(Node.js) RSA Sign with PKCS8 Encrypted Key

Demonstrates how to load a private key from an encrypted PKCS8 file and create an RSA digital signature (and then verify it).

Install Chilkat for Node.js and Electron using npm at Chilkat npm packages for Node.js Chilkat npm packages for Electron on Windows, Linux, MacOS

var os = require('os');
if (os.platform() == 'win32') {  
  var chilkat = require('@chilkat/ck-node23-win64'); 
} else if (os.platform() == 'linux') {
    if (os.arch() == 'arm') {
        var chilkat = require('@chilkat/ck-node23-linux-arm');
    } else if (os.arch() == 'arm64') {
        var chilkat = require('@chilkat/ck-node23-linux-arm64');
    } else {
        var chilkat = require('@chilkat/ck-node23-linux-x64');
    }
} else if (os.platform() == 'darwin') {
  var chilkat = require('@chilkat/ck-node23-mac-universal');
}

function chilkatExample() {

    // This example assumes the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    var pkey = new chilkat.PrivateKey();

    // Load the private key from an RSA PEM file:
    var success = pkey.LoadPkcs8EncryptedFile("raul_privateKey.key","a0123456789");

    var pkeyXml;
    // Get the private key in XML format:
    pkeyXml = pkey.GetXml();

    var rsa = new chilkat.Rsa();

    // Import the private key into the RSA component:
    success = rsa.ImportPrivateKey(pkeyXml);
    if (success !== true) {
        console.log(rsa.LastErrorText);
        return;
    }

    // This example will sign a string, and receive the signature
    // in a hex-encoded string.  Therefore, set the encoding mode
    // to "hex":
    rsa.EncodingMode = "hex";

    var strData = "This is the string to be signed.";

    // Sign the string using the sha-1 hash algorithm.
    // Other valid choices are "md2" and "md5".
    var hexSig = rsa.SignStringENC(strData,"sha-1");

    console.log(hexSig);

    // Now verify with the public key.
    // This example shows how to use the public key from 
    // a digital certificate (.cer file)
    var cert = new chilkat.Cert();
    success = cert.LoadFromFile("raul_publicKey.cer");
    if (success !== true) {
        console.log(cert.LastErrorText);
        return;
    }

    // pubKey: PublicKey
    var pubKey;
    pubKey = cert.ExportPublicKey();

    var pubKeyXml;
    // Get the private key in XML format:
    pubKeyXml = pubKey.GetXml();

    var rsa2 = new chilkat.Rsa();
    success = rsa2.ImportPublicKey(pubKeyXml);
    if (success !== true) {
        console.log(rsa2.LastErrorText);
        return;
    }

    // Verify the signature against the original data:
    rsa2.EncodingMode = "hex";
    success = rsa2.VerifyStringENC(strData,"sha-1",hexSig);
    if (success !== true) {
        console.log(rsa2.LastErrorText);
        return;
    }

    console.log("Signature verified!");

    // Verify with incorrect data:
    success = rsa2.VerifyStringENC("something else","sha-1",hexSig);
    if (success !== true) {
        console.log("Signature not verified! (which was expected in this case)");
    }
    else {
        console.log("Hmmm... that's not right...");
    }


}

chilkatExample();