search

cisco / node-jose

Apache License 2.0
702 stars 125 forks source link

Provide Stand-alone Examples #48

Open linuxwolf opened 8 years ago

linuxwolf commented 8 years ago

While README.md provides an overview of what a developer can do, it would be very helpful to have some stand-alone, immediately runnable/hackable examples people can start with.

An appropriately open license (maybe even public domain?) would need to be considered.

davesag commented 7 years ago

I agree. I've been trying to implement a very simple encrypt / decrypt pair of methods using RSA key pairs. I've got something encrypting just fine but have no idea how to decrypt it again.

My approach is as follows:

generate RSA public / private key pairs and turn them into JWKs using const makeKey = pem => JWK.asKey(pem, 'pem')

then pass both the public and private keys into my function as follows

const { JWE } = require('node-jose');

const jose = (publicKey, privateKey) => {
  async function encrypt(raw) {
    if (!raw) throw new Error('Missing raw data.')
    const buffer = new Buffer(JSON.stringify(raw));
    return JWE.createEncrypt(publicKey).update(buffer).final();
  }

  async function decrypt(encrypted) {
    if (!encrypted) throw new Error('Missing encrypted data.')
    const buffer = new Buffer(JSON.stringify(encrypted));
    return JWE.createDecrypt(privateKey).decrypt(buffer);
  }

  return { encrypt, decrypt }
}

module.exports = jose;

Encrypting works fine but decrypting fails saying 

Error: no key found
    at processKey (node_modules/node-jose/lib/jwe/decrypt.js:157:22)

see question at StackOverflow for more details.

linuxwolf commented 7 years ago

@davesag your question on StackOverflow should be answered, and the README is updated to at least talk about what key is used for which operation.

Real examples are still pending, though ...

Cidaas commented 6 years ago

I tried the same , 

    var ursa = require("ursa");

    const {
        JWK
    } = require('node-jose');
    const keygen = require('generate-rsa-keypair');
    const jose = require('./joseHelper');

    const rawKeys = keygen();

    const makeKey = pem => JWK.asKey(pem, 'pem');

    async function start() {
        const publicKey = await makeKey(rawKeys.public);
        const privateKey = await makeKey(rawKeys.private);

        const raw = {
            iss: 'test',
            exp: new Date().getTime() + 3600,
            sub: {
                test: 'This is a test',
            },
        };

        const {
            encrypt,
            decrypt
        } = jose(publicKey, privateKey);

        return encrypt(raw).then(encrypted => {
            console.log(encrypted);
            decrypt(encrypted);
        });
    }

    return start().then((result) => {
        console.log('decrypted', result);
    }, (err) => {
        console.error(err);
    });

JoseHelper 

    const {
        JWE
    } = require('node-jose');

    const jose = (publicKey, privateKey) => {
        async function encrypt(raw) {
            if (!raw) throw new Error('Missing raw data.');
            const buffer = new Buffer(JSON.stringify(raw));
            return JWE.createEncrypt(publicKey).update(buffer).final();
        }

        async function decrypt(encrypted) {
            if (!encrypted) throw new Error('Missing encrypted data.');
            return JWE.createDecrypt(privateKey).decrypt(encrypted);
        }

        return {
            encrypt,
            decrypt
        }
    }

    module.exports = jose;

The decrypted result coming as undefined

Anything I am missing ?

asked the same in Stackoverflow ticket as well : https://stackoverflow.com/questions/45475145/using-node-jose-how-do-i-decrypt-the-data-i-just-encrypted/47714087#47714087

davesag commented 6 years ago

return JWE.createEncrypt(publicKey).update(buffer).final(); is returning a Promise not a value.

See https://codeburst.io/securing-tokens-with-help-from-jose-33d8c31835a1 for a working example with detailed explanation.