Created
February 11, 2024 18:52
-
-
Save richhh7g/3463fafaf6b02991dee1c5f017d4f70a to your computer and use it in GitHub Desktop.
NodeJs - Create PrivateKey and PublicKey
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// npx ts-node generate-keys.ts | |
import crypto, { KeyObject } from "crypto"; | |
import fs from "fs"; | |
import { isKeyObject } from "util/types"; | |
enum EncryptionAlgorithm { | |
AES_128_CBC = "aes-128-cbc", | |
AES_192_CBC = "aes-192-cbc", | |
AES_256_CBC = "aes-256-cbc", | |
AES_128_ECB = "aes-128-ecb", | |
AES_192_ECB = "aes-192-ecb", | |
AES_256_ECB = "aes-256-ecb", | |
DES_CBC = "des-cbc", | |
DES_EDE3_CBC = "des-ede3-cbc", | |
RC4 = "rc4", | |
RC4_40 = "rc4-40", | |
RC2_CBC = "rc2-cbc", | |
RC2_40_CBC = "rc2-40-cbc", | |
BLOWFISH_CBC = "bf-cbc", | |
CAST_CBC = "cast-cbc", | |
IDEA_CBC = "idea-cbc", | |
} | |
interface VerifySignatureParams { | |
publicKey: string | KeyObject; | |
privateKey: string | KeyObject; | |
passphrase: string; | |
} | |
interface GenerateRSAKeyPairParams { | |
passphrase: string; | |
keyLength: number; | |
cipher?: EncryptionAlgorithm; | |
} | |
const passphrase = "senha super secreta"; | |
const generatePublicKeyObject = (privateKeyObject: KeyObject) => | |
crypto.createPublicKey(privateKeyObject); | |
const generateRSAKeyPair = (params: GenerateRSAKeyPairParams) => { | |
const { passphrase, keyLength, cipher } = params; | |
return crypto.generateKeyPairSync("rsa", { | |
modulusLength: keyLength, | |
publicKeyEncoding: { | |
type: "spki", | |
format: "pem", | |
}, | |
privateKeyEncoding: { | |
passphrase, | |
type: "pkcs8", | |
format: "pem", | |
cipher: cipher || EncryptionAlgorithm.AES_256_CBC, | |
}, | |
}); | |
}; | |
const exportKey = (fileName: string, key: string) => | |
fs.writeFileSync(fileName, key); | |
const verifySignature = (params: VerifySignatureParams) => { | |
const { publicKey, privateKey, passphrase } = params; | |
let publicKeyObject: KeyObject | null = null; | |
let privateKeyObject: KeyObject | null = null; | |
if (!isKeyObject(publicKey) && !isKeyObject(privateKey)) { | |
privateKeyObject = crypto.createPrivateKey({ | |
passphrase, | |
key: privateKey, | |
format: "pem", | |
type: "pkcs8", | |
}); | |
publicKeyObject = crypto.createPublicKey({ | |
key: publicKey, | |
type: "spki", | |
format: "pem", | |
}); | |
} else { | |
publicKeyObject = publicKey as KeyObject; | |
privateKeyObject = privateKey as KeyObject; | |
} | |
const sign = crypto.createSign("SHA256"); | |
const signature = sign.sign(privateKeyObject, "hex"); | |
const verify = crypto.createVerify("SHA256"); | |
const isVerified = verify.verify(publicKeyObject, signature, "hex"); | |
return isVerified; | |
}; | |
const keysPair = generateRSAKeyPair({ | |
passphrase, | |
keyLength: 4096, | |
}); | |
exportKey("public.pem", keysPair.publicKey); | |
exportKey("private.key", keysPair.privateKey); | |
const keysPairNew = generateRSAKeyPair({ | |
passphrase, | |
keyLength: 4096, | |
}); | |
exportKey("privateKeyNew.key", keysPairNew.privateKey); | |
const publicKey = fs.readFileSync("public.pem", "utf-8"); | |
const privateKey = fs.readFileSync("private.key", "utf-8"); | |
const privateKeyNew = fs.readFileSync("privateKeyNew.key", "utf-8"); | |
const validSignature = verifySignature({ | |
publicKey, | |
passphrase, | |
privateKey, | |
}); | |
console.info(validSignature); | |
const failSignature = verifySignature({ | |
publicKey, | |
passphrase, | |
privateKey: privateKeyNew, | |
}); | |
console.info(failSignature); | |
const privateKeyObject = crypto.createPrivateKey({ | |
passphrase, | |
key: privateKey, | |
format: "pem", | |
type: "pkcs8", | |
}); | |
const publicKeyNew = generatePublicKeyObject(privateKeyObject); | |
console.log(publicKeyNew.export({ format: "pem", type: "spki" })); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment