How to use jsrsasign - 10 common examples
To help you get started, we’ve selected a few jsrsasign examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
bitpay / bitcore / test / index.js View on Github 
pki_data.length.should.equal(2);
if (is_browser) {
var type = 'SHA256';
var pem = PaymentProtocol.prototype._DERtoPEM(pki_data[0], 'CERTIFICATE');
var buf = pr.serializeForSig();
var jsrsaSig = new KJUR.crypto.Signature({
alg: type + 'withRSA',
prov: 'cryptojs/jsrsa'
});
var signedCert = pki_data[0];
var der = signedCert.toString('hex');
// var pem = PaymentProtocol.DERtoPEM(der, 'CERTIFICATE');
var pem = KJUR.asn1.ASN1Util.getPEMStringFromHex(der, 'CERTIFICATE');
jsrsaSig.init(pem);
jsrsaSig.updateHex(buf.toString('hex'));
jsrsaSig.verify(sig.toString('hex')).should.equal(true);
} else {
var crypto = require('crypto');
var type = 'SHA256';
var pem = PaymentProtocol.DERtoPEM(pki_data[0], 'CERTIFICATE');
var buf = pr.serializeForSig();
var verifier = crypto.createVerify('RSA-' + type);
verifier.update(buf);
verifier.verify(pem, sig).should.equal(true);
}
// Verify Signature
var verified = pr.x509Verify();
verified.should.equal(true);var sig = pr.get('signature');
pki_data = PaymentProtocol.X509Certificates.decode(pki_data);
pki_data = pki_data.certificate;
ver.should.equal(1);
pki_type.should.equal('x509+sha256');
pki_data.length.should.equal(2);
if (is_browser) {
var type = 'SHA256';
var pem = PaymentProtocol.prototype._DERtoPEM(pki_data[0], 'CERTIFICATE');
var buf = pr.serializeForSig();
var jsrsaSig = new KJUR.crypto.Signature({
alg: type + 'withRSA',
prov: 'cryptojs/jsrsa'
});
var signedCert = pki_data[0];
var der = signedCert.toString('hex');
// var pem = PaymentProtocol.DERtoPEM(der, 'CERTIFICATE');
var pem = KJUR.asn1.ASN1Util.getPEMStringFromHex(der, 'CERTIFICATE');
jsrsaSig.init(pem);
jsrsaSig.updateHex(buf.toString('hex'));
jsrsaSig.verify(sig.toString('hex')).should.equal(true);
} else {
var crypto = require('crypto');
var type = 'SHA256';
var pem = PaymentProtocol.DERtoPEM(pki_data[0], 'CERTIFICATE');
var buf = pr.serializeForSig();
var verifier = crypto.createVerify('RSA-' + type);function generateToken(schema, userId, collectionId, periodId = '201605', periodStr = 'May 2016', regionCode = 'GB-ENG', languageCode = 'en', sexualIdentity = false, includeLogoutUrl = true) {
let schemaParts = schemaRegEx.exec(schema);
// Header
let oHeader = {
alg: 'RS256',
typ: 'JWT',
kid: '709eb42cfee5570058ce0711f730bfbb7d4c8ade'
};
// Payload
let oPayload = {
tx_id: uuid(),
jti: uuid(),
iat: KJUR.jws.IntDate.get('now'),
exp: KJUR.jws.IntDate.get('now') + 1800,
user_id: userId,
case_id: uuid(),
ru_ref: '12346789012A',
ru_name: 'Apple',
trad_as: 'Apple',
eq_id: schemaParts[1],
collection_exercise_sid: collectionId,
period_id: periodId,
period_str: periodStr,
ref_p_start_date: '2017-01-01',
ref_p_end_date: '2017-02-01',
employment_date: '2016-06-10',
form_type: schemaParts[2],
return_by: '2017-03-01',
region_code: regionCode,if (tokRes.statusCode >= 200 && tokRes.statusCode < 300) {
var body = JSON.parse(tokRes.getBody());
access_token = body.access_token;
console.log('Got access token: %s', access_token);
if (body.refresh_token) {
refresh_token = body.refresh_token;
console.log('Got refresh token: %s', refresh_token);
}
if (body.id_token) {
console.log('Got ID token: %s', body.id_token);
// check the id token
var pubKey = jose.KEYUTIL.getKey(rsaKey);
var signatureValid = jose.jws.JWS.verify(body.id_token, pubKey, ['RS256']);
if (signatureValid) {
console.log('Signature validated.');
var tokenParts = body.id_token.split('.');
var payload = JSON.parse(base64url.decode(tokenParts[1]));
console.log('Payload', payload);
if (payload.iss == 'http://localhost:9001/') {
console.log('issuer OK');
if ((Array.isArray(payload.aud) && _.contains(payload.aud, client.client_id)) ||
payload.aud == client.client_id) {
console.log('Audience OK');
var now = Math.floor(Date.now() / 1000);
if (payload.iat <= now) {
console.log('issued-at OK');if (tokRes.statusCode >= 200 && tokRes.statusCode < 300) {
var body = JSON.parse(tokRes.getBody());
access_token = body.access_token;
console.log('Got access token: %s', access_token);
if (body.refresh_token) {
refresh_token = body.refresh_token;
console.log('Got refresh token: %s', refresh_token);
}
if (body.id_token) {
console.log('Got ID token: %s', body.id_token);
// check the id token
var pubKey = jose.KEYUTIL.getKey(rsaKey);
var signatureValid = jose.jws.JWS.verify(body.id_token, pubKey, ['RS256']);
if (signatureValid) {
console.log('Signature validated.');
var tokenParts = body.id_token.split('.');
var payload = JSON.parse(base64url.decode(tokenParts[1]));
console.log('Payload', payload);
if (payload.iss == 'http://localhost:9001/') {
console.log('issuer OK');
if ((Array.isArray(payload.aud) && _.contains(payload.aud, client.client_id)) ||
payload.aud == client.client_id) {
console.log('Audience OK');
var now = Math.floor(Date.now() / 1000);
if (payload.iat <= now) {
console.log('issued-at OK');if (tokRes.statusCode >= 200 && tokRes.statusCode < 300) {
var body = JSON.parse(tokRes.getBody());
access_token = body.access_token;
console.log('Got access token: %s', access_token);
if (body.refresh_token) {
refresh_token = body.refresh_token;
console.log('Got refresh token: %s', refresh_token);
}
if (body.id_token) {
console.log('Got ID token: %s', body.id_token);
// check the id token
var pubKey = jose.KEYUTIL.getKey(rsaKey);
var signatureValid = jose.jws.JWS.verify(body.id_token, pubKey, ['RS256']);
if (signatureValid) {
console.log('Signature validated.');
var tokenParts = body.id_token.split('.');
var payload = JSON.parse(base64url.decode(tokenParts[1]));
console.log('Payload', payload);
if (payload.iss == 'http://localhost:9001/') {
console.log('issuer OK');
if ((Array.isArray(payload.aud) && _.contains(payload.aud, client.client_id)) ||
payload.aud == client.client_id) {
console.log('Audience OK');
var now = Math.floor(Date.now() / 1000);
if (payload.iat <= now) {
console.log('issued-at OK');
if (payload.exp >= now) {// not in the header, check in the form body
inToken = req.body.access_token;
} else if (req.query && req.query.access_token) {
inToken = req.query.access_token
}
console.log('Incoming token: %s', inToken);
var tokenParts = inToken.split('.');
var header = JSON.parse(base64url.decode(tokenParts[0]));
var payload = JSON.parse(base64url.decode(tokenParts[1]));
console.log('Payload', payload);
var publicKey = jose.KEYUTIL.getKey(rsaKey);
if (jose.jws.JWS.verify(inToken,
publicKey,
[header.alg])) {
console.log('Signature validated');
if (payload.iss == 'http://localhost:9001/') {
console.log('issuer OK');
if ((Array.isArray(payload.aud) && __.contains(payload.aud, 'http://localhost:9002/')) ||
payload.aud == 'http://localhost:9002/') {
console.log('Audience OK');
var now = Math.floor(Date.now() / 1000);
if (payload.iat <= now) {
console.log('issued-at OK');
if (payload.exp >= now) {.then(data => {
var pk = KEYUTIL.getKey(data);
var sig = new KJUR.crypto.Signature({"alg": "SHA512withRSA"}); // Use "SHA1withRSA" for QZ Tray 2.0 and older
sig.init(pk);
sig.updateString(hash);
var hex = sig.sign();
console.log("DEBUG: \n\n" + stob64(hextorstr(hex)));
resolve(stob64(hextorstr(hex)));
})
.catch(err => console.error(err));.then(data => {
var pk = KEYUTIL.getKey(data);
var sig = new KJUR.crypto.Signature({"alg": "SHA512withRSA"}); // Use "SHA1withRSA" for QZ Tray 2.0 and older
sig.init(pk);
sig.updateString(hash);
var hex = sig.sign();
console.log("DEBUG: \n\n" + stob64(hextorstr(hex)));
resolve(stob64(hextorstr(hex)));
})
.catch(err => console.error(err));.then(data => {
var pk = KEYUTIL.getKey(data);
var sig = new KJUR.crypto.Signature({"alg": "SHA512withRSA"}); // Use "SHA1withRSA" for QZ Tray 2.0 and older
sig.init(pk);
sig.updateString(hash);
var hex = sig.sign();
console.log("DEBUG: \n\n" + stob64(hextorstr(hex)));
resolve(stob64(hextorstr(hex)));
})
.catch(err => console.error(err));jsrsasign
opensource free pure JavaScript cryptographic library supports RSA/RSAPSS/ECDSA/DSA signing/validation, ASN.1, PKCS#1/5/8 private/public key, X.509 certificate, CRL, OCSP, CMS SignedData, TimeStamp and CAdES and JSON Web Signature(JWS)/Token(JWT)/Key(JWK)
Package Health Score
78 / 100Popular jsrsasign functions
- jsrsasign.asn1
- jsrsasign.ASN1HEX
- jsrsasign.b64utoutf8
- jsrsasign.BigInteger
- jsrsasign.crypto
- jsrsasign.hextob64u
- jsrsasign.hextorstr
- jsrsasign.jws
- jsrsasign.jws.IntDate
- jsrsasign.jws.JWS
- jsrsasign.KEYUTIL
- jsrsasign.KEYUTIL.getJWKFromKey
- jsrsasign.KEYUTIL.getKey
- jsrsasign.KEYUTIL.getKeyFromPlainPrivatePKCS8PEM
- jsrsasign.KJUR
- jsrsasign.KJUR.crypto
- jsrsasign.KJUR.jws
- jsrsasign.SecureRandom
- jsrsasign.stob64
- jsrsasign.X509