(JavaScript) DSA Signature Create and Verify

Shows how to create a DSA (DSS) signature for the contents of a file. The first step is to create an SHA-1 hash of the file contents. The hash is signed using the Digital Signature Algorithm and the signature bytes are retrieved as a hex-encoded string.

The 2nd part of the example loads the signature and verifies it against the hash.

Note

This example is intended for running within a Chilkat.Js embedded JavaScript engine. All Chilkat JavaScript examples require Chilkat v11.4.0 or greater.

var success = false;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

var crypt = new CkCrypt2();

crypt.EncodingMode = "hex";
crypt.HashAlgorithm = "sha-1";

// Return the SHA-1 hash of a file.  The file may be any size.
// The Chilkat Crypt component will stream the file when 
// computing the hash, keeping the memory usage constant
// and reasonable.
// The 20-byte SHA-1 hash is returned as a hex-encoded string.
var hashStr = crypt.HashFileENC("hamlet.xml");

var dsa = new CkDsa();

// Load a DSA private key from a PEM file.  Chilkat DSA
// provides the ability to load and save DSA public and private
// keys from encrypted or non-encrypted PEM or DER.
// The LoadText method is for convenience only.  You may
// use any means to load the contents of a PEM file into
// a string.
var pemPrivateKey;
pemPrivateKey = dsa.LoadText("dsa_priv.pem");
success = dsa.FromPem(pemPrivateKey);
if (success !== true) {
    console.log(dsa.LastErrorText);
    return;
}

// You may optionally verify the key to ensure that it is a valid
// DSA key.
success = dsa.VerifyKey();
if (success !== true) {
    console.log(dsa.LastErrorText);
    return;
}

// Load the hash to be signed into the DSA object:
success = dsa.SetEncodedHash("hex",hashStr);
if (success !== true) {
    console.log(dsa.LastErrorText);
    return;
}

// Now that the DSA object contains both the private key and hash,
// it is ready to create the signature:
success = dsa.SignHash();
if (success !== true) {
    console.log(dsa.LastErrorText);
    return;
}

// If SignHash is successful, the DSA object contains the
// signature.  It may be accessed as a hex or base64 encoded
// string.  (It is also possible to access directly in byte array form via
// the "Signature" property.)
var hexSig = dsa.GetEncodedSignature("hex");
console.log("Signature:");
console.log(hexSig);

// -----------------------------------------------------------
// Step 2: Verify the DSA Signature
// -----------------------------------------------------------

var dsa2 = new CkDsa();

// Load the DSA public key to be used for verification:
var pemPublicKey;
pemPublicKey = dsa2.LoadText("dsa_pub.pem");
success = dsa2.FromPublicPem(pemPublicKey);
if (success !== true) {
    console.log(dsa2.LastErrorText);
    return;
}

// Load the hash to be verified against the signature.
success = dsa2.SetEncodedHash("hex",hashStr);
if (success !== true) {
    console.log(dsa2.LastErrorText);
    return;
}

// Load the signature:
success = dsa2.SetEncodedSignature("hex",hexSig);
if (success !== true) {
    console.log(dsa2.LastErrorText);
    return;
}

// Verify:
success = dsa2.Verify();
if (success !== true) {
    console.log(dsa2.LastErrorText);
}
else {
    console.log("DSA Signature Verified!");
}