/dcrypt

node.js openssl bindings

Primary LanguageC++MIT LicenseMIT

       _|                                            _|      
   _|_|_|    _|_|_|  _|  _|_|  _|    _|  _|_|_|    _|_|_|_|  
 _|    _|  _|        _|_|      _|    _|  _|    _|    _|      
 _|    _|  _|        _|        _|    _|  _|    _|    _|      
   _|_|_|    _|_|_|  _|          _|_|_|  _|_|_|        _|_|  
                                     _|  _|                  
                                 _|_|    _|                  

dcrypt

Openssl bindings for Node.js. Written in Coffeescript.

  • RSA/ECDSA key generation
  • RSA/ECDSA key primitives from parsing key files
  • Random Bytes
  • Signing and verification using PEM encoded keys, not just certificates
  • Random bytes using openssl RAND
  • Hashing
  • Encryption and Decryption with all Ciphers supported in OpenSSL, as well as RSA encryption and decryption
  • x509 Certificate Reading

Install

npm install dcrypt

Usage

Create a buffer holding 16 bytes of random data:

buffer = dcrypt.random.randomBytes(16)
>> <Buffer 46 65 82 15 c9 db 20 2d ea 2c fc 4c a2 0b 62 6a>

Create a new RSA Key Pair - no params is 1024 bytes and 65537 exponent default

rsa = new dcrypt.keypair.newRSA(1024, 65537)
>> { pem_pub: '-----BEGIN RSA PUBLIC KEY-----\nMIGJAoGBAL3oiAw++hlc1Fo5hgph7uzawpP7H394VrL/UQ5eX96dSD+xznd4HHBH\niv1ev8g7xIdsSCWa2xQ8xsSMiUawWiOp3ioC35xLWzmLthDxY9+WPVSE6XNCODda\njlJ8xmQdoKKy2y1Hd5407SDXiLoBelpx5xgMIA7qLBUX1UmYGxchAgMBAAE=\n-----END RSA PUBLIC KEY-----',
...

Create a new ECDSA Key Pair - no params is default secp256k1 curve

ecdsa = new dcrypt.keypair.newECDSA('secp256k1')
>> { pem_pub: '-----BEGIN PUBLIC KEY-----\nMIH1MIGuBgcqhkjOPQIBMIGiAgEBMCwGByqGSM49AQECIQD/////////////////\n///////////////////+///8LzAGBAEABAEHBEEEeb5mfvncu6xVoGKVzocLBwKb\n/NstzijZWfKBWxb4F5hIOtp3JqPEZV2k+/wOEQio/Re0SKaFVBmcR9CP+xDUuAIh\nAP////////////////////66rtzmr0igO7/SXozQNkFBAgEBA0IABEi6/jVsROmi\nZGQPulg4uW4//uru4oMtEt5O7KrAtvlGd9cRcCB2CO6DM98hz3QSRvmqa5hl4P1N\nV4+C0CUFDLI=\n-----END PUBLIC KEY-----'
...

Verify a signature with just a public key in PEM format

verified = verifer.verify(pem_public, signature, signature_format='hex')
>> true

Encrypt and Decrypt with RSA

enc = dcrypt.rsa.encrypt(pub, 'Hi there RSA', 'RSA_PKCS1_PADDING', 'hex')
clear_msg = dcrypt.rsa.decrypt(priv, enc, 'RSA_PKCS1_PADDING', 'hex')
>> 'Hi there RSA'

Encrypt a message with AES and a phrase

cipher = dcrypt.cipher.createCipher('AES-256-cbc', 'This is a key')
ciphertext = cipher.update('Hello there', 'utf8', 'hex')
ciphertext += cipher.final('hex')

Decrypt a message with AES and a phrase

decipher = dcrypt.decipher.createDecipher('AES-256-cbc', 'This is a key')
cleartext = cipher.update(ciphertext, 'hex', 'utf8')
cleartext += cipher.final('utf8')
>> 'Hello there'

Parse a RSA private key file and generate primitives

keypair.parseRSA(fs.readFileSync('/path/to/rsa.priv'), false)
>> { pub:
     { n: 'BA5570689BDA43E4DBCE11DD9F33251C0B0E19B52D1B5BB6AEEA6C9EA09543BCC0ACC0DEAF1E416DB2B6E466A6C063FEE2DB7914EFD2B02765999D0D7AED119392AD65CD994195DE7D92B241CA588508BAFA12819F4037F6C7F71E77D2D66B2B9ECE9D2502AB65AB3C5B5D27613F9CA7E067C4496B9B881A62FACC6F68494341',
       e: '010001' }, ...

Parse an x509 certificate

certPem = fs.readFileSync('test_cert.pem', 'ascii')
cert = dcrypt.x509.parse(certPem)
>>  { subject: '/C=UK/ST=Acknack Ltd/L=Rhys Jones/O=node.js/OU=Test TLS Certificate/CN=localhost',
    issuer: '/C=UK/ST=Acknack Ltd/L=Rhys Jones/O=node.js/OU=Test TLS Certificate/CN=localhost',
    version: 3,
    serial: 'a2:f4:50:6f:a6:46:44:8f',
    valid_from: 'Nov 11 09:52:22 2009 GMT',
    valid_to: 'Nov  6 09:52:22 2029 GMT',
    public_key_algo: 'rsaEncryption',
    signature_algorithm: 'sha1WithRSAEncryption', ...

TODO

  • Finish porting HMAC
  • x509 certificates
  • CSR

Configure Options

Build without ECDSA bindings node-waf configure --without-ecdsa=true

INFO

Use OpenSSL 1.0.0