(Node.js) RSA Signature/Verify with .key and .cer

See more RSA Examples

Demonstrates how to use a .key file (private key) and digital certificate (.cer, public key) to create and verify an RSA signature.

Install Chilkat for Node.js and Electron using npm at

Chilkat npm packages for Node.js
Chilkat npm packages for Electron
on Windows, Linux, MacOS

var os = require('os');
if (os.platform() == 'win32') {  
  var chilkat = require('@chilkat/ck-node23-win64'); 
} else if (os.platform() == 'linux') {
    if (os.arch() == 'arm') {
        var chilkat = require('@chilkat/ck-node23-linux-arm');
    } else if (os.arch() == 'arm64') {
        var chilkat = require('@chilkat/ck-node23-linux-arm64');
    } else {
        var chilkat = require('@chilkat/ck-node23-linux-x64');
    }
} else if (os.platform() == 'darwin') {
  var chilkat = require('@chilkat/ck-node23-mac-universal');
}

function chilkatExample() {

    // This example assumes the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    var privKey = new chilkat.PrivateKey();

    // Load the private key from an RSA .key file:
    var success = privKey.LoadPemFile("privateKey.key");
    if (success !== true) {
        console.log(privKey.LastErrorText);
        return;
    }

    var privKeyXml;
    // Get the private key in XML format:
    privKeyXml = privKey.GetXml();

    var rsa = new chilkat.Rsa();

    // Import the private key into the RSA component:
    success = rsa.ImportPrivateKey(privKeyXml);
    if (success !== true) {
        console.log(rsa.LastErrorText);
        return;
    }

    // Create the signature as a hex string:
    rsa.EncodingMode = "hex";

    var strData = "This is the string to be signed.";

    // Sign the string using the sha-1 hash algorithm.
    // Other valid choices are "md2", "sha256", "sha384",
    // "sha512", and "md5".
    var hexSig = rsa.SignStringENC(strData,"sha-1");

    console.log(hexSig);

    // Load a digital certificate from a .cer file:
    var cert = new chilkat.Cert();

    success = cert.LoadFromFile("myCert.cer");
    if (success !== true) {
        console.log(cert.LastErrorText);
        return;
    }

    // pubKey: PublicKey
    var pubKey;

    pubKey = cert.ExportPublicKey();

    // Now verify using a separate instance of the RSA object:
    var rsa2 = new chilkat.Rsa();

    // Import the public key into the RSA object:
    success = rsa2.ImportPublicKey(pubKey.GetXml());
    if (success !== true) {
        console.log(rsa2.LastErrorText);
        return;
    }

    // The signature is a hex string, so make sure the EncodingMode is correct:
    rsa2.EncodingMode = "hex";

    // Verify the signature:
    success = rsa2.VerifyStringENC(strData,"sha-1",hexSig);
    if (success !== true) {
        console.log(rsa2.LastErrorText);
        return;
    }

    console.log("Success.");

}

chilkatExample();