5WbZUN7o9SwroDpCMTHaEf14CKzsk1088_Ub9ITX8769da2NLWvtiP6jmt0gauf60hY9iwY3BRnE91aL_Wd_CIXuS9pouCHeUP9CyNYWt8sdAoycuiv9utaRSTdLRrjcOmo-kWu4LtQnnZPD9SIlsGZi-t_ifbyLNPxz1CK2mY9oko2GE-aFkfHUI-1TACids1Y8fv1NACRGjMU4HsvuFjoNrYgxwTE8TDzwDNDnhJ-4tzULUBw',
e: 'AQAB',
alg: 'RS256',
kid: '90441819-9044-4856-b0ee-8c88035f4856',
use: 'sig'
};
//Initializing Digital Signature
let digiSignConfig = digiSign.config({
"prikeyFilePath": "./sample_certs/om_private_key.pem", //<file,buffer>
"pubkeyFileObj": pub_jwk, //<Object> From CR
});
// Generate digital signature
let token_payload = {
"ver" : "1.0",
"txnid" : "0b811819-9044-4856-b0ee-8c88035f8858",
"consentId" : "XXXX-XXXX-XXXX-XXXX",
"status" : "ACTIVE",
"createTimestamp" : "2018-12-06T11:39:57.153Z"
};
let apiSignedToken = digiSignConfig.generateAPISign({ payload: JSON.stringify(token_payload)});//pass payload as string
console.log(`API signatured token is `, apiSignedToken);
//validate and decode payload
let digiSignTokenValidityAndDecode = digiSign.verifyAPISign({
"pubkeyFileObj": pub_jwk, //JSON object
"encStr": apiSignedToken.token,
"payload": JSON.stringify(token_payload) //pass as string
});
console.log(`[TOKEN] API signatured token validate and decode payload \n `, digiSignTokenValidityAndDecode);
//validate payload
let digiSignTokenValidity = digiSign.verifyJWSSignature({
"pubkeyFileObj": pub_jwk, //JSON object
"encStr": apiSignedToken.token,
"header":"header"
});
console.log(`[TOKEN] API signatured token validation \n `, digiSignTokenValidity);
/**
* Consent Signature
*/
// Generate digital signature
let consent_payload = {
"ver": "1.0",
"txnid": "0b811819-9044-4856-b0ee-8c88035f8858",
"consentId": "XXXX-XXXX-XXXX-XXXX",
"status": "ACTIVE",
"createTimestamp": "2018-12-06T11:39:57.153Z"
};
let encryptedConsent = digiSignConfig.encryptConsent({ payload: consent_payload});//pass consent_payload as JSON Object
console.log(`Consent signature is `, encryptedConsent.signedConsent);
//Validate
let decryptedConsent = digiSign.decryptConsent({
"pubkeyFileObj": pub_jwk, //JSON object
"encStr": encryptedConsent.signedConsent,
});
console.log(`decrypted Consent is as string is `, decryptedConsent);
/**
* Get kid from signature
*/
let extractedKid=digiSign.getKidFromSign({sign:apiSignedToken.token});
console.log(`extractedKid is `,extractedKid);
/**
* Generate Hybrid Token
*/
let generatedHybridToken= digiSignConfig.generateJWTHybridToken(
{
"payload": { "iss": "FIU", "iat": (new Date().getTime() / 1000).toString().split('.')[0] }
})
console.log(`generatedHybridToken :: `, generatedHybridToken);
prepare config file "digi_certs.ts". config private .pem file and then export it to use any where in the application.
const fs = require('fs')
const digiSign = require('crypto-sign').digitalSignature;
//Initializing Digital Signature
const DigitalSignatureConfig= digiSign.config({
"prikeyFilePath": process.cwd()+"/app/assets/digi-sign/digiSign_private_key.pem", // required
"pubkeyFileObj": pub_jwk, //<Object> From CR
});
export {DigitalSignatureConfig, digiSign}
Methods to Generate and Verify the Enterprise Level Payload Encryption, Digi Sign and AccessToken
const eisSignature = require('crypto-sign').eisSignature;
let sampleData={ "name": "Onemoney AA", "id": "onmoney" };
let GeneratePayloadEncNSign = eisSignature.eisGeneratePayloadEncNSign({
"payload":sampleData,
"ourPrivateKey":process.cwd()+"/test/sample_certs/eisSign_prvKey.pem" ,
"remotePublicKey":process.cwd()+"/test/sample_certs/eisSign_pubKey.pem"
});
console.log(`[ENCRYPT] GeneratePayloadEncNSign`, GeneratePayloadEncNSign);
let VerifyPayloadEncNSign = eisSignature.eisVerifyPayloadEncNSign({
"payload_enc": GeneratePayloadEncNSign.payload_enc,
"payload_sign": GeneratePayloadEncNSign.payload_sign,
"Nonce": GeneratePayloadEncNSign.Nonce,
"iv": GeneratePayloadEncNSign.iv,
"remotePublicKey":process.cwd()+"/test/sample_certs/eisSign_pubKey.pem"
});
console.log(`[DECRYPT] VerifyPayloadEncNSign `, VerifyPayloadEncNSign);
let generatePayloadEncNSignGen6 = eisSignature.eisGeneratePayloadEncNSignGen6({
"payload":sampleData,
"ourPrivateKey":process.cwd()+"/test/sample_certs/eisSign_prvKey.pem" ,
"remotePublicKey":process.cwd()+"/test/sample_certs/eisSign_pubKey.pem"
});
console.log(`[ENCRYPT] generatePayloadEncNSignGen6`, generatePayloadEncNSignGen6);
let verifyPayloadEncNSignGen6 = eisSignature.eisVerifyPayloadEncNSignGen6({
"payload_enc": generatePayloadEncNSignGen6.payload_enc,
"payload_sign": generatePayloadEncNSignGen6.payload_sign,
"Nonce": generatePayloadEncNSignGen6.Nonce,
"iv": generatePayloadEncNSignGen6.iv,
"remotePublicKey":process.cwd()+"/test/sample_certs/eisSign_pubKey.pem"
});
console.log(`[DECRYPT] verifyPayloadEncNSignGen6 `, verifyPayloadEncNSignGen6);
let GeneratePayloadEncNSignWithAccessToken = eisSignature.eisGeneratePayloadEncNSignWithAccessToken({
"accessToken":GeneratePayloadEncNSign.access_token,
"payload": sampleData,
"ourPrivateKey": process.cwd() + "/test/sample_certs/eisSign_prvKey.pem",
"remotePublicKey": process.cwd() + "/test/sample_certs/eisSign_pubKey.pem"
});
console.log(`[ENCRYPT] GeneratePayloadEncNSign`, GeneratePayloadEncNSignWithAccessToken);
let VerifyPayloadEncNSignWithAccessToken = eisSignature.eisVerifyPayloadEncNSignWithAccessToken({
"accessToken":GeneratePayloadEncNSign.access_token,
"payload_enc": GeneratePayloadEncNSignWithAccessToken.payload_enc,
"payload_sign": GeneratePayloadEncNSignWithAccessToken.payload_sign,
"ourPrivateKey": process.cwd() + "/test/sample_certs/eisSign_prvKey.pem",
"remotePublicKey": process.cwd() + "/test/sample_certs/eisSign_pubKey.pem"
});
console.log(`[DECRYPT] VerifyPayloadEncNSignWithAccessToken `, VerifyPayloadEncNSignWithAccessToken);
//YONO Reverse API AES ENC
let GeneratePayloadEncNSignWithAccessTokenForYONO = eisSignature.yonoGeneratePayloadEncNSignWithAccessToken({
"payload": sampleData,
"ourPrivateKey": process.cwd() + "/test/sample_certs/jwt_hybrid/ours/eisSign_prvKey.pem",
"remotePublicKey": process.cwd() + "/test/sample_certs/jwt_hybrid/yono_eisSign_pubKey.pem"
});
console.log(`[ENCRYPT] GeneratePayloadEncNSignWithAccessTokenForYONO `, GeneratePayloadEncNSignWithAccessTokenForYONO);
const JWT= cryptoSign.JWT;
let payload={"fipId":"1"};
let apiSecretKey="1234567";
let jwtoken= cryptoSign.JWT.createJwtToken(payload, apiSecretKey, "730d");
console.log("jwtoken is ", jwtoken);
let jwtoken_desc= cryptoSign.JWT.verifyJwtToken(jwtoken, apiSecretKey);
console.log("decrypted jwtoken is ", jwtoken_desc);
let clientId="";//paste clientId here
let clientSecret="";//paste clientSecret here
let aesDetails=rbihEnc.encryptNGenerateAes({payload: clientId});
let clientSecretEnc=rbihEnc.encryptNGenerateAes({payload: clientSecret, Nonce: aesDetails.Nonce, iv: aesDetails.iv});
let clientIdEnc=aesDetails.payload_enc;
let pubKeyPath=fs.readFileSync(process.cwd()+"/sample_certs/rbih_uat/public.pem");
let ivEnc= rbihEnc.rsaEncrypt(aesDetails.iv,pubKeyPath);//enc sessionId
let nonceEnc= rbihEnc.rsaEncrypt(aesDetails.Nonce,pubKeyPath);//enc sessionKey
FAQs
REST API Signature crypto mechanisum for NBFC Data at rest Security and EIS ENC & DESC for channels. RBIH level Cryptographic metohds.
The npm package crypto-sign receives a total of 8 weekly downloads. As such, crypto-sign popularity was classified as not popular.
We found that crypto-sign demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Streamline your login process and enhance security by enabling Single Sign-On (SSO) on the Socket platform, now available for all customers on the Enterprise plan, supporting 20+ identity providers.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.