1.2.0 • Published 2 years ago

json-with-signature v1.2.0

Weekly downloads
-
License
ISC
Repository
github
Last release
2 years ago

json-with-signature

就像JSON.stringify,但用RSA签名过。

Like JSON.stringify, but signatured with RSA.

用处 - useage

当你想把一个javaScript的对象发送给另一台主机时,你可以直接使用JSON.stringify()来获取一个字符串,然后发送这个字符串,但是这不能防止信息在传递过程中被篡改,一种解决方法是,在发送时把要发送的消息通过RSA私钥签名,在接收端,通过公钥来验证收到的消息。

When you want to send a javascript object to another host, you can use JSON.stringify() to obtain a string and then send the string, but this does not prevent the information from being tampered with during transmission. One solution is to sign the message to be sent with the RSA private key when sending, and verify the received message with the public key at the receiving end.

公钥和私钥的生成 - Generation of public key and private key

const NodeRSA = require('node-rsa');

// 生成一个1024长度的密钥对
const key = new NodeRSA({ b: 1024 })
const privateKeyStr = key.exportKey('pkcs8-private') // 私钥
const publicKeyStr = key.exportKey('pkcs8-public') // 公钥

通常用法 normal usage

在消息发送端 - at message sender

const RSA_JSON = require("json-with-signature")

// at computer A
var rsaJsonA = new RSA_JSON({
    privateKeyStr:
    `-----BEGIN PRIVATE KEY-----
    MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAIxhqwnCZe89OkAk
    iwXH9p+Xq9eTeYvkfSyaUUPyK00t/y+6u+44iJmnBB8zvrqnlYF5Z6PvHHBuLF7/
    ZhTA0RRIHQnNFrJ2n+v+cxMTp7PeU7x0l/IHYVYhMzW68WPgaRv7yK5TSdZLhKun
    1GAgljBU9H/wHLuTDJKoo4vHp1c5AgMBAAECgYB+MVoQdtktO6v+dxsmAkBX7H8E
    VkTgFXDUxJAi9TIpuhx4qnM/zUA2Z6XT6q8cmYNTFXCuNEcrZk6qwwnfxAjtyT9w
    wa+SEsEW6s3jgdoNm66MZJT32vU7YVkymCDPTf6iPSxja9D+7AXD/0noulauNlz0
    19DGXMgXNqEOpkr4pQJBAOJzCXbz6uhORKYK5nyGrEtGVqOEpy12xuNzCIDkldBX
    Xqv4TRgxOizOIYE9SPOaY4jtpoM33ZQket0l+YvbwHMCQQCes1/SUArKbrDmvJhW
    +/l1GDM1r90VKBWesZ/LwOkqc09UrZeltEIu740UTQTYhTzqo6kYz/cOuekAJrAy
    p3qjAkEAzIhPEiv6Dt0y0C6kQ/F4CX18n7EfNsdDmQi7s3/DeSyRDA73w1QjUXjV
    dmAeVjkqkfDlJzv8XOQePUUhgpt31QJABkCe59RLeIo/4fdQMS0gOOLJMbZKCYlY
    wLXSy94/0XJVj8p/DQI7EUpSzpfyNu2Y5s2n3dhjrWrZqS3dB0Hd7QJBANb7MP9X
    OfDLpVuSpS7v4DcGgR0fEIos9pNWDmae5Cx4nfRDKYK7nfkJYxhcPvK8OmzkT/XD
    AZ/bN6QLIKIK+d0=
    -----END PRIVATE KEY-----`,
});

var data = {"msg":"this is a message"};
var sendMessageStr = rsaJsonA.stringify(data);
console.log(sendMessageStr);// output: eyJtZXNzYWdlIjoie1wibXNnXCI6XCJ0aGlzIGlzIGEgbWVzc2FnZVwiLFwibWVzc2FnZV91dWlkXCI6XCJlZmU3MzNmNi0wYjhhLTRmMGItYTNkMS0zNGJmZTk4MzZiYjNcIn0iLCJzaWduYXR1cmUiOiJmaE5TbFAxcjFJR2srOGZxTlcyV3JGbnVIenk2OXQxL1Z6TXJiblZhc2g1bXY4OVk1WTBCUS9hTWxYSGRMU2N2TWYvZjh6NzlENEtXejlLUU5ycW5LSjc2TllYK3Y3VVAvU3R2OGk4dmJkZTV6UTBuYTlqTUx2MEs4SnI5M3FRUUo3WDIwUGhOMmVzNXpNRHI3MlFZZnN0VGVTS3RZcUR0NzZCSDRwYUVnSHM9In0=

在消息接收端 - at message receiver

const RSA_JSON = require("json-with-signature")

// at computer B
var rsaJsonB = new RSA_JSON({
    publicKeyStr:
    `-----BEGIN PUBLIC KEY-----
    MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCMYasJwmXvPTpAJIsFx/afl6vX
    k3mL5H0smlFD8itNLf8vurvuOIiZpwQfM766p5WBeWej7xxwbixe/2YUwNEUSB0J
    zRaydp/r/nMTE6ez3lO8dJfyB2FWITM1uvFj4Gkb+8iuU0nWS4Srp9RgIJYwVPR/
    8By7kwySqKOLx6dXOQIDAQAB
    -----END PUBLIC KEY-----`,
});
var receivedMessageStr = `eyJtZXNzYWdlIjoie1wibXNnXCI6XCJ0aGlzIGlzIGEgbWVzc2FnZVwiLFwibWVzc2FnZV91dWlkXCI6XCJlZmU3MzNmNi0wYjhhLTRmMGItYTNkMS0zNGJmZTk4MzZiYjNcIn0iLCJzaWduYXR1cmUiOiJmaE5TbFAxcjFJR2srOGZxTlcyV3JGbnVIenk2OXQxL1Z6TXJiblZhc2g1bXY4OVk1WTBCUS9hTWxYSGRMU2N2TWYvZjh6NzlENEtXejlLUU5ycW5LSjc2TllYK3Y3VVAvU3R2OGk4dmJkZTV6UTBuYTlqTUx2MEs4SnI5M3FRUUo3WDIwUGhOMmVzNXpNRHI3MlFZZnN0VGVTS3RZcUR0NzZCSDRwYUVnSHM9In0=`
var obj = rsaJsonB.parse(receivedMessageStr)
console.log(obj); /* output: 
{
    msg: 'this is a message',
    message_uuid: 'efe733f6-0b8a-4f0b-a3d1-34bfe9836bb3'
} */
console.log(obj["msg"]); // output : "this is a message"


// if the message be changed be someone
var receivedMessageStr = `????????????????1wibXNnXCI6XCJ0aGlzIGlzIGEgbWVzc2FnZVwiLFwibWVzc2FnZV91dWlkXCI6XCJlZmU3MzNmNi0wYjhhLTRmMGItYTNkMS0zNGJmZTk4MzZiYjNcIn0iLCJzaWduYXR1cmUiOiJmaE5TbFAxcjFJR2srOGZxTlcyV3JGbnVIenk2OXQxL1Z6TXJiblZhc2g1bXY4OVk1WTBCUS9hTWxYSGRMU2N2TWYvZjh6NzlENEtXejlLUU5ycW5LSjc2TllYK3Y3VVAvU3R2OGk4dmJkZTV6UTBuYTlqTUx2MEs4SnI5M3FRUUo3WDIwUGhOMmVzNXpNRHI3MlFZZnN0VGVTS3RZcUR0NzZCSDRwYUVnSHM9In0=`
var obj = rsaJsonB.parse(receivedMessageStr) 
console.log(obj); // output: {} 
console.log(obj["msg"]);  // output: undefine

最简单用法 Simplest usage

const RSA_JSON = require("./JSON-with-Signature")
const NodeRSA = require('node-rsa');

// 生成一个1024长度的密钥对
const key = new NodeRSA({ b: 1024 })
const privateKeyStr = key.exportKey('pkcs8-private') // 私钥
const publicKeyStr = key.exportKey('pkcs8-public') // 公钥

var rsaJSON = new RSA_JSON({
  privateKeyStr,
  // publicKeyStr
});

var str = rsaJSON.stringify({
    message:"this is a message"
})
console.log(str);  // output: eyJtZXNzYWdlIjoie1wibWVzc2FnZVwiOlwidGhpcyBpcyBhIG1lc3NhZ2VcIixcIm1lc3NhZ2VfdXVpZFwiOlwiOTkyMDY0ZTktMWM5NS00ODFkLWEzYTEtN2JjZmY4MGU0ZGNhXCJ9Iiwic2lnbmF0dXJlIjoidXZaaFYwRFA0VHk0TlVGK2VKME9xWVhQS0swUUxoMk9uR2Y5N3RPaDFlZlhhYXB3eTc0ZkwySUVxY3UwQ1JpNUd6WU1oZGpxckJrbnVmWHNlTkFqeEhyT2xndjlYdE1TOWxEVExJTVRObnh0R0tPeHAvNFNBOXhlZXhoN3NXM1hqaDdTMnIwRnQ3eEtXS0Z2SUVYOXMyL0NVcDVPaGNzbTFZVVhwZmNUOHpZPSJ9

var obj = rsaJSON.parse(str);
console.log(obj); /* output: {
  message: 'this is a message',
  message_uuid: '992064e9-1c95-481d-a3a1-7bcff80e4dca'
} */

console.log(rsaJSON.privateKeyStr)
console.log(rsaJSON.publicKeyStr) /* output:
-----BEGIN PRIVATE KEY-----
MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBANA3t47EA0FBpZIY
YxzbwZNhd4TUMahYUclXmuWfcHn/5Uzcl0sdphrjB59opObWaKLrOzroXQgd1Cm1
SXO6yxlO47fgCPV00ifdxhqFvTqvhujHyIYZ15yL78ZMrQ900Ptw1g8xTvocLibA
fVCtpwEq2QHKHekoNKzHFciEd3exAgMBAAECgYAxqujFTGp+WXt2UwzpaF5PmrNY
4wkJYC/6OESBu7unzmvTHteUGnlx9m/uDZcwXTrOihAx6BWxBvSCEnV3/rnNXFId
PtQ+eGrte1nBMSSvUOpP5BDWnsf86rIW5vo2iRMauvwyv9tsCI5c1OjVpks49yt3
PJKo/h6AY25HQtlA8QJBAPWKtg5mUFXoEfU+5VgpxgGwQTkEoKzQSz49vh3sH1OK
oKfO8EbEdDE2UzSqc/jOTgaB9o1E4wZMaux7B3h3KyUCQQDZFgm2fjAfXcwdf9if
7c8UOZUxxcSl7IQB8RWsz68dNARi1CoIyLgw+9T/yO3qRA3XDnGzBBDxqBbaSE7T
K1qdAkALP1Fbk4A2jyzTaRAkW7WAOkyiif26LMhlj3p38Gr27rCxPx9ufm08G9rv
3Kb3TKvyTF241uD3VuTG9FPBRuQpAkEAlpzInlmMT6bG/8x8YfEfE9wjm8WneqrO
p345WI065Fr7lAm5JCEGUc3W6KPiFP+kTomR7u6qRs8lE8rJDY9trQJAaa5CUHgg
KAMBii4jVH/Ou/Xry3GkzWv9DxXcGTUuU3NDefgaUlBN72k+1GUVNKLaW26AU6RC
7BaHewyQVOrV8Q==
-----END PRIVATE KEY-----
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQN7eOxANBQaWSGGMc28GTYXeE
1DGoWFHJV5rln3B5/+VM3JdLHaYa4wefaKTm1mii6zs66F0IHdQptUlzussZTuO3
4Aj1dNIn3cYahb06r4box8iGGdeci+/GTK0PdND7cNYPMU76HC4mwH1QracBKtkB
yh3pKDSsxxXIhHd3sQIDAQAB
-----END PUBLIC KEY-----
*/
jsonrsasignature
node-rsauuid
app-locker@infinitebrahmanuniverse/nolb-json-w
1.2.0

2 years ago

1.1.0

2 years ago

1.0.3

2 years ago

1.0.2

2 years ago

1.0.1

2 years ago

1.0.0

2 years ago