0.0.14 • Published 4 years ago
finpro-crypto v0.0.14
Installation
const encNdesc = require('finpro-crypto');
Usage
FI DATA ENC N DESC
FIP Encryption
let encryptedData=encNdesc.FIPEncryption(id, Data, ECDHPubKey, nonce, opts);
/**
* id= fip ID
* Data= FI Data
* ECDHPubKey= his publickey
* nonce = his random 32-byte BASE64 string
* opts = optional parameters Object
*/
Note : we can use all Encryption functions calling by encNdesc.enc
FIU Decryption
let decryptedFIUData=encNdesc.dataDecrypt(cipher,iv,hisPubKey, fipNonce,myScrtKey,fiuNonce, opts);
/**
* cipher= encrypted Data
* iv= iv
* hisPubKey= his ECDH publickey
* fipNonce = his random 32-byte BASE64 string
* myScrtKey= my ECDH privateKey
* fiuNonce = my random 32-byte BASE64 string
* opts = optional parameters Object
*/
Digital Signature
Configuration/Intiallization and Method calling
/**
* API Signature
*/
// Sample public key from CR
let pub_jwk={
kty: 'RSA',
n: 'q3jotq3fX9nY9G89hdQCGPPZspzPpjjr5MO3qJRRhhPR7GDN1pgVAWoPHJlzx9Uvu43jgMKDU-f_05hbM-cIcs8JjEtbhsus6iJ5WbZUN7o9SwroDpCMTHaEf14CKzsk1088_Ub9ITX8769da2NLWvtiP6jmt0gauf60hY9iwY3BRnE91aL_Wd_CIXuS9pouCHeUP9CyNYWt8sdAoycuiv9utaRSTdLRrjcOmo-kWu4LtQnnZPD9SIlsGZi-t_ifbyLNPxz1CK2mY9oko2GE-aFkfHUI-1TACids1Y8fv1NACRGjMU4HsvuFjoNrYgxwTE8TDzwDNDnhJ-4tzULUBw',
e: 'AQAB',
alg: 'RS256',
kid: '90441819-9044-4856-b0ee-8c88035f4856',
use: 'sig'
};
//Initializing Digital Signature
let digiSignConfig = digiSign.config({
"prikeyFilePath": "./sample_certs/om_private_key.pem", //<file,buffer>
"pubkeyFileObj": pub_jwk, //<Object> From CR
});
// Generate digital signature
let token_payload = {
"ver" : "1.0",
"txnid" : "0b811819-9044-4856-b0ee-8c88035f8858",
"consentId" : "XXXX-XXXX-XXXX-XXXX",
"status" : "ACTIVE",
"createTimestamp" : "2018-12-06T11:39:57.153Z"
};
let apiSignedToken = digiSignConfig.generateAPISign({ payload: JSON.stringify(token_payload)});//pass payload as string
console.log(`API signatured token is `, apiSignedToken);
//Validate
let digiSignTokenValidity = encNdesc.digiSign.verifyAPISign({
"pubkeyFileObj": pub_jwk, //JSON object
"encStr": apiSignedToken.token,
"payload": JSON.stringify(token_payload) //string
});
console.log(`API signatured validation status `, digiSignTokenValidity);
/**
* Consent Signature
*/
// Generate digital signature
let consent_payload = {
"ver": "1.0",
"txnid": "0b811819-9044-4856-b0ee-8c88035f8858",
"consentId": "XXXX-XXXX-XXXX-XXXX",
"status": "ACTIVE",
"createTimestamp": "2018-12-06T11:39:57.153Z"
};
let encryptedConsent = digiSignConfig.encryptConsent({ payload: consent_payload});//pass consent_payload as JSON Object
console.log(`Consent signature is `, encryptedConsent.signedConsent);
//Validate
let decryptedConsent = encNdesc.digiSign.decryptConsent({
"pubkeyFileObj": pub_jwk, //JSON object
"encStr": encryptedConsent.signedConsent,
});
console.log(`decrypted Consent is as string is `, decryptedConsent);
/**
* Get kid from signature
*/
let extractedKid=digiSign.getKidFromSign({sign:apiSignedToken.token});
console.log(`extractedKid is `,extractedKid);
working with typescript
prepare config file "digi_certs.ts". config private .pem file and then export it to use any where in the application.
const fs = require('fs')
const digiSign = require('finpro-crypto').digitalSignature;
//Initializing Digital Signature
const DigitalSignatureConfig= digiSign.config({
"prikeyFilePath": process.cwd()+"/app/assets/digi-sign/digiSign_private_key.pem", // required
"pubkeyFileObj": pub_jwk, //<Object> From CR
});
export {DigitalSignatureConfig, digiSign}
Version release summary
0.0.9
- digital signature library added.
0.0.10
- urlPath now accepts both URL and Buffer also.
0.0.11
- sharedkey generation in finshare bug fixed.
0.0.12
- digital signature for API and Consent functionality implemented as per Rebit API v1.1.2
0.0.13
- algorithm changed from RSA512 to RSA256.
0.0.14
- header is same for both API,Consent. so sign method returns payload as plain text.
- pubkeyFileObjJWK from CR need to pass as param while initilazing digiSign.
- new method for get kid from digisign.signature.