jsrsasign - RSA Signing and Verification in JavaScript

Kenji Urushima
Last Update: Apr 30, 2012

The 'jsrsasign'(RSA-Sign JavaScript Library) is a open source free pure JavaScript implementation of PKCS#1 v2.1 RSASSA-PKCS1-v1_5 RSA signing and validation algorithm.

NEWS

Release 1.2 is now available on Apr 30, 2012 for fixing critical zero padding bug and supporting some other hash functions.

DEMO

Sample Application for RSA signing with JavaScript

SOURCE CODES

The 'rsa-sign' library contains following source codes.

rsa-sign.js - RSAKey class extension for RSA signing and verification.
x509.js - X509 class to read subject public key from a PEM formatted X.509 certificate.
rsa-pem.js - RSAKey class extension to read PKCS#1 RSA private key PEM file
asn1hex.js - simple ASN.1 parser to read hexadecimal encoded ASN.1 DER

LICENSE

The 'jsrsasign'(RSA-Sign JavaScript Library) is licensed under the terms of the MIT license reproduced below.

LICENSE.txt - RSA-Sign JavaScript Library LICENSE

How to sign


var rsa = new RSAKey();
rsa.readPrivateKeyFromPEMString(_PEM_PRIVATE_KEY_STRING_);
var hSig = rsa.signString("aaa", "sha1"); // sign a string "aaa" with key

How to verify signature


vr x509 = new X509();
x509.readCertPEM(_PEM_X509CERT_STRING_);
var result = x509.subjectPublicKeyRSA.verifyString("aaa", _HEX_SIGNATURE_);

How to add supported signature algorithms

The script "rsa-sign.js" currently supports SHA1withRSA, SHA256withRSA, SHA512withRSA, MD5withRSA and RIPEMD160withRSA signature algorithms. However you can extend other signature algorithms such like MD2withRSA or SHA384withRSA by just specifying two variables in it.


_RSASIGN_DIHEAD['md2'] = "30..."; // Hexadecimal DigestInfo prefix for MD5
_RSASIGN_HASHHEXFUNC['md2'] = md2hex; // function which returns value in hex.

Required Third Party Source Codes

Tom Wu's jsbn library - BigInteger and RSA
- base64.js - String encoder for Base64 and Hex
- jsbn.js - basic BigInteger class
- jsbn2.js - BigInteger class extension
- prng4.js - Random number generator
- rng.js - Random number generator
- rsa.js - RSAKey class for RSA public key encryption.
- rsa2.js - RSA class extension for RSA private key decryption.
Paul Johnston's JavaScript MD5
- You can download MD5, SHA1, SHA256, SHA512 and RIPEMD-160 implementation of JavaScript.
NOTE: As for hash algorithm, you can use any other hash implementations. The requirement is to provide a function which returns hexadecimal string as the result.

Release

Release 1.2: Apr 30, 2012 - Critical zero padding bug fix and some other hash support
Release 1.1: Sep 25, 2010 - Web contents update
Release 1.0: Jun 03, 2010 - Initial release

See 'ChangeLog.txt' in detail.