Loading lesson path
Concept visual
Start from A
The Sign class is part of Node.js's crypto module. It provides a way to generate cryptographic digital signatures. Sign instances are created using the crypto.createSign() method. Digital signatures allow you to verify the authenticity and integrity of a message, ensuring that it was created by a known sender and was not altered in transit.
// Import the crypto module const crypto = require('crypto');
// Create a Sign object const sign = crypto.createSign('RSA-SHA256');Description sign.update(data[, inputEncoding])
Updates the Sign content with the given data. If inputEncoding is provided, data is a string using the specified encoding; otherwise, data is a Buffer, TypedArray, or DataView. This method can be called multiple times with new data.
sign.sign(privateKey[, outputEncoding])
Calculates the signature on all the data passed to the Sign using sign.update().
privateKey is a string or buffer containing the PEM-encoded private key, or a KeyObject of type 'private'. If outputEncoding is provided, a string is returned; otherwise, a Buffer is returned.The following example demonstrates how to create a digital signature of a message:
const crypto = require('crypto');
const fs = require('fs');
// Generate a keypair for this example function generateKeyPair() {
return crypto.generateKeyPairSync('rsa', {
modulusLength: 2048, publicKeyEncoding: {
type: 'spki', format: 'pem'
}, privateKeyEncoding: {
type: 'pkcs8', format: 'pem'
}
});
}// For this example, generate keys in memory
// In a real application, you would load existing keys from storage const { privateKey, publicKey } = generateKeyPair();
// Message to sign const message = 'This is a message to be signed';
// Create a Sign object const sign = crypto.createSign('SHA256');
// Update with the message sign.update(message);
// Sign the message with the private key const signature = sign.sign(privateKey, 'hex');
console.log('Message:', message);
console.log('Signature:', signature);
// We'll save these for the verification example fs.writeFileSync('message.txt', message);
fs.writeFileSync('signature.hex', signature);
fs.writeFileSync('public_key.pem', publicKey);The Sign class supports various signature algorithms, depending on the crypto provider:
const crypto = require('crypto');
// Generate key pairs for different algorithms function generateRSAKeyPair() {
return crypto.generateKeyPairSync('rsa', {
modulusLength: 2048, publicKeyEncoding: {
type: 'spki', format: 'pem'
}, privateKeyEncoding: {
type: 'pkcs8', format: 'pem'
}
});
}
function generateECKeyPair() {
return crypto.generateKeyPairSync('ec', {
namedCurve: 'prime256v1', publicKeyEncoding: {
type: 'spki', format: 'pem'
}, privateKeyEncoding: {
type: 'sec1', format: 'pem'
}
});
}
// Generate different key pairs const rsaKeys = generateRSAKeyPair();
const ecKeys = generateECKeyPair();
// Message to sign const message = 'Message to sign with different algorithms';
// Function to sign with a specific algorithm function signWithAlgorithm(algorithm, privateKey, message) {
try {
const sign = crypto.createSign(algorithm);
sign.update(message);
return sign.sign(privateKey, 'hex');
} catch (error) {
return `Error: ${error.message}`;
}
}
// Test various signature algorithms console.log(`Message: "${message}"`);
console.log('-----------------------------------------------');
// RSA signatures with different hash algorithms console.log('RSA-SHA256:', signWithAlgorithm('SHA256', rsaKeys.privateKey, message));
console.log('RSA-SHA384:', signWithAlgorithm('SHA384', rsaKeys.privateKey, message));
console.log('RSA-SHA512:', signWithAlgorithm('SHA512', rsaKeys.privateKey, message));
console.log('-----------------------------------------------');Formula
// ECDSA signatures console.log('ECDSA - SHA256:', signWithAlgorithm('SHA256', ecKeys.privateKey, message));console.log('ECDSA-SHA384:', signWithAlgorithm('SHA384', ecKeys.privateKey, message));The available signature algorithms depend on your Node.js version and the installed OpenSSL version. Common signature algorithms include:
EC