Object built-in object
  1. front page
  2. built-in objects
  3. ObjectPKey

ObjectPKey

PKey is built-incryptoAn object provided by the module that represents a pair of keys: a public key and a private key. PKey supports generating keys, loading keys, storing keys and managing the encryption process in JS

The PKey object supports multiple encryption algorithms, such as RSA, EC or Ed25519, etc. Each encryption algorithm has its own unique way of generating and managing keys. The PKey object also contains attributes such as the algorithm name to which the key belongs and the key length.

The following are common methods of PKey and their examples:

  1. generateKey(alg | bits): Generate a pair of keys, alg specifies the key algorithm, bits specifies the key length, and the default is 2048.
1
2
3
var crypto = require('crypto');

var pkey = crypto.generateKey(2048);
  1. from(value[, password]): Load the key in DER or PEM format into the PKey object.
1
2
3
var crypto = require('crypto');

var pkey = crypto.PKey.from(fs.readFile('rsa.private.pem'));
  1. publicKey: Get the public key of the current key.
1
2
3
4
var crypto = require('crypto');

var pkey = crypto.PKey.from(fs.readFile('rsa.private.pem'));
var pubkey = pkey.publicKey;
  1. equals(other): Determine whether two public and private keys are equal.
1
2
3
4
5
var crypto = require('crypto');

var pkey1 = crypto.PKey.from(fs.readFile('rsa.private.pem'));
var pkey2 = crypto.PKey.from(fs.readFile('rsa.public.pem'));
console.log(pkey1.equals(pkey2)); // output: true

inheritance relationship

%0 object object toString() toJSON() PKey PKey new PKey() from() name keySize alg publicKey isPrivate() clone() pem() der() json() equals() encrypt() decrypt() sign() verify() object->PKey ECKey ECKey PKey->ECKey BlsKey BlsKey ECKey->BlsKey Ed25519Key Ed25519Key ECKey->Ed25519Key

Constructor

PKey

Construct PKey from key in DER format

1
2
new PKey(Buffer DerKey,
    String password = "");

Call parameters:

  • DerKey:Buffer, key in DER format
  • password: String, decryption password

Construct PKey from key in PEM format

1
2
new PKey(String pemKey,
    String password = "");

Call parameters:

  • pemKey: String, key in PEM format
  • password: String, decryption password

Construct PKey from key in JSON format

1
new PKey(Object jsonKey);

Call parameters:

  • jsonKey: Object, key in JSON format

The format of jsonKey supports the following four types of RSA private keys:

1
2
3
4
5
6
7
8
9
10
11
{
    "kty": "RSA",
    "n": "0m5lvKpWqy9JS7tV2HIPqHCYHLquSuxIC3F8strIQLJKO3rZmTT96KTnhsOfBO7Y1bI7mnT0PB3_vcHd9ekWMEoZJQw7MuB8KeM_Wn54-elJr5DNLk5bMppSGxX7ZnumiXGG51_X3Yp-_EbGtDG80GxXXix7Mucyo7K25uE0uW8=",
    "e": "AQAB",
    "d": "agN2O9NxMHL1MTMi75WfL9Pxvl-KWXKqZSF6mjzAsF9iKI8euyHIXYFepzU8kual1RsjDhCnzvWqFvZplW8lXqrHf_P-rS_9Y4gBUw6pjnI_DnFIRwWHRvrUHHSCfWOdTCIKdOTkgLZuGFuhEY3RMIW0WSYejjLtftwy0RVxAzk=",
    "p": "6a4G1qmfwWmn1biigN7IVFlkbLf9oVe6g7rOmHxI-hn1GRxKDSVuAUrmR1IhuAnca9M0y7SD-7TUs6wjOxWxaw==",
    "q": "5ofkxFKdPBD0CQHMb9q13AMHUVe0rJ-hSjqqIBrmqApUOneyAcMV76M0QyIQnI2p3POa4Qu_7XChDwRVl7LlDQ==",
    "dp": "2mXGiGwCHl8j-FBWuID-1C6z-BRB3MBEVoeKPOOzxOPruatB3mWEGXsqG7A8SWgV9URxTI2K6P3J6Z7RUpBkvw==",
    "dq": "oagn5vfb5NQqnOpS9xkSsD67cfIj821ZSFlNFYhnuOzNVda7z_qCtnHm4zDPH0lEFXoKYMfBhfqWJpaugttjPQ==",
    "qi": "dqEQgxNmOVFrF4s776hTqeC6oEDila8EvpVb2F2ZvwAOLjCQ66OiAZK1BiYGHqUy0NeqNmtlsLSuBEZQZvqZwg=="
}

RSA public key:

1
2
3
4
5
{
    "kty": "RSA",
    "n": "0m5lvKpWqy9JS7tV2HIPqHCYHLquSuxIC3F8strIQLJKO3rZmTT96KTnhsOfBO7Y1bI7mnT0PB3_vcHd9ekWMEoZJQw7MuB8KeM_Wn54-elJr5DNLk5bMppSGxX7ZnumiXGG51_X3Yp-_EbGtDG80GxXXix7Mucyo7K25uE0uW8=",
    "e": "AQAB"
}

EC private key:

1
2
3
4
5
6
7
{
    "kty": "EC",
    "crv": "P-521",
    "x": "ATfNNFuuvlGxrTGoXgyfSAGgRNNDnO3rN3k74urKJdVS14RYhdnSwm91Bm-F1l-T1XKlAY2yRnzG9w1Ukvo8c0wL",
    "y": "ASBHqrruB6kdkEUB3vlW3-UIkk4HtKdUeTwN-7m3j2rgZvYR1ffRAapDvWqKGiBjomqWafxokBkbDI0c95f6f4XU",
    "d": "AfkIbUHXfW41njdpoKuqqKludcoLJS8D_oMEwkj-GVaXFNKccIoF5iKGu2c69kNDjo83R_7wyGlfRczsklkik1ST"
}

EC public key:

1
2
3
4
5
6
{
    "kty": "EC",
    "crv": "P-521",
    "x": "ATfNNFuuvlGxrTGoXgyfSAGgRNNDnO3rN3k74urKJdVS14RYhdnSwm91Bm-F1l-T1XKlAY2yRnzG9w1Ukvo8c0wL",
    "y": "ASBHqrruB6kdkEUB3vlW3-UIkk4HtKdUeTwN-7m3j2rgZvYR1ffRAapDvWqKGiBjomqWafxokBkbDI0c95f6f4XU"
}

static function

from

Load a key in DER format

1
2
static PKey PKey.from(Buffer DerKey,
    String password = "");

Call parameters:

  • DerKey:Buffer, key in DER format
  • password: String, decryption password

Return results:

  • PKey, returns an object containing the key

Load a key in PEM format

1
2
static PKey PKey.from(String pemKey,
    String password = "");

Call parameters:

  • pemKey: String, key in PEM format
  • password: String, decryption password

Return results:

  • PKey, returns an object containing the key

Load a key in JSON format

1
static PKey PKey.from(Object jsonKey);

Call parameters:

  • jsonKey: Object, key in JSON format

Return results:

  • PKey, returns an object containing the key

The format of jsonKey supports the following four types of RSA private keys:

1
2
3
4
5
6
7
8
9
10
11
{
    "kty": "RSA",
    "n": "0m5lvKpWqy9JS7tV2HIPqHCYHLquSuxIC3F8strIQLJKO3rZmTT96KTnhsOfBO7Y1bI7mnT0PB3_vcHd9ekWMEoZJQw7MuB8KeM_Wn54-elJr5DNLk5bMppSGxX7ZnumiXGG51_X3Yp-_EbGtDG80GxXXix7Mucyo7K25uE0uW8=",
    "e": "AQAB",
    "d": "agN2O9NxMHL1MTMi75WfL9Pxvl-KWXKqZSF6mjzAsF9iKI8euyHIXYFepzU8kual1RsjDhCnzvWqFvZplW8lXqrHf_P-rS_9Y4gBUw6pjnI_DnFIRwWHRvrUHHSCfWOdTCIKdOTkgLZuGFuhEY3RMIW0WSYejjLtftwy0RVxAzk=",
    "p": "6a4G1qmfwWmn1biigN7IVFlkbLf9oVe6g7rOmHxI-hn1GRxKDSVuAUrmR1IhuAnca9M0y7SD-7TUs6wjOxWxaw==",
    "q": "5ofkxFKdPBD0CQHMb9q13AMHUVe0rJ-hSjqqIBrmqApUOneyAcMV76M0QyIQnI2p3POa4Qu_7XChDwRVl7LlDQ==",
    "dp": "2mXGiGwCHl8j-FBWuID-1C6z-BRB3MBEVoeKPOOzxOPruatB3mWEGXsqG7A8SWgV9URxTI2K6P3J6Z7RUpBkvw==",
    "dq": "oagn5vfb5NQqnOpS9xkSsD67cfIj821ZSFlNFYhnuOzNVda7z_qCtnHm4zDPH0lEFXoKYMfBhfqWJpaugttjPQ==",
    "qi": "dqEQgxNmOVFrF4s776hTqeC6oEDila8EvpVb2F2ZvwAOLjCQ66OiAZK1BiYGHqUy0NeqNmtlsLSuBEZQZvqZwg=="
}

RSA public key:

1
2
3
4
5
{
    "kty": "RSA",
    "n": "0m5lvKpWqy9JS7tV2HIPqHCYHLquSuxIC3F8strIQLJKO3rZmTT96KTnhsOfBO7Y1bI7mnT0PB3_vcHd9ekWMEoZJQw7MuB8KeM_Wn54-elJr5DNLk5bMppSGxX7ZnumiXGG51_X3Yp-_EbGtDG80GxXXix7Mucyo7K25uE0uW8=",
    "e": "AQAB"
}

EC private key:

1
2
3
4
5
6
7
{
    "kty": "EC",
    "crv": "P-521",
    "x": "ATfNNFuuvlGxrTGoXgyfSAGgRNNDnO3rN3k74urKJdVS14RYhdnSwm91Bm-F1l-T1XKlAY2yRnzG9w1Ukvo8c0wL",
    "y": "ASBHqrruB6kdkEUB3vlW3-UIkk4HtKdUeTwN-7m3j2rgZvYR1ffRAapDvWqKGiBjomqWafxokBkbDI0c95f6f4XU",
    "d": "AfkIbUHXfW41njdpoKuqqKludcoLJS8D_oMEwkj-GVaXFNKccIoF5iKGu2c69kNDjo83R_7wyGlfRczsklkik1ST"
}

EC public key:

1
2
3
4
5
6
{
    "kty": "EC",
    "crv": "P-521",
    "x": "ATfNNFuuvlGxrTGoXgyfSAGgRNNDnO3rN3k74urKJdVS14RYhdnSwm91Bm-F1l-T1XKlAY2yRnzG9w1Ukvo8c0wL",
    "y": "ASBHqrruB6kdkEUB3vlW3-UIkk4HtKdUeTwN-7m3j2rgZvYR1ffRAapDvWqKGiBjomqWafxokBkbDI0c95f6f4XU"
}

member properties

name

String, returns the current algorithm name

1
readonly String PKey.name;

keySize

Integer, returns the current algorithm password length in bits

1
readonly Integer PKey.keySize;

alg

String, returns and sets the current object signature algorithm

1
readonly String PKey.alg;

publicKey

PKey, returns the public key of the current key

1
readonly PKey PKey.publicKey;

Return results:

  • the public key of the current key

member function

isPrivate

Query whether the current key is a private key

1
Boolean PKey.isPrivate();

Return results:

  • Boolean, is True and represents the private key

clone

copy current key

1
PKey PKey.clone();

Return results:

  • PKey, the copy object of the current key

pem

Returns the PEM format encoding of the current key

1
String PKey.pem();

Return results:

  • String, PEM format encoding of the current key

der

Returns the DER format encoding of the current key

1
Buffer PKey.der();

Return results:

  • Buffer, the DER format encoding of the current key

json

Returns the jwt format encoding of the current key

1
Object PKey.json(Object opts = {});

Call parameters:

  • opts: Object, specify export options

Return results:

  • Object, the jwt format encoding of the current key

opts supports the following parameters:

1
2
3
{
    compress: false // specify whether to output public key in compressed form
}

Curves that support compression are: secp192r1, secp192k1, secp256r1, secp256k1, brainpoolP256r1, secp384r1, brainpoolP384r1, brainpoolP512r1, secp521r1, sm2

equals

Compare two public/private keys to see if they are the same

1
Boolean PKey.equals(object key);

Call parameters:

  • key:object, specify the other party’s public/private key

Return results:

  • Boolean, if they are the same, return true

encrypt

Encrypt data using current algorithm cipher public key

1
Buffer PKey.encrypt(Buffer data) async;

Call parameters:

  • data:Buffer, specify the data to be encrypted

Return results:

  • Buffer, returns the encrypted data

decrypt

Decrypt data using current algorithm password private key

1
Buffer PKey.decrypt(Buffer data) async;

Call parameters:

  • data:Buffer, specify the data to be decrypted

Return results:

  • Buffer, returns the decrypted data

sign

Sign data using the current algorithm cryptographic private key

1
2
Buffer PKey.sign(Buffer data,
    Object opts = {}) async;

Call parameters:

  • data:Buffer, specify the data to be signed. When the algorithm is RSA, the input parameter needs to be executed with the algorithm specified by alg.hash
  • opts: Object, specify signature options

Return results:

  • Buffer, return the signed data

opts supports the following parameters:

1
2
3
4
5
{
    alg: 0, // specify the hash algorithm for signing, only valid for RSA, default is 0. Supported algorithms: 0=NONE,1=MD5,2=SHA1,3=SHA224,4=SHA256,5=SHA384,6=SHA512,7=RIPEMD160
    format: "der", // specify the signature format, default is der, supported formats: der, raw
    recoverable: false // specify whether to return a recoverable signature, only valid for secp256k1
}

verify

Verify data using current algorithm cryptographic public key

1
2
3
Boolean PKey.verify(Buffer data,
    Buffer sign,
    Object opts = {}) async;

Call parameters:

  • data:Buffer, specify the data to be verified
  • sign:Buffer, specify the signature to be verified
  • opts: Object, specify verification options

Return results:

  • Boolean, returns the verified result

opts supports the following parameters:

1
2
3
4
{
    alg: 0, // specify the hash algorithm for signing, only valid for RSA, default is 0. Supported algorithms: 0=NONE,1=MD5,2=SHA1,3=SHA224,4=SHA256,5=SHA384,6=SHA512,7=RIPEMD160
    format: "der" // specify the signature format, default is der, supported formats: der, raw
}

toString

Returns the string representation of the object. Generally, "[Native Object]" is returned. The object can be re-implemented according to its own characteristics.

1
String PKey.toString();

Return results:

  • String, returns the string representation of the object

toJSON

Returns a JSON format representation of the object, generally returning a collection of readable properties defined by the object.

1
Value PKey.toJSON(String key = "");

Call parameters:

  • key: String, not used

Return results:

  • Value, returns a value containing JSON serializable
© Copyright 2012-2024 fibjs.org | Support us