RSA in JavaScript (UMD)
test:
npm run test-init npm run test-en npm run test-deTest directory contains examples
usage:
var rsa = ; var keypair = // Public exponent extracted from private_key.pem using // openssl rsa -inform PEM -text -noout < private_key.pem // Or extracted from public key PEM file using // openssl rsa -pubin -inform PEM -text -noout < public_key.pem "10001" // Dummy decryption exponent -- actual value only kept on server. "10001" // Modulus extracted from private key PEM file using // openssl rsa -inform PEM -modulus -noout < private_key.pem // Or extracted from public key PEM file using // openssl rsa -pubin -inform PEM -modulus -noout < public_key.pem "DE3D7D7639DB81D0E920EA7026A6EB47EA1E31F463BE200B54571CA496DCB86DB3D8E54DEC3A8BAF757147635A9785C086FBCB55E14D1E38700120D3F8CB753AD97AEC2F143A13D73937380EFDD2DC210996ADAF666DDB1319060F883EB8E30490C006B30574B48A18424759D996C3FF9454A16695060751C0463D9CA329897BBDB3E8B815BD6E92A0DBAFE4169E8CB624A137AA963F98C27EDE9BBE0ADB7C630D881BD5129D66FA63B68125880EE914CC81910C11FCDB6E7C8F33E8ADB454B6013FBD2C207ABF3F9CDB4B6CFE64438C926D65E75AD145F520591A9103EE88402DBC7BF3DD8CB3F87D4087A8233177CB2ADFF846A7D3BA529DD3AA53FE2AA74B" // Key size in bits. 2048 ; globalBuffer = globalBuffer || Buffer; if typeof btoa === 'undefined' global { return str 'binary'; }; if typeof atob === 'undefined' global { return b64Encoded 'base64'; }; var ciphertext = rsa; // ciphertext is a string composed of the raw binary data. base-64 encode it. console;Creating and managing keys
Creating a new keypair: To create a new 2048-bit keypair from a command-line interpreter such as bash, use this command:
openssl genrsa -out private_key.pem 2048
This prints out all key components as hexadecimal numbers. openssl rsa -inform PEM -text -noout < private_key.pem
The component called "publicExponent" is what you're looking for, and by default it has the value 0x10001:
publicExponent: 65537 (0x10001)
The hex value, e.g. "10001", is provided to the JavaScript library without the leading "0x". The other numbers, such as the modulus, are formatted in a way that delimits each byte with a colon. However, there is a different flag that prints the modulus only, without the colons:
openssl rsa -inform PEM -modulus -noout < private_key.pem
After removing the "Modulus=" prefix, the rest of the value can be directly used by the JavaScript library, as you can see in the source for this webpage.
Using a third-party public key: If someone else gives you their public key file in PEM format, you can extract the public exponent and the modulus using the same commands, but with the additional -pubin flag. To print the public exponent, use:
openssl rsa -pubin -inform PEM -text -noout < public_key.pem
And to print the modulus, use:
openssl rsa -pubin -inform PEM -modulus -noout < public_key.pem
decrypt
// Encryption exponent and modulus generated via// openssl genrsa -out private_key.pem 2048$private_key = openssl_pkey_get_private('file://'.dirname(__FILE__).'/private_key.pem'); // or openssl_pkey_get_private(file_get_contents('private_key.pem')) // ciphertext generated by JavaScript uses PKCS1 padding, emitted as base64 string...$ciphertext = 'W1tJpRIDdAdjsjbfjHaDtgPzrp0ll616Ht0DUNZjPY1qXsTAO0Gu2C9bBKMJyKi/ASoXxi9av4rd8mHqaFNL18Ye7boeSJL0bYIslYJ/+GOIXytiUI86DyYUCbGt9myLocpTmncFdboDhPZiA9Qr0rC5PYcGoS/0MHL88M0G8Db7AaB2piq4UoNTGNAaWF06wFIXX6ij+msN1qYhI7G6UMYsEdqNn4ukMfX4h45h0IiqZ7RVp6PP1nQyMQ84z4WUtQ7i0Rb/5XE9xVzqvIIxeJVv3Am+0UZ7d6wtH9M46d7UCg4EwHV2X/G1S4u3xUQPJQtLRX0Z5P/7fcxHPTtq3g=='; // ...convert to binary.$bin_ciphertext = base64_decode($ciphertext); openssl_private_decrypt($bin_ciphertext, $plaintext, $private_key, OPENSSL_PKCS1_PADDING) or die("openssl_private_decrypt failed."); var_dump($plaintext);origin: http://www.ohdave.com/rsa/