(Node.js) RSA Sign with PKCS8 Encrypted Key

Demonstrates how to load a private key from an encrypted PKCS8 file and create an RSA digital signature (and then verify it).

Note: This example requires Chilkat v11.0.0 or greater.

Install Chilkat for Node.js and Electron using npm at Chilkat npm packages for Node.js Chilkat npm packages for Electron on Windows, Linux, MacOS

var os = require('os');
if (os.platform() == 'win32') {  
  var chilkat = require('@chilkat/ck-node23-win64'); 
} else if (os.platform() == 'linux') {
    if (os.arch() == 'arm') {
        var chilkat = require('@chilkat/ck-node23-linux-arm');
    } else if (os.arch() == 'arm64') {
        var chilkat = require('@chilkat/ck-node23-linux-arm64');
    } else {
        var chilkat = require('@chilkat/ck-node23-linux-x64');
    }
} else if (os.platform() == 'darwin') {
  var chilkat = require('@chilkat/ck-node23-mac-universal');
}

function chilkatExample() {

    var success = false;

    // This example assumes the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    var privKey = new chilkat.PrivateKey();

    // Load the private key from an RSA PEM file:
    success = privKey.LoadAnyFormatFile("raul_privateKey.key","a0123456789");
    if (success == false) {
        console.log(privKey.LastErrorText);
        return;
    }

    var rsa = new chilkat.Rsa();

    // Import the private key into the RSA component:
    success = rsa.UsePrivateKey(privKey);
    if (success == false) {
        console.log(rsa.LastErrorText);
        return;
    }

    // This example will sign a string, and receive the signature
    // in a hex-encoded string.  Therefore, set the encoding mode
    // to "hex":
    rsa.EncodingMode = "hex";

    var strData = "This is the string to be signed.";

    // Sign the string using the sha256 hash algorithm.
    // Other valid choices are sha1, sha384, sha512 and others.
    var hexSig = rsa.SignStringENC(strData,"sha256");
    if (rsa.LastMethodSuccess == false) {
        console.log(rsa.LastErrorText);
        return;
    }

    console.log(hexSig);

    // Now verify with the public key.
    // This example shows how to use the public key from 
    // a digital certificate (.cer file)
    var cert = new chilkat.Cert();
    success = cert.LoadFromFile("raul_publicKey.cer");
    if (success == false) {
        console.log(cert.LastErrorText);
        return;
    }

    var pubKey = new chilkat.PublicKey();
    cert.GetPublicKey(pubKey);

    var rsa2 = new chilkat.Rsa();
    success = rsa2.UsePublicKey(pubKey);
    if (success == false) {
        console.log(rsa2.LastErrorText);
        return;
    }

    // Verify the signature against the original data:
    rsa2.EncodingMode = "hex";
    success = rsa2.VerifyStringENC(strData,"sha256",hexSig);
    if (success == false) {
        console.log(rsa2.LastErrorText);
        return;
    }

    console.log("Signature verified!");

    // Verify with incorrect data:
    success = rsa2.VerifyStringENC("something else","sha256",hexSig);
    if (success !== true) {
        console.log("Signature not verified! (which was expected in this case)");
    }
    else {
        console.log("Hmmm... that's not right...");
    }


}

chilkatExample();