RSA Signing and Verification in JavaScript

The 'RSA-Sign JavaScript Library' is a open source free pure JavaScript implementation of PKCS#1 v2.1 RSASSA-PKCS1-v1_5 RSA signing and validation algorithm.

DEMO

• Sample Application for RSA signing with JavaScript
  
  

SOURCE CODES

The 'rsa-sign' library contains following source codes.

• rsa-sign.js - RSAKey class extension for RSA signing and verification.
• x509.js - X509 class to read subject public key from certificate.
• rsa-pem.js - RSAKey class extension to read PKCS#1 RSA private key PEM file
• asn1hex.js - simple ASN.1 parser to read hexadecimal encoded ASN.1 DER

LICENSE

• LICENSE.txt - RSA-Sign JavaScript Library LICENSE

How to sign

var rsa = new RSAKey();
rsa.readPrivateKeyFromPEMString(_PEM_PRIVATE_KEY_STRING_);
var hSig = rsa.signString("aaa", "sha1"); // sign a string "aaa" with key

How to verify signature

vr x509 = new X509();
x509.readCertPEM(_PEM_X509CERT_STRING_);
var result = x509.subjectPublicKeyRSA.verifyString("aaa", _HEX_SIGNATURE_);

How to add supported signature algorithms

_RSASIGN_DIHEAD['md5'] = "30..."; // Hexadecimal DigestInfo prefix for MD5
_RSASIGN_HASHHEXFUNC['md5'] = md5hex; // function which returns value in hex.

Required Third Party Source Codes

• Tom Wu's jsbn library - BigInteger and RSA
  • base64.js - String encoder for Base64 and Hex
  • jsbn.js - basic BigInteger class
  • jsbn2.js - BigInteger class extension
  • prng4.js - Random number generator
  • rng.js - Random number generator
  • rsa.js - RSAKey class for RSA public key encryption.
  • rsa2.js - RSA class extension for RSA private key decryption.
• Hash algorithm of JavaScript
  • sha1.js - SHA1 algorithm
  • sha256.js - SHA256 algorithm
  NOTE: As for hash algorithm, you can use any other hash implementations. The requirement is to provide a function which returns hexadecimal string as the result.

CHANGES

• 2010-SEP-25 - Web page update
• 2010-JUN-03 - Initial release