7 ways to use cryptography in javascript
1- hashing
const { createHash } = require('crypto');
// Create a string hash
function hash(str) {
return createHash('sha256').update(str).digest('hex');
}
// Compare two hashed passwords
let password = 'hi-mom!';
const hash1 = hash(password);
console.log(hash1)
/// ... some time later
password = 'hi-mom';
const hash2 = hash(password);
const match = hash1 === hash2;
console.log(match ? 'βοΈ good password' : 'β password does not match');
2- Salt
const { scryptSync, randomBytes, timingSafeEqual } = require('crypto');
function signup(email, password) {
const salt = randomBytes(16).toString('hex');
const hashedPassword = scryptSync(password, salt, 64).toString('hex');
const user = { email, password: `${salt}:${hashedPassword}` }
users.push(user);
return user
}
function login(email, password) {
const user = users.find(v => v.email === email);
const [salt, key] = user.password.split(':');
const hashedBuffer = scryptSync(password, salt, 64);
const keyBuffer = Buffer.from(key, 'hex');
const match = timingSafeEqual(hashedBuffer, keyBuffer);
if (match) {
return 'login success!'
} else {
return 'login fail!'
}
}
const users = [];
const user = signup('foo@bar.com', 'pa$$word');
console.log(user)
const result = login('foo@bar.com', 'password')
console.log(result)
3- HMAC
const { createHmac } = require('crypto');
const password = 'super-secret!';
const message = 'π hello jack'
const hmac = createHmac('sha256', password).update(message).digest('hex');
console.log(hmac)
4- Symmetric Encryption
const { createCipheriv, randomBytes, createDecipheriv } = require('crypto');
/// Cipher
const message = 'i like turtles';
const key = randomBytes(32);
const iv = randomBytes(16);
const cipher = createCipheriv('aes256', key, iv);
/// Encrypt
const encryptedMessage = cipher.update(message, 'utf8', 'hex') + cipher.final('hex');
console.log(`Encrypted: ${encryptedMessage}`);
/// Decrypt
const decipher = createDecipheriv('aes256', key, iv);
const decryptedMessage = decipher.update(encryptedMessage, 'hex', 'utf-8') + decipher.final('utf8');
console.log(`Deciphered: ${decryptedMessage.toString('utf-8')}`);
5- Keypairs
const { generateKeyPairSync } = require('crypto');
const { privateKey, publicKey } = generateKeyPairSync('rsa', {
modulusLength: 2048, // the length of your key in bits
publicKeyEncoding: {
type: 'spki', // recommended to be 'spki' by the Node.js docs
format: 'pem',
},
privateKeyEncoding: {
type: 'pkcs8', // recommended to be 'pkcs8' by the Node.js docs
format: 'pem',
},
});
console.log(publicKey);
console.log(privateKey);
6- Asymmetric Encryption
const { publicEncrypt, privateDecrypt } = require('crypto');
const { publicKey, privateKey } = require('./keypair');
const encryptedData = publicEncrypt(
publicKey,
Buffer.from(secretMessage)
);
console.log(encryptedData.toString('hex'))
const decryptedData = privateDecrypt(
privateKey,
encryptedData
);
console.log(decryptedData.toString('utf-8'));
7- signing
const { createSign, createVerify } = require('crypto');
const { publicKey, privateKey } = require('./keypair');
const data = 'this data must be signed';
/// SIGN
const signer = createSign('rsa-sha256');
signer.update(data);
const siguature = signer.sign(privateKey, 'hex');
console.log(siguature);
/// VERIFY
const verifier = createVerify('rsa-sha256');
verifier.update(data);
const isVerified = verifier.verify(publicKey, siguature, 'hex');
console.log(isVerified);
Top comments (0)