I want to encrypt data from NodeJs Server and Decrypt it in my Flutter App.
Currently, I am using node-rsa in my NodeJs App.
I have tried several packages from pub.dev, but none can successfully decrypt the data.
Can someone suggest a better way.
Server Side Code (NodeJS) :
const NodeRSA = require('node-rsa');
const text = 'Hello RSA!';
const encrypted = key.encrypt(text, 'base64');
console.log('encrypted: ', encrypted);
Related
I know I can verify plain message with following code:
const verify = crypto.createVerify('sha256')
verify.write(Buffer.from(message, 'base64'))
verify.end()
const verified = verify.verify(publicKey, signatureToVerify, 'base64')
But I need to verify against the already hashed message, instead of node hashing it for me. Is it possible to do it with node's crypto module?
I am building a decentralized app using Node.js. I need the node.js app to receive a message from the frontend, use web3.js to sign the message and send the signature back to the frontend.
I am thinking of passing as a environmental variable a predefined private key to the node.js app. Then use the private key to instantiate Web3 and call web3.personal.sign to sign the message. I need the signing process to occur on the server side, so I don't believe that using a client-side wallet like Metamask would be applicable.
I am new to Blockchain and Web3 development so I am not sure if what I am asking is feasible.
You can pass the private key to wallet.add(), and then sign the message using web3.eth.sign().
web3.eth.accounts.wallet.add(SIGNER_PRIVATE_KEY);
const message = "Hello world";
// sign
const signature = await web3.eth.sign(message, SIGNER_ADDRESS);
// recover
const recoveredSigner = web3.eth.accounts.recover(message, signature);
console.log(recoveredSigner == SIGNER_ADDRESS);
NodeJS have crypto module where DiffieHellman is a class. So, I can use this method to generate key and compute key.
But, client also need to create another instance of diffiehellman class. But how to do that? Can I use crypto module on client side? If yes then how, any solution? Here are my client side code...
const crypto = require('crypto');
const express = require('express');
const app = express();
// Generate server's keys...
const server = crypto.createDiffieHellman(139);
const serverKey = server.generateKeys();
//send p=prime and g=generator to the client
Node.js has own "crypto" module to use DiffieHellman algorithm, so you can watch it and write it on browser on your own.
Second way is take library ready for use (on github or else), e.g. this one.
I'm having trouble connecting my chat application to Node.js server running on Ubuntu 16.04. The problem seems to be the ssl certificate which have been generated using 'letsencrypt'.
I have successfully connected to my Node.js server using a openssl certificate - this however only works in my Chrome browser.
Here is my code for the Node.js part.:
let fs = require('fs');
let https = require('https');
var options = {
key: fs.readFileSync('./file.pem'),
cert: fs.readFileSync('./file.crt')
};
let server = https.createServer(options);
let io = require('socket.io')(server);
let Redis = require('ioredis');
let redis = new Redis();
redis.subscribe('all-chat');
redis.on('message', function (channel, message) {
message = JSON.parse(message);
io.emit(channel + ':' + message.event, message.data);
});
server.listen(3201);
The error code I'm getting from my browser is.:
net::ERR_INSECURE_RESPONSE
My guess is that for some odd reason the certificates I have obtained is not following a standard of some sorts, so the browser discards the response.
For what I can gather around the web about this problem - the solution should be using a certificate from 'letsencrypt' and/or multiple variations of.:
var options = { ... };
And I do believe I have tried every possible combination.
If I open my website in two windows, one in Edge and one in Chrome, I can succesfully send a message from Edge to Chrome - the message will however not be shown in Edge as it should.
Thanks in advance for any detail that may put me back on track!
The answer was rather simple. To be sure you can use your certificate you can use the diagnostic tool found on https://www.digicert.com/help/.
For the connection from client to my Node.js end I stated the IP on the client side - and that will not do when using a certificate which have been created with the public domain. So I changed the IP on the client side from the IP to the public domain and it worked!
I'm trying to secure the Node Redis IPC server to use a private/public key. I've followed this tutorial which uses stunnel which wraps the tunnel used by Redis under a SSL layer.
The example is not for Node, but it does secure the connection, and I only can connect to the server if I include the certification in my config file, otherwise the connection is reseted.
However, I cannot replicate this with NodeJS. On my server computer, I have:
var redis = require('redis');
var client = redis.createClient();
client.auth('myPassword');
client.publish('instances', 'start');
And my on my client computer I have:
var redis = require('redis');
var client = redis.createClient();
client.auth('myPassword');
client.subscribe('instances');
client.on('message', function (channel, message) {
console.log("Got message " + message + " from channel " + channel);
})
But, the two devices communicate whether or not I include the certification in my stunnel config file. How can I secure this connection up?
Cheers
You can do this by passing in the tls configuration when creating the client like so
var redis = require("redis");
var client = redis.createClient(6380,'location.of.server', {auth_pass: 'password', tls: {servername: 'location.of.server'}});
I have also searched for this . But redis doesn't need any ssl since in runs only on verified private networks. The only way to provide security using stunnel. Since we can enable password by using AUTH command. In redis they have provided a password generator which is named as GPG key. Which generated a 2048 length key which will provide security. I think my answer is relevant.