Node-jose (https://github.com/cisco/node-jose) test.
Using node to generate/import keys and encrypt/decrypt text
var jose = require('node-jose'); //call node-jose npm
//create an empty store
keystore = jose.JWK.createKeyStore();
// Example 1: generate a new key with properties
var props = {
kid: 'gBdaS-G8RLax2qgObTD94w',
alg: 'A256GCM',
use: 'enc'
};
var key1 = await keystore.generate("oct", 256, props);
// Example 2: import a key from a PEM or der
// (I used openSSL to extract the private key from a random .CER I had around)
var pemInput=`-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDz2iETyKenWU3s
3Oa/pP18dZtHLgKd0lOiXmuEEKLPHqjyvoBxmnJ48Igy3ul6NIDjGeZ99Ep14KvU
4E+16w+ywfjWd8M9qghXCzpaIIVyVCUvEi0YnEWp8eSQ8fplza25nY77fzMTqpOf
Wh7t2WVnU6exbQpxCaKPUSrgf5daeIQIfWiJg+eAfurLJilbwtKApXVuFp+hTGWV
DWqWW0N8shn+82TFwQpchuVkKcAHp/44XFH4aE9x5ALAZTSUUkbXQMkAepIKb1+/
q8j87mwiSErI/WNXFgwbk0U1Zf9e2ZZRSAajbUKjYJBeAF/HBQjKGoYbpG400Iim
MkB0HQmHAgMBAAECggEAdWVbLUoZpJBy2oiSskq9GnEIG2GEMvSx/OZV/pN/vhT1
oz+hWI/RcnXiLBNy9blXH341oAe+3TcXonmHBn6u5RFLOf0YSpSURUuLgR5NAHiQ
GjQ277U0OJfSwREtylsVutmmn19ieKJTRZE+eKWDkxYMEnf7YeYQk8ywxrnGZO/V
hwBLofkKk5FzcQa3YIX93vUpUNpiHf+qYCcGXD6dFTNvtZ5/nt0QgRPdAPJLuku7
Gaq7UWjLzIzw1/LldiUCokSeSZsGxVIEIxwZ7v40aB/T69KfAjp7xKoS8FGCjZBE
ZcdVTqeziwGYAx4z3X1mcJ7ocRMQRO4pvzwJLzR5eQKBgQD/cyol3IFzMe2k/Gqr
nspzApgrgx98mXqtr778BYBR9cvajX61McyOb/zk1mYxL9LvCajtBgoSdmtVmwjf
sefI0i0jLEsQ8QzlTsSxZb4FW8EnM8nFyKZEhiiRUx23N0vgipIfX8jOq939NQV8
GdHD28Zfs80/xuqLTwbZhf+1iwKBgQD0YJIIOscCAI+LWwcTlS9dj8vwBj8fhbL/
DCsf19Xcjd1v2ZZVAAi1e4KcGxrM+3TZpvMIBpx6VAtUuN1KLH/sOEf8Vj1oizlD
q+msCFwhwaZJpdB7WYGKdfoYA4NV4e4aVr/wg5ylV4tg0vi09aN31krsj+kml2Oc
XmJvVYlTdQKBgQDYYtqyJb62MPYIixVk+Wau0+TI/xK9/ljQJg5W9+YCB38+TBuo
K14GzlBgHEmGoudAO2OQHEyN5Sf45RI4Q0B/eaJoqA2SdU6iM/4j83ZqnZXZumHS
G6zUYPyeVdTXLY0l0NwEnaPBhg7OfYp+3HQ3P8UjrnBP9RUbGr9Hpd29DwKBgDCb
9PBGIMe5LNRfauzuQ9msfLhlxbCTe6NX3EwdNqEEZwOUmF6X/yN6SeSbT51udzPE
DZuPFRkQFqDnlLzoVRm7qDX9QYHGD8HyNCzQDON6DYWgwfOHPkk4ZmLYcAtpQV9j
2hIRW9tXqpW74VS9d6KisYyUo5/VhS7ZZ2MV9JbxAoGADnUPcKMnd62NFJqdDB1M
oFz0HBhEby0xMOvUwE3P7tsx1X/Mt6cwILZG3v9q74OGEstjRix2rI+ee/Ui2yNr
ZTZ2Fyku3yMwwPCPZQf0w7coURgJB7aZoSRLA1Iw5xkRQfbbY6edMCitCE24a0ZM
CZAjHPBnwQd0bcpb3Nd5R9U=
-----END PRIVATE KEY-----
`;
var key2 = await keystore.add(pemInput, "pem");
// Example 3: review the keystore
var everything= keystore.all();
//Example 4: retrieve the 2nd kid from the keystore to use it as a key
var key2use = keystore.get(everything[1].kid);
//Example 5: encrypt content as JWE, using 'RSA1_5' and 'A128CBS-HS256'
// Check that RSA1_5 is in the list of supported algorithms from the key
console.log(key2use.algorithms("wrap"));
var content2encrypt="lorem ipsum dolor sit amet";
var encryptedContent = await jose.JWE.createEncrypt({format:'flattened', fields:{alg: 'RSA1_5',enc:'A128CBC-HS256'}},key2use).update(content2encrypt).final();
//decrypt content
var decyptedContent = await jose.JWE.createDecrypt(key2use).decrypt(encryptedContent);
PS. If you would like to import the key from a file, you could use something like fs:
var fs = require('fs');
var pem = fs.readFileSync('privateKey.pem');
1 comment
- posted 5 years ago byHow are you encrypting and decrypting using the same key? Should it be encrypted with the public key? Can you please shed some light
sign in to comment