yukal/ssl_signature.js

## ssl_signature.js
// Create certificate
// https://www.akadia.com/services/ssh_test_certificate.html
//
// 1. Generate a Private Key
// openssl genrsa -des3 -out ssl.key 4096
//
// 2. Generate a CSR (Certificate Signing Request)
// openssl req -new -key ssl.key -out ssl.csr
//
// 3. Remove Passphrase from Key
// cp ssl.key ssl.key.org
// openssl rsa -in ssl.key.org -out ssl.key
//
// 4: Generating a Self-Signed Certificate
// openssl x509 -req -days 365 -in ssl.csr -signkey ssl.key -out ssl.crt
//
// 5. Creating a public key
// openssl rsa -in ssl.key -pubout -out ssl.pub


// index.js

const crypto = require('crypto');
const fs = require('fs');


// SERVER SIDE //

    const certificate = fs.readFileSync('keys/ssl.crt', 'utf-8');
    const privateKey = fs.readFileSync('keys/ssl.key', 'utf-8');
    const document = fs.readFileSync('data.txt', 'utf-8');

    // Create signature using a private key
    const signature = createFileSignature(document, privateKey, 'sha512');

    // Verify the signature using a certificate and a private key
    const vrf1 = verifyFileSignature(document, signature, privateKey, 'sha512');
    const vrf2 = verifyFileSignature(document, signature, certificate, 'sha512');

    process.stdout.write('SERVER SIDE: ');
    console.log(vrf1, vrf2, `\n${signature}\n`);


// CLIENT SIDE //

    const publicKey = fs.readFileSync('keys/ssl.pub', 'utf-8');

    // Verify the signature using a public key
    const vrf3 = verifyFileSignature(document, signature, publicKey, 'sha512');

    process.stdout.write('CLIENT SIDE: ');
    console.log(vrf3);
    console.log(document);


function createFileSignature(document, privateKey, algorythm='sha256', encode='base64') {
    const signer = crypto.createSign(algorythm);
    signer.write(document);
    signer.end();

    return signer.sign(privateKey, encode);
}

function verifyFileSignature(document, signature, publicKey, algorythm='sha256', encode='base64') {
    const verifier = crypto.createVerify(algorythm);
    verifier.write(document);
    verifier.end();

    return verifier.verify(publicKey, signature, encode);
}
	// Create certificate
	// https://www.akadia.com/services/ssh_test_certificate.html
	//
	// 1. Generate a Private Key
	// openssl genrsa -des3 -out ssl.key 4096
	//
	// 2. Generate a CSR (Certificate Signing Request)
	// openssl req -new -key ssl.key -out ssl.csr
	//
	// 3. Remove Passphrase from Key
	// cp ssl.key ssl.key.org
	// openssl rsa -in ssl.key.org -out ssl.key
	//
	// 4: Generating a Self-Signed Certificate
	// openssl x509 -req -days 365 -in ssl.csr -signkey ssl.key -out ssl.crt
	//
	// 5. Creating a public key
	// openssl rsa -in ssl.key -pubout -out ssl.pub


	// index.js

	const crypto = require('crypto');
	const fs = require('fs');


	// SERVER SIDE //

	const certificate = fs.readFileSync('keys/ssl.crt', 'utf-8');
	const privateKey = fs.readFileSync('keys/ssl.key', 'utf-8');
	const document = fs.readFileSync('data.txt', 'utf-8');

	// Create signature using a private key
	const signature = createFileSignature(document, privateKey, 'sha512');

	// Verify the signature using a certificate and a private key
	const vrf1 = verifyFileSignature(document, signature, privateKey, 'sha512');
	const vrf2 = verifyFileSignature(document, signature, certificate, 'sha512');

	process.stdout.write('SERVER SIDE: ');
	console.log(vrf1, vrf2, `\n${signature}\n`);


	// CLIENT SIDE //

	const publicKey = fs.readFileSync('keys/ssl.pub', 'utf-8');

	// Verify the signature using a public key
	const vrf3 = verifyFileSignature(document, signature, publicKey, 'sha512');

	process.stdout.write('CLIENT SIDE: ');
	console.log(vrf3);
	console.log(document);


	function createFileSignature(document, privateKey, algorythm='sha256', encode='base64') {
	const signer = crypto.createSign(algorythm);
	signer.write(document);
	signer.end();

	return signer.sign(privateKey, encode);
	}

	function verifyFileSignature(document, signature, publicKey, algorythm='sha256', encode='base64') {
	const verifier = crypto.createVerify(algorythm);
	verifier.write(document);
	verifier.end();

	return verifier.verify(publicKey, signature, encode);
	}