Wiki: Tutorial for signing and verification with extended RSAKey class

TOP | DOWNLOADS | TUTORIALS | API REFERENCE | DEMOS

(DEPRECATED)

RSA signing and verifying by extended RSAKey is DEPRECATED and will not be supported near in the future. Please consider to move to Signature class. Thanks.

Signature class has following advantages:

• RSAKey can sign a string only however Signature class can also sign a hexadecimal string.
• progressive signing for large sized data.
• class and methods are aligned to Java JCE Signature class
• easy to understand and learn
• good class architecture
• less global variables and functions

Signing

Here is an example to sign a string "aaa" with "SHA1withRSA" algorithm by PEM formatted private key.

var rsa = new RSAKey();
rsa.readPrivateKeyFromPEMString(_PEM_PRIVATE_KEY_STRING_);
var hSig = rsa.signString("aaa", "sha1"); // sign a string "aaa" with key

Verifying Signature

Here is an example to verify a signture of string "aaa" with specified PEM formatted X.509 certificate.

var x509 = new X509();
x509.readCertPEM(_PEM_X509CERT_STRING_);
var result = x509.subjectPublicKeyRSA.verifyString("aaa", _HEX_SIGNATURE_);

Supported Signature Algorithms

The script "rsa-sign.js" currently supports following signature algorithms:

• SHA1withRSA
• SHA256withRSA
• SHA512withRSA
• MD5withRSA
• RIPEMD160withRSA

However you can extend other signature algorithms such like MD2withRSA or SHA384withRSA by just specifying two variables in it.

 _RSASIGN_DIHEAD['md2'] = "30..."; // Hexadecimal DigestInfo prefix for MD5
 _RSASIGN_HASHHEXFUNC['md2'] = md2hex; // function which returns value in hex.