Crypto Module

The cryptography module provides a collection of crypto helper methods.

The crypto module is made available via the following require() statement:

const crypto = require('crypto');

Available Algorithms

To get a list of the available crypto algorithms, check the ALGORITHM property on the crypto class.

console.log(crypto.ALGORITHM);
// -> ED25519, ECDSA_P256_SHA1, ECDSA_P256_SHA256, ECDSA_P256_SHA512, HMAC_SHA1, HMAC_SHA256, HMAC_SHA512

HMAC

To generate HMAC signatures, use the hmac() method. The hmac() method produces a base64-encoded output.

Usage: hmac(key, msg, algorithm) where:

  • key: the signature key
  • msg: the payload to be encrypted
  • algorithm: the desired algorithm to be used
crypto.hmac(base64.btoa('sharedSecretKey'), 'secretPayload', crypto.ALGORITHM.HMAC_SHA1).then((result) => {
console.log(result.replace('-', '+').replace('_', '/'));
}).catch((error) => {
console.log(error)
});

SHA1

To generate SHA1 signatures, use the sha1() method.

Usage: sha1(msg) where:

  • msg: the payload to be encrypted
crypto.sha1('secretPayload').then((result2) => {
console.log("secretPayload:" + result2);
}).catch((error) => {
console.log(error)
});

SHA256

To generate SHA256 signatures, use the sha256() method.

Usage: sha256(msg) where:

  • msg: the payload to be encrypted
crypto.sha256('secretPayload').then((result2) => {
console.log("secretPayload:" + result2);
}).catch((error) => {
console.log(error)
});

SHA512

To generate SHA512 signatures, use the sha512() method.

Method Signature: sha512(msg) where:

  • msg: the payload to be encrypted
crypto.sha512('secretPayload').then((result2) => {
console.log("secretPayload:" + result2);
}).catch((error) => {
console.log(error)
});

Private and Public Key examples

const secretKey_ed25519 = {
'kty' : 'EdDSA',
'crv' : 'Ed25519',
'sk' : 'bfk0DBOMwYi1_kRk66o_f8IGotVcNDRwfnTJ_ATiDrs',
'use' : 'sig',
};
const publicKey_ed25519 = {
'kty' : 'EdDSA',
'crv' : 'Ed25519',
'pk' : 'wNrBAsRTMYbiXcQxKEcjU-qr24eLFSrrjgAfktkCM6c',
'use' : 'sig',
};

Sign

To sign a payload with a key and specific algorithm, use the sign() method.

Usage: sign(key, msg, algorithm) where:

  • key: the signature key
  • msg: the payload to be encrypted
  • algorithm: the desired algorithm to be used
crypto.sign(privateKey, 'secretPayload', crypto.ALGORITHM.ECDSA_P256_SHA1).then((result4) => {
console.log(result4);
}).catch((error) => {
console.log(error)
});

Verify

To verify a signed payload, use the verify() method.

Usage: verify(sig, key, msg, algorithm) where:

  • sign: the existing signature to verify
  • key: the signature key
  • msg: the payload to be encrypted
  • algorithm: the desired algorithm to be used
crypto.verify(<existing_signature>, publicKey, 'secretPayload', crypto.ALGORITHM.ECDSA_P256_SHA1).then((results) => {
console.log(results)
}).catch((error) => {
console.log(error)
});
Functions support

Functions provides a rich set of tools, and this documentation does not cover all of the potential situations you may encounter. If you need help with a situation not covered by the documentation, please contact PubNub Support

Last updated on