So, I have this piece of code that's written in Node.js
crypto.createHmac('sha256', secret).update(orderedParams).digest('hex')
I wish to bring this piece of code in the browser but that doesn't work since the 'crypto' library is not supported on the browser. Can somebody just help me re-create the same method in the browser?
An HMAC can be determined by most crypto libraries, e.g. CryptoJS or WebCrypto API.
The following example uses CryptoJS:
var secret = 'my secret';
var orderedParams = 'the ordered params';
// Short
var hmac3 = CryptoJS.HmacSHA256(orderedParams, secret).toString();
console.log(hmac3.replace(/(.{48})/g,'$1\n'));
// Progressive
var hmac2 = CryptoJS.algo.HMAC.create(CryptoJS.algo.SHA256, secret).update(orderedParams).finalize().toString();
console.log(hmac2.replace(/(.{48})/g,'$1\n'));
<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js"></script>
You can try to use crypto-browserify.
It's a reimplementation of crypto, made it so that it can run on the Browser.
Related
I am trying to understand how to implement a minimal basic Public-key signature example based on the demo located here, using pure javascript.
My research has not yielded a simple javascript example that I can use to understand its inner workings, and the documentation is over my head at the moment.
I tried looking at the source code of the demo, but it is not revealing its secrets.
The library's examples does not have an example for this either.
Cryptography is something very new to me, so any baseline example of how to create their Public-key example with pure javascript in node.js would be greatly appreciated!
Pseudocode-ish:
const nacl = require('tweetnacl')
let message = "This is my unencrypted message"
let naclPair = nacl.sign.keyPair()
let signedMessage = nacl.sign(message, naclPair.secretKey)
let decrypted = nacl.sign.open(signedMessage, naclPair.publicKey) // is this right?
console.log(decrypted) // should this print the decrypted message?
As a side note, I'm more familiar with node.js require, than I am with ES6 import, if that has any bearing on answers here and could help demonstrate how to use this library.
TweetNaCl.js is a port to JavaScript of TweetNaCl. TweetNacl in turn is a compact implementation of NaCl, which provides various encryption and signature algorithms essentially based on Curve25519. There are NaCl-compatible implementations or wrappers for many platforms, so that any of these documentations can be used for an introduction, e.g. the clear documentation of the Libsodium fork.
The documentation of TweetNaCl.js also gives a short overview of the functionality: nacl.sign(message, secretKey) creates a signed message consisting of the 64 bytes signature with attached message. nacl.sign.open(signedMessage, publicKey) verifies the message using the signature and returns the message if verification is successful. The algorithm used for signing is Ed25519.
As already noted in the comments, you do not distinguish clearly between encryption (purpose: secrecy) and signing (purpose: authentication / integrity). In particular, secrecy of the message is not the purpose of signing. This becomes apparent e.g. when the return of nacl.sign() contains the unencrypted message (see code snippet below). However, it is true that encryption with the private key is performed during signing (but not for the purpose of keeping it secret).
The following implementation is a pure JavaScript implementation:
var keyPair = nacl.sign.keyPair();
var secretKey = keyPair.secretKey;
var publicKey = keyPair.publicKey;
var msgStr = "The quick brown fox jumps over the lazy dog";
var msg = nacl.util.decodeUTF8(msgStr);
var signature = nacl.sign(msg, secretKey);
var signatureB64 = nacl.util.encodeBase64(signature);
console.log(signatureB64.replace(/(.{64})/g,'$1\n')); // Display signature plus message (Base64 encoded)
var signatureMsgPart = signature.slice(64);
console.log(nacl.util.encodeUTF8(signatureMsgPart)); // Display message from nacl.sign() return value: signing is not for encryption!
var verifiedMsg = nacl.sign.open(signature, publicKey);
console.log(nacl.util.encodeUTF8(verifiedMsg)); // Display message after successfull verification
<script src="https://cdn.jsdelivr.net/npm/tweetnacl-util#0.15.0/nacl-util.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/tweetnacl#1.0.1/nacl.min.js"></script>
and applies the package tweetnacl-util-js for encoding.
By the way, in the implementation you posted only the Utf8 encoding/decoding was missing:
let message = "This is my unencrypted message"
let naclPair = nacl.sign.keyPair()
let signedMessage = nacl.sign(nacl.util.decodeUTF8(message), naclPair.secretKey)
let decrypted = nacl.sign.open(signedMessage, naclPair.publicKey) // is this right? -> Yes
console.log(nacl.util.encodeUTF8(decrypted)) // should this print the decrypted message? -> Yes, but the 'verified' message is printed!
<script src="https://cdn.jsdelivr.net/npm/tweetnacl-util#0.15.0/nacl-util.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/tweetnacl#1.0.1/nacl.min.js"></script>
Please see the following links for public key encryption and symmetric encryption with TweetNaCl.js. This is about keeping a message secret.
By the way, using the example page(Public-key signatures) to test the code need to use nacl.sign.detached(message, secretKey) not nacl.sign(msg, secretKey) ๐
reference
TweetNaCl.js Public-key signatures example err
I don't know how to get a javascript file to work for web-browser functionalit, when it's coded as node.js.
The code in question is from a github graphenejs-lib. I want to convert this node.js code into js:
import {Apis} from "graphenejs-ws";
var {ChainStore} = require("graphenejs-lib");
Apis.instance("wss://bitshares.openledger.info/ws", true).init_promise.then((res) => {
console.log("connected to:", res[0].network);
ChainStore.init().then(() => {
ChainStore.subscribe(updateState);
});
});
let dynamicGlobal = null;
function updateState(object) {
dynamicGlobal = ChainStore.getObject("2.1.0");
console.log("ChainStore object update\n", dynamicGlobal ? dynamicGlobal.toJS() : dynamicGlobal);
}
There is another github from the same developer, steemjs-lib, that shows both the node.js use, and the browser use in the README default page.
I don't know how to make graphenejs-lib into browser javascript, like the steemjs-lib has been made into a regular javascript working version. I contact the dev, but have yet to receive a response.
I figured other people actually know how to do what the dev did for steemjs-lib, and get the graphenejs-lib to work in a browser.
Can you help me out? Thank you.
You can use Browserify to help you with that:
Note that not all of the Node's APIs will be available in the browser.
Use browserify. https://wzrd.in/ will package it for you if you just want to use that one library. https://wzrd.in/standalone/graphenejs-lib#latest
<script src="https://wzrd.in/standalone/graphenejs-lib#latest"></script>
<script>
const {ChainStore} = graphenejsLib;
...
</script>
I am new to Dojo and I want to be able to use the RSA module to encrypt some information using a public key that is received from a website.
Is there any information or examples on how to do this?
I have found the library dojox.encoding.crypto.RSAKey but there is no information:
https://dojotoolkit.org/reference-guide/1.9/dojox/encoding/crypto/RSAKey.html
I found Dojo because I was researching: http://www-cs-students.stanford.edu/~tjw/jsbn/
Now I want to learn Dojo but my primary reason to use it is the RSA library.
Ps.: I don't want to be lectured on the dangers of RSA on the client side, neither why I shouldn't be doing RSA on JavaScript side.
EDITED: replaced example values with provided ones.
I'm not familiar with RSA, but general use of dojo's RSAKey module would be as follow (according to its source code):
require([
"dojo/dom",
"dojox/encoding/crypto/RSAKey"
],function(dom, RSAKeyModule){
var RSAKey = new RSAKeyModule();
var n= "8efebfa74157b9447e1bc729d5e2a459ee888e87dc7ed764b473e513edbaโโ7696a957871ff7a4941eโโd360d1b42a9788bdc52aโโ8b659357dc8f252e6cc5โโf5bbf5c659cc9e9837dfโโ4ca6eee1c47889b055acโโ3802bb9491e88483491bโโ08dff9e9472d99341134โโbcfc4ecf38915553bda0โโ8f943089377a95c7118fโโebcef2841288aedb1b8bโโa22e211da2ab527d26d7โโaccf2e05421260a23f06โโcf2b13e0ffd51e8f401bโโc113768027ad29c37156โโ4d179c82639061272e4fโโ940bf50ba6490933f788โโ715f8c268dd2c85a461eโโ899ba416a51557fec7a9โโa4f1ed3df95cf5bd14bbโโ529dd331b9a79828366aโโ9589deb32e730369cd62โโ352ef7fdd9297e1193f4โโa33e01289a6f"
var e = "10001";
RSAKey.setPublic(n, e);
var encrypted = RSAKey.encrypt("abc");
dom.byId("result").innerHTML = encrypted;
});
<script src="https://ajax.googleapis.com/ajax/libs/dojo/1.10.4/dojo/dojo.js"></script>
<div id="result"></div>
See dojo/request/xhr module - could be helpful for receiving key.
I am trying to integrate SigWeb API into my application. I want to use the digital signature in all modern browsers. Now it works only in IE, using ActiveX object. The problem is that I can not use the encryption key.
Let me explain:
Old version js code looks like:
SigPlus1.AutoKeyStart();
SigPlus1.AutoKeyData = "Some Key Data";
SigPlus1.AutoKeyFinish();
SigPlus1.EncryptionMode = 2;
SigPlus1.SigCompressionMode = 1;
var strSignature = SigPlus1.SigString;
New version (using SigWebTablet.js):
AutoKeyStart();
SetAutoKeyData("Some Key Data");
AutoKeyFinish();
SetEncryptionMode(2);
SetSigCompressionMode(1);
var strSignature = GetSigString();
The value of strSignature is passed to the server and converted to .jpg file. On the server side (java) I am using following code:
ClassLoader firma = (com.topaz.sigplus.SigPlus.class).getClassLoader();
sigObj = (SigPlus)Beans.instantiate(firma, "com.topaz.sigplus.SigPlus");
sigObj.autoKeyStart();
sigObj.setAutoKeyData("Some Key Data"); // the same data in front-end
sigObj.autoKeyFinish();
sigObj.setEncryptionMode (2);
sigObj.setSigCompressionMode(1);
sigObj.setSigString(strSignature);
The problem in setSigString method - it doesn't set the new value (with the old code SigPlus1.SigString works), but if I disable setAutoKeyData - it works fine.
The tablet model: T-LBK766SE-BHSB-R
I have found a solution which works for me. Before signature capture it needs to reset the encryption mode, i.e. to call SetEncryptionMode(0)
UPD (05/03/2017). Guys from dev support recommended me to use AutoKeyAddData function instead AutoKeyStart and AutoKeyFinish functions. I have tested and it works for me. I think this better solution of this issue.
http://www.sigplusweb.com/sigwebtablet_autokeydemo.htm
I want to encrypt some data in Node.js using an authenticated encryption scheme like AES-GCM.
If I run the following sample code
app.get("/test", function(req,res) {
var key = "12345678901234567890123456789012";
var iv = "123456789012";
var cipher = crypto.createCipheriv("id-aes256-GCM",key.toString("binary"),iv.toString("binary"));
var decipher = crypto.createDecipheriv("id-aes256-GCM",key.toString("binary"),iv.toString("binary"));
console.log(decipher.update(cipher.update("bla")));
console.log(decipher.update(cipher.final()));
console.log(decipher.final());
});
I don't get a console output but the error message "TypeError: DecipherFinal fail".
If I use cipher AES-256-CTR instead of "id-aes256-GCM", this code works fine and prints "bla" on the console.
What am I doing wrong?
edit:
Further investigating shows, that cipher.update("bla") returns "รข" (single character...strange) and cipher.final() returns an empty string. I think this can't be a correct ciphertext which should at least have the size of the plaintext...
GCM mode in OpenSSL works fine. It has been tested with other implementations as well. I know for a fact that the PolarSSL SSL library has its own GCM implementation for AES and PolarSSL can work fine with OpenSSL in return.
The GCM mode of encryption for AES requires specific GCM-related parameters. The current NodeJS API cannot provide these values to OpenSSL. And as such the calls fail, but not with clean errors. (This is more of an OpenSSL issue than a NodeJS issue).
(StevenLoomen points the reason out in the comments as well, but I'd like an answer for everybody to see)