RSA and ECDSA Signatures in JavaScript
This page will generate either RSA and ECC key pairs, and then use these to sign for a message. We will use SHA-1 and SHA-256 for the signatures, and which are implemented in RSA or ECDSA. The main signatures implemented are SHA-1 with RSA, SHA-256 with RSA, SHA-1 with ECDSA, and SHA-256 with ECDSA.
Method |
RSA: RSA: ECC: ECC: |
---|---|
Message to Sign | |
Private Key | |
Public Key | |
Signature |
Coding
The coding is:
<script type="text/javascript">document.getElementById("m").value = "Hello"; function gorsa(size, message, method) { document.getElementById("signature").innerHTML = "Message to sign: \'" + message + "\' Signature:\n"; var kp = KEYUTIL.generateKeypair("RSA", size); var priv = KEYUTIL.getPEM(kp.prvKeyObj, "PKCS8PRV"); document.getElementById("privatekey").innerHTML = priv; pub = KEYUTIL.getPEM(kp.pubKeyObj, "PKCS8PUB"); document.getElementById("publickey").innerHTML = pub; var sig = new KJUR.crypto.Signature({ "alg": method }); sig.init(priv); sig.updateString(message); var hSigVal = sig.sign(); document.getElementById("signature").innerHTML += method + " " + hSigVal; var sig = new KJUR.crypto.Signature({ "alg": method }); sig.init(pub); sig.updateString(message); var isValid = sig.verify(hSigVal); document.getElementById("signature").innerHTML += "\nValid signature: " + isValid; } function goecc(name, message, method) { document.getElementById("signature").innerHTML = "Message to sign: \'" + message + "\' Signature:\n"; var kp = KEYUTIL.generateKeypair("EC", name); var priv = KEYUTIL.getPEM(kp.prvKeyObj, "PKCS8PRV"); document.getElementById("privatekey").innerHTML = priv; var pub = KEYUTIL.getPEM(kp.pubKeyObj, "PKCS8PUB"); document.getElementById("publickey").innerHTML = pub; var sig = new KJUR.crypto.Signature({ 'alg': method }); sig.init(priv); sig.updateString(message); var hSigVal = sig.sign(); document.getElementById("signature").innerHTML += method + " " + hSigVal; var sig = new KJUR.crypto.Signature({ 'alg': method }); sig.init(pub); sig.updateString(message); var isValid = sig.verify(hSigVal); document.getElementById("signature").innerHTML += "\nValid signature: " + isValid; }</script>
And the HTML:
<div class="indented"> <table width="100%"> <tr> <th>Method</th> <td style="text-align:left"> <p> RSA: <input type="button" class="btn btn-medium btn-success" onclick="gorsa(512,document.getElementById('m').value,'SHA1withRSA')" value="Generate RSA 512 SHA1"><input type="button" class="btn btn-medium btn-success" onclick="gorsa(738,document.getElementById('m').value,'SHA1withRSA')" value="Generate RSA 738 SHA1"><input type="button" class="btn btn-medium btn-success" onclick="gorsa(1024,document.getElementById('m').value,'SHA1withRSA')" value="Generate RSA 1024 SHA1"> </p> <p> RSA: <input type="button" class="btn btn-medium btn-success" onclick="gorsa(512,document.getElementById('m').value,'SHA256withRSA')" value="Generate RSA 512 SHA256"><input type="button" class="btn btn-medium btn-success" onclick="gorsa(738,document.getElementById('m').value,'SHA256withRSA')" value="Generate RSA 738 SHA256"><input type="button" class="btn btn-medium btn-success" onclick="gorsa(1024,document.getElementById('m').value,'SHA256withRSA')" value="Generate RSA 1024 SHA256"> </p> <p> ECC: <input type="button" class="btn btn-medium btn-warning" onclick="goecc('secp256r1',document.getElementById('m').value,'SHA1withECDSA')" value="Secp256r1 ECDSA SHA1"> <input type="button" class="btn btn-medium btn-warning" onclick="goecc('secp256k1',document.getElementById('m').value,'SHA1withECDSA')" value="Secp256k1 ECDSA SHA1"> <input type="button" class="btn btn-medium btn-warning" onclick="goecc('secp384r1',document.getElementById('m').value,'SHA1withECDSA')" value="secp384r1 ECDSA SHA1"> <input type="button" class="btn btn-medium btn-warning" onclick="goecc('secp521r1',document.getElementById('m').value,'SHA1withECDSA')" value="secp521r1 ECDSA SHA1"> </p> <p> ECC: <input type="button" class="btn btn-medium btn-warning" onclick="goecc('secp256r1',document.getElementById('m').value,'SHA256withECDSA')" value="Secp256r1 ECDSA SHA256"> <input type="button" class="btn btn-medium btn-warning" onclick="goecc('secp256k1',document.getElementById('m').value,'SHA256withECDSA')" value="Secp256k1 ECDSA SHA256"> <input type="button" class="btn btn-medium btn-warning" onclick="goecc('secp384r1',document.getElementById('m').value,'SHA256withECDSA')" value="secp384r1 ECDSA SHA256"> <input type="button" class="btn btn-medium btn-warning" onclick="goecc('secp521r1',document.getElementById('m').value,'SHA256withECDSA')" value="secp521r1 ECDSA SHA1"> </p> </td> </tr> <tr> <th width="15%">Message to Sign</th> <td> <textarea cols="20" id="m" name="m" rows="2" style="width:100%"></textarea> </td> </tr> <tr> <th width="15%">Private Key</th> <td> <textarea cols="20" id="privatekey" name="privatekey" rows="4" style="width:100%"></textarea> </td> </tr> <tr> <th>Public Key</th> <td> <textarea cols="20" id="publickey" name="publickey" rows="4" style="width:100%"></textarea> </td> </tr> <tr> <th>Signature</th> <td> <textarea cols="20" id="signature" name="signature" rows="5" style="width:100%"></textarea> </td> </tr> </table>
Test results
For ECC secp256k1 keys, we get:
-----BEGIN PRIVATE KEY----- MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg2sf0a+4XAa3Nq6c9 zfq0Hn78pFyZJCMqeGgQWQzFi0uhRANCAASexo2iEsivjrwdvmf/rhc5qMKI4u6C MZ9r1c80pyU87WfMcntBNyNXbgWCQ+ykOf4EpjkgxKTShtJvSCD45yiA -----END PRIVATE KEY-----
-----BEGIN PUBLIC KEY----- MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnsaNohLIr468Hb5n/64XOajCiOLu gjGfa9XPNKclPO1nzHJ7QTcjV24FgkPspDn+BKY5IMSk0obSb0gg+OcogA== -----END PUBLIC KEY-----
And then to sign for the message for "Hello" and for ECDSA with a SHA-256 hash:
Message to sign: 'Hello' Signature: SHA256withECDSA 304502204cb194444892297042a71dc7e50a30be571c25f2619ae0ec9a651419bbee8d460221008791663659382463a59e0c5c83a8d36253a48a54caf0a4f1113c244751c4408f Valid signature: true