Monday, July 29, 2019

What is Node.js TLS/SSL ?

What is TLS/SSL

TLS stands for Transport Layer Security. It is the successor to Secure Sockets Layer (SSL). TLS along with SSL is used for cryptographic protocols to secure communication over the web.
TLS uses public-key cryptography to encrypt messages. It encrypts communication generally on the TCP layer.

What is public-key cryptography

In public-key cryptography, each client and each server has two keys: public key and private key. Public key is shared with everyone and private key is secured. To encrypt a message, a computer requires its private key and the recipient?s public key. On the other hand, to decrypt the message, the recipient requires its own

You have to use require('tls') to access this module.
Syntax:
  1. var tls = require('tls');  
The tls module uses OpenSSL to attain Transport Layer Security and Secure Socket Layer. TLS/SSL is a public/private key infrastructure. Each client and each server must have a private key.
A private key can be created like this:
  1. openssl genrsa -out ryans-key.pem 1024   
All severs and some clients need to have a certificate. Certificates are public keys signed by a Certificate Authority or self-signed. To get certificate, you have to create a "Certificate Signing Request" (CSR) file.
A certificate can be created like this:
  1. openssl req -new -key ryans-key.pem -out ryans-csr.pem   
To create a self-signed certificate with the CSR:
  1. openssl x509 -req -in ryans-csr.pem -signkey ryans-key.pem -out ryans-cert.pem   

Node.js TLS client example

File: tls_client.js
  1. tls = require('tls');  
  2. function connected(stream) {  
  3.     if (stream) {  
  4.        // socket connected  
  5.       stream.write("GET / HTTP/1.0\n\rHost: encrypted.google.com:443\n\r\n\r");    
  6.     } else {  
  7.       console.log("Connection failed");  
  8.     }  
  9. }  
  10.  // needed to keep socket variable in scope  
  11. var dummy = this;  
  12.  // try to connect to the server  
  13. dummy.socket = tls.connect(443'encrypted.google.com', function() {  
  14.    // callback called only after successful socket connection  
  15.    dummy.connected = true;  
  16.    if (dummy.socket.authorized) {  
  17.       // authorization successful  
  18.       dummy.socket.setEncoding('utf-8');  
  19.       connected(dummy.socket);  
  20.    } else {  
  21.       // authorization failed  
  22.      console.log(dummy.socket.authorizationError);  
  23.      connected(null);  
  24.    }  
  25. });  
  26.  dummy.socket.addListener('data', function(data) {  
  27.    // received data  
  28.    console.log(data);  
  29. });  
  30.  dummy.socket.addListener('error', function(error) {  
  31.    if (!dummy.connected) {  
  32.      // socket was not connected, notify callback  
  33.      connected(null);  
  34.    }  
  35.    console.log("FAIL");  
  36.    console.log(error);  
  37. });  
  38.  dummy.socket.addListener('close', function() {  
  39.  // do something  
  40. });  
Output:
Node.js tls ssl example 1

No comments:

Post a Comment