What is node-rsa?
The node-rsa package is a Node.js library for RSA key generation, encryption, and decryption. It provides a simple and easy-to-use API for working with RSA keys and performing cryptographic operations.
What are node-rsa's main functionalities?
Key Generation
This feature allows you to generate a new RSA key pair. The code sample demonstrates how to create a 512-bit RSA key pair and export the public and private keys.
const NodeRSA = require('node-rsa');
const key = new NodeRSA({b: 512});
const publicKey = key.exportKey('public');
const privateKey = key.exportKey('private');
console.log('Public Key:', publicKey);
console.log('Private Key:', privateKey);
Encryption
This feature allows you to encrypt data using the RSA public key. The code sample shows how to encrypt a string message and output the encrypted data in base64 format.
const NodeRSA = require('node-rsa');
const key = new NodeRSA({b: 512});
const encrypted = key.encrypt('Hello, World!', 'base64');
console.log('Encrypted:', encrypted);
Decryption
This feature allows you to decrypt data using the RSA private key. The code sample demonstrates how to decrypt the previously encrypted message and output the original string.
const NodeRSA = require('node-rsa');
const key = new NodeRSA({b: 512});
const encrypted = key.encrypt('Hello, World!', 'base64');
const decrypted = key.decrypt(encrypted, 'utf8');
console.log('Decrypted:', decrypted);
Signing
This feature allows you to sign data using the RSA private key. The code sample shows how to create a digital signature for a string message and output the signature in base64 format.
const NodeRSA = require('node-rsa');
const key = new NodeRSA({b: 512});
const signature = key.sign('Hello, World!', 'base64');
console.log('Signature:', signature);
Verification
This feature allows you to verify a digital signature using the RSA public key. The code sample demonstrates how to verify the signature of a message and output whether the signature is valid.
const NodeRSA = require('node-rsa');
const key = new NodeRSA({b: 512});
const signature = key.sign('Hello, World!', 'base64');
const isVerified = key.verify('Hello, World!', signature, 'utf8', 'base64');
console.log('Verified:', isVerified);
Other packages similar to node-rsa
crypto
The 'crypto' module is a built-in Node.js module that provides cryptographic functionality, including RSA key generation, encryption, and decryption. It is more comprehensive and versatile compared to node-rsa, but also more complex to use.
ursa
The 'ursa' package is another Node.js library for RSA public/private key encryption and decryption. It offers similar functionalities to node-rsa but is less actively maintained and has fewer features.
node-forge
The 'node-forge' package is a comprehensive library for implementing various cryptographic operations, including RSA. It provides more features and flexibility compared to node-rsa, but with a steeper learning curve.
Node-RSA
Node.js RSA library
Based on jsbn library from Tom Wu http://www-cs-students.stanford.edu/~tjw/jsbn/
- Pure JavaScript
- No needed OpenSSL
- Generating keys
- Supports long messages for encrypt/decrypt
- Signing and verifying
Installing
npm install node-rsa
Testing
npm test
Usage
Create instance
var NodeRSA = require('node-rsa');
var key = new NodeRSA([key], [options]);
key - parameters of a generated key or the key in PEM format.
options - additional settings
- signingAlgorithm - algorithm used for signing and verifying. Default 'RSA-SHA256'
"Empty" key
var key = new NodeRSA();
Generate new key 512bit-length and with public exponent 65537
var key = new NodeRSA({b: 512});
Load key from PEM string
var key = new NodeRSA('-----BEGIN RSA PRIVATE KEY-----\n'+
'MIIBOQIBAAJAVY6quuzCwyOWzymJ7C4zXjeV/232wt2ZgJZ1kHzjI73wnhQ3WQcL\n'+
'DFCSoi2lPUW8/zspk0qWvPdtp6Jg5Lu7hwIDAQABAkBEws9mQahZ6r1mq2zEm3D/\n'+
'VM9BpV//xtd6p/G+eRCYBT2qshGx42ucdgZCYJptFoW+HEx/jtzWe74yK6jGIkWJ\n'+
'AiEAoNAMsPqwWwTyjDZCo9iKvfIQvd3MWnmtFmjiHoPtjx0CIQCIMypAEEkZuQUi\n'+
'pMoreJrOlLJWdc0bfhzNAJjxsTv/8wIgQG0ZqI3GubBxu9rBOAM5EoA4VNjXVigJ\n'+
'QEEk1jTkp8ECIQCHhsoq90mWM/p9L5cQzLDWkTYoPI49Ji+Iemi2T5MRqwIgQl07\n'+
'Es+KCn25OKXR/FJ5fu6A6A+MptABL3r8SEjlpLc=\n'+
'-----END RSA PRIVATE KEY-----');
Also you can use next methods:
key.generateKeyPair([bits], [exp]);
key.loadFromPEM(pem_string);
bits - key size in bits. 2048 by default.
exp - public exponent. 65537 by default.
Export keys
key.getPrivatePEM();
key.getPublicPEM();
Test key
key.isPrivate();
key.isPublic([strict]);
strict - if true method will return false if key pair have private exponent. Default false.
Encrypting/decrypting
key.encrypt(buffer, [encoding], [source_encoding]);
Return encrypted data.
buffer - data for encrypting, may be string, Buffer, or any object/array. Arrays and objects will encoded to JSON string first.
encoding - encoding for output result, may be 'buffer', 'binary', 'hex' or 'base64'. Default buffer.
source_encoding - source encoding, works only with string buffer. Can take standard Node.js Buffer encodings (hex, utf8, base64, etc). 'utf8' by default.
key.decrypt(buffer, [encoding]);
Return decrypted data.
buffer - data for decrypting. Takes Buffer object or base64 encoded string.
encoding - encoding for result string. Can also take 'buffer' for raw Buffer object, or 'json' for automatic JSON.parse result. Default 'buffer'.
Signing/Verifying
key.sign(buffer, [encoding], [source_encoding]);
Return signature for buffer. All the arguments are the same as for encrypt
method.
key.verify(buffer, signature, [source_encoding], [signature_encoding])
Return result of check, true or false.
buffer - data for check, same as encrypt
method.
signature - signature for check, result of sign
method.
source_encoding - same as for encrypt
method.
signature_encoding - encoding of given signature. May be 'buffer', 'binary', 'hex' or 'base64'. Default 'buffer'.
Contributing
Questions, comments, bug reports, and pull requests are all welcome.
License for NodeRSA.js
Copyright (c) 2014 rzcoder
All Rights Reserved.
BSD
Licensing for code used in rsa.js and jsbn.js
Copyright (c) 2003-2005 Tom Wu
All Rights Reserved.
Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the
"Software"), to deal in the Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish,
distribute, sublicense, and/or sell copies of the Software, and to
permit persons to whom the Software is furnished to do so, subject to
the following conditions:
The above copyright notice and this permission notice shall be
included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS-IS" AND WITHOUT WARRANTY OF ANY KIND,
EXPRESS, IMPLIED OR OTHERWISE, INCLUDING WITHOUT LIMITATION, ANY
WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
IN NO EVENT SHALL TOM WU BE LIABLE FOR ANY SPECIAL, INCIDENTAL,
INDIRECT OR CONSEQUENTIAL DAMAGES OF ANY KIND, OR ANY DAMAGES WHATSOEVER
RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER OR NOT ADVISED OF
THE POSSIBILITY OF DAMAGE, AND ON ANY THEORY OF LIABILITY, ARISING OUT
OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
In addition, the following condition applies:
All redistributions must retain an intact copy of this copyright notice
and disclaimer.