Book Image

Essential Cryptography for JavaScript Developers

By : Alessandro Segala
Book Image

Essential Cryptography for JavaScript Developers

By: Alessandro Segala

Overview of this book

If you’re a software developer, this book will give you an introduction to cryptography, helping you understand how to make the most of it for your applications. The book contains extensive code samples in JavaScript, both for Node.js and for frontend apps running in a web browser, although the core concepts can be used by developers working with any programming language and framework. With a purely hands-on approach that is focused on sharing actionable knowledge, you’ll learn about the common categories of cryptographic operations that you can leverage in all apps you’re developing, including hashing, encryption with symmetric, asymmetric and hybrid ciphers, and digital signatures. You’ll learn when to use these operations and how to choose and implement the most popular algorithms to perform them, including SHA-2, Argon2, AES, ChaCha20-Poly1305, RSA, and Elliptic Curve Cryptography. Later, you’ll learn how to deal with password and key management. All code in this book is written in JavaScript and designed to run in Node.js or as part of frontend apps for web browsers. By the end of this book, you'll be able to build solutions that leverage cryptography to protect user privacy, offer better security against an expanding and more complex threat landscape, help meet data protection requirements, and unlock new opportunities.

Related Content you might be interested in

Current Title:

Small book image
Essential Cryptography for JavaScript Developers
Alessandro Segala
Feb, 2022 | 220 pages
Small book image
Demystifying Cryptography with OpenSSL 3.0
Alexei Khlebnikov
Oct, 2022 | 342 pages
Small book image
Hands-On Cryptography with Python
Samuel Bowne
Jun, 2018 | 100 pages
Small book image
TLS Cryptography In-Depth
Dr Paul Duplys | Dr Roland Schmitz
Jan, 2024 | 712 pages
Table of Contents (13 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Download the color images
Conventions used
Get in touch
Share Your Thoughts
1
Part 1 – Getting Started
Part 1 – Getting Started
Free Chapter
2
Chapter 1: Cryptography for Developers
Chapter 1: Cryptography for Developers
What is cryptography and why should a developer care?
Defining "safe"
Types and "layers" of encryption
Summary
3
Chapter 2: Dealing with Binary and Random Data
Chapter 2: Dealing with Binary and Random Data
Encoding and representing binary data
Base64
Generating cryptographically secure random byte sequences
Summary
4
Part 2 – Using Common Cryptographic Operations with Node.js
Part 2 – Using Common Cryptographic Operations with Node.js
5
Chapter 3: File and Password Hashing with Node.js
Chapter 3: File and Password Hashing with Node.js
Technical requirements
An overview of hashing functions
Calculating digests and generating identifiers
How to "break" a hash
Hashing passwords and deriving keys
Older hashing functions
Summary
6
Chapter 4: Symmetric Encryption in Node.js
Chapter 4: Symmetric Encryption in Node.js
Technical requirements
Symmetric and asymmetric encryption
Symmetric encryption with AES
Symmetric encryption with ChaCha20-Poly1305
Key derivation
Wrapping keys and best practices for encrypting large documents
Summary
7
Chapter 5: Using Asymmetric and Hybrid Encryption in Node.js
Chapter 5: Using Asymmetric and Hybrid Encryption in Node.js
Technical requirements
Understanding public-key and hybrid cryptosystems
Loading, exporting, and encoding public and private keys
Using RSA with Node.js
Key agreements with Elliptic-Curve Diffie-Hellman
Summary
8
Chapter 6: Digital Signatures with Node.js and Trust
Chapter 6: Digital Signatures with Node.js and Trust
Technical requirements
The what, how, and why of digital signatures
Calculating and verifying digital signatures with Node.js
Trust and certificates
Summary
9
Part 3 – Cryptography in the Browser
Part 3 – Cryptography in the Browser
10
Chapter 7: Introduction to Cryptography in the Browser
Chapter 7: Introduction to Cryptography in the Browser
Technical requirements
About cryptography in the browser – uses and challenges
Binary data in the browser
Keys in Web Crypto
Summary
11
Chapter 8: Performing Common Cryptographic Operations in the Browser
Chapter 8: Performing Common Cryptographic Operations in the Browser
Technical requirements
Hashing and key derivation
Symmetric encryption
Asymmetric and hybrid cryptography
Digital signatures
Summary
Why subscribe?
12
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts

Digital signatures

Digital signatures are the last class of cryptographic operations we learned about as we dedicated the biggest part of Chapter 6, Digital Signatures with Node.js and Trust, to them. Once again, in this section we'll revisit them by showing code samples that work in the browser using the WebCrypto APIs instead. Just as we did in Chapter 6, Digital Signatures with Node.js and Trust, we'll look at examples of calculating and verifying digital signatures using both RSA and ECDSA.

Digital signatures with the WebCrypto APIs

With the WebCrypto APIs, we can calculate a signature with the crypto.subtle.sign(algorithm, key, data) method. This returns a promise that resolves with an ArrayBuffer containing our signature's raw bytes, and it requires three parameters:

  • algorithm, the first argument, is an object that contains options for the digital signature algorithm to use. We'll see the details of this in the following sections for the RSA...
Previous Section
End of Section 6
Next Section