Reputation: 44807
NodeJS, RSA, is this secure?
Is this a secure way of encrypting with a public key and decrypting with the private?
If not, what do I need to add? A pass of AES or similar?
var ursa = require('ursa');
var fs = require('fs');
// create a pair of keys (a private key contains both keys...)
var keys = ursa.generatePrivateKey();
console.log('keys:', keys);
// reconstitute the private key from a base64 encoding
var privPem = keys.toPrivatePem('base64');
console.log('privPem:', privPem);
var priv = ursa.createPrivateKey(privPem, '', 'base64');
// make a public key, to be used for encryption
var pubPem = keys.toPublicPem('base64');
console.log('pubPem:', pubPem);
var pub = ursa.createPublicKey(pubPem, 'base64');
// encrypt, with the public key, then decrypt with the private
var data = new Buffer('hello world');
console.log('data:', data);
var enc = pub.encrypt(data);
console.log('enc:', enc);
var unenc = priv.decrypt(enc);
console.log('unenc:', unenc);
Upvotes: 2
Views: 1844
Answers (1)
Reputation: 94038
It looks secure, but if you want to encrypt strings you should normally use hybrid encryption. In that case you should indeed use AES. It is highly advisable to use some kind of message authentication as well if you use AES, especially if padding oracles could apply.
What's completely missing from your code is of course a method of trusting the public key. You generate the key pair in the code, but that is something that should not be performed frequently. Key management is one of the most important parts of cryptography.
Furthermore, this library looks like a one man show. Even if SLaks has contributed, you should be extremely wary of those kind of projects. For instance, the SJCL libraries had some huge holes in them and there have been some serious issues found within RNCrypt as well. Furthermore, these kind of projects easily end up without maintainer.
Documentation of the library is rather sparse as well. E.g. I presume that the generatePrivateKey() creates a key pair with a size of 2048 by default, but there is no way of checking that except for a code review or (indeed) testing the output. I don't presume it defaults to 512 bits, but with just the API doc, I cannot be sure.
Upvotes: 1
Related Questions
- Looking for advice on JavaScript RSA encryption
- Decrypting RSA with JavaScript
- Custom RSA implementation in Javascript (NodeJS)
- RSA encryption between c++ and node.js
- Node.js Builtin Crypto: RSA Decryption
- Create RSA Token in nodejs
- RSA encryption back from server nodejs
- Node.js correct way to make rsa encrypt?
- Issue using RSA encryption in javascript
- node.js rsa encryption/decryption