(Node.js) RSA Signature/Verify with .key and .cer

Demonstrates how to use a .key file (private key) and digital certificate (.cer, public key) to create and verify an RSA signature.

Install Chilkat for Node.js and Electron using npm at Chilkat npm packages for Node.js Chilkat npm packages for Electron on Windows, Linux, MacOSX, and ARM

var os = require('os');
if (os.platform() == 'win32') {  
    if (os.arch() == 'ia32') {
        var chilkat = require('@chilkat/ck-node11-win-ia32');
    } else {
        var chilkat = require('@chilkat/ck-node11-win64'); 
    }
} else if (os.platform() == 'linux') {
    if (os.arch() == 'arm') {
        var chilkat = require('@chilkat/ck-node11-arm');
    } else if (os.arch() == 'x86') {
        var chilkat = require('@chilkat/ck-node11-linux32');
    } else {
        var chilkat = require('@chilkat/ck-node11-linux64');
    }
} else if (os.platform() == 'darwin') {
    var chilkat = require('@chilkat/ck-node11-macosx');
}

function chilkatExample() {

    var privKey = new chilkat.PrivateKey();

    var success;

    // Load the private key from an RSA .key file:
    success = privKey.LoadPemFile("privateKey.key");
    if (success !== true) {
        console.log(privKey.LastErrorText);
        return;
    }

    var privKeyXml;
    // Get the private key in XML format:
    privKeyXml = privKey.GetXml();

    var rsa = new chilkat.Rsa();

    // Any string argument automatically begins the 30-day trial.
    var success = rsa.UnlockComponent("30-day trial");
    if (success !== true) {
        console.log(rsa.LastErrorText);
        return;
    }

    // Import the private key into the RSA component:
    success = rsa.ImportPrivateKey(privKeyXml);
    if (success !== true) {
        console.log(rsa.LastErrorText);
        return;
    }

    // Create the signature as a hex string:
    rsa.EncodingMode = "hex";

    // If some other non-Chilkat application or web service is going to be verifying
    // the signature, it is important to match the byte-ordering.
    // The LittleEndian property may be set to true
    // for little-endian byte ordering, 
    // or false  for big-endian byte ordering.
    // Microsoft apps typically use little-endian, while
    // OpenSSL and other services (such as Amazon CloudFront)
    // use big-endian.
    rsa.LittleEndian = false;

    var strData = "This is the string to be signed.";

    // Sign the string using the sha-1 hash algorithm.
    // Other valid choices are "md2", "sha256", "sha384",
    // "sha512", and "md5".
    var hexSig = rsa.SignStringENC(strData,"sha-1");

    console.log(hexSig);

    // Load a digital certificate from a .cer file:
    var cert = new chilkat.Cert();

    success = cert.LoadFromFile("myCert.cer");
    if (success !== true) {
        console.log(cert.LastErrorText);
        return;
    }

    // pubKey: PublicKey
    var pubKey;

    pubKey = cert.ExportPublicKey();

    // Now verify using a separate instance of the RSA object:
    var rsa2 = new chilkat.Rsa();

    // Import the public key into the RSA object:
    success = rsa2.ImportPublicKey(pubKey.GetXml());
    if (success !== true) {
        console.log(rsa2.LastErrorText);
        return;
    }

    // The signature is a hex string, so make sure the EncodingMode is correct:
    rsa2.EncodingMode = "hex";

    // Verify the signature:
    success = rsa2.VerifyStringENC(strData,"sha-1",hexSig);
    if (success !== true) {
        console.log(rsa2.LastErrorText);
        return;
    }

    console.log("Success.");

}

chilkatExample();