Crypto Module
The cryptography module provides a collection of crypto helper methods.
The crypto
module is made available via the following require()
statement:
const crypto = require('crypto');
Available Algorithms
To get a list of the available crypto algorithms, check the ALGORITHM
property on the crypto
class.
console.log(crypto.ALGORITHM);
// -> ED25519, ECDSA_P256_SHA1, ECDSA_P256_SHA256, ECDSA_P256_SHA512, HMAC_SHA1, HMAC_SHA256, HMAC_SHA512
HMAC
To generate HMAC signatures, use the hmac()
method. The hmac()
method produces a base64-encoded output.
Usage: hmac(key, msg, algorithm)
where:
key
: the signature keymsg
: the payload to be encryptedalgorithm
: the desired algorithm to be used
crypto.hmac(base64.btoa('sharedSecretKey'), 'secretPayload', crypto.ALGORITHM.HMAC_SHA1).then((result) => {
console.log(result.replace('-', '+').replace('_', '/'));
}).catch((error) => {
console.log(error)
});
SHA1
To generate SHA1 signatures, use the sha1()
method.
Usage: sha1(msg)
where:
msg
: the payload to be encrypted
crypto.sha1('secretPayload').then((result2) => {
console.log("secretPayload:" + result2);
}).catch((error) => {
console.log(error)
});
SHA256
To generate SHA256 signatures, use the sha256()
method.
Usage: sha256(msg)
where:
msg
: the payload to be encrypted
crypto.sha256('secretPayload').then((result2) => {
console.log("secretPayload:" + result2);
}).catch((error) => {
console.log(error)
});
SHA512
To generate SHA512 signatures, use the sha512()
method.
Method Signature: sha512(msg)
where:
msg
: the payload to be encrypted
crypto.sha512('secretPayload').then((result2) => {
console.log("secretPayload:" + result2);
}).catch((error) => {
console.log(error)
});
Private and Public Key examples
const secretKey_ed25519 = {
'kty' : 'EdDSA',
'crv' : 'Ed25519',
'sk' : 'bfk0DBOMwYi1_kRk66o_f8IGotVcNDRwfnTJ_ATiDrs',
'use' : 'sig',
};
const publicKey_ed25519 = {
'kty' : 'EdDSA',
'crv' : 'Ed25519',
'pk' : 'wNrBAsRTMYbiXcQxKEcjU-qr24eLFSrrjgAfktkCM6c',
'use' : 'sig',
};
Sign
To sign a payload with a key and specific algorithm, use the sign()
method.
Usage: sign(key, msg, algorithm)
where:
key
: the signature keymsg
: the payload to be encryptedalgorithm
: the desired algorithm to be used
crypto.sign(privateKey, 'secretPayload', crypto.ALGORITHM.ECDSA_P256_SHA1).then((result4) => {
console.log(result4);
}).catch((error) => {
console.log(error)
});
Verify
To verify a signed payload, use the verify()
method.
Usage: verify(sig, key, msg, algorithm)
where:
sign
: the existing signature to verifykey
: the signature keymsg
: the payload to be encryptedalgorithm
: the desired algorithm to be used
crypto.verify(<existing_signature>, publicKey, 'secretPayload', crypto.ALGORITHM.ECDSA_P256_SHA1).then((results) => {
console.log(results)
}).catch((error) => {
console.log(error)
});
Functions support
Functions provides a rich set of tools, and this documentation does not cover all of the potential situations you may encounter. If you need help with a situation not covered by the documentation, please contact PubNub Support