🔐 @contract-js/crypto

Digital Signature Generation and Verification

Cryptographic utilities for digital signature generation and verification in contract-js.

🎯 Purpose

Provide cryptographic utilities for generating RSA key pairs, creating digital signatures, and verifying signatures for PDF contracts.

✨ Features

• RSA Key Generation – Generate RSA key pairs for digital signatures
• Digital Signing – Create digital signatures for PDF contracts with additional metadata
• Signature Verification – Verify digital signatures against PDF hashes and contract data
• Multiple Algorithms – Support for SHA-1, SHA-256, SHA-384, SHA-512
• Enhanced Security – Signatures include contract data and timestamps for better integrity

🚀 Usage

Key Generation

import { generateRsaKeyPairSync } from '@contract-js/crypto';

const { publicKey, privateKey } = generateRsaKeyPairSync();
console.log('Keys generated successfully');

Digital Signing

import { signContract } from '@contract-js/crypto';

const signature = signContract({
  pdfHash: 'abc123...', // SHA-256 hash of the PDF
  data: { contractId: 'CONTRACT-001', version: '1.0' }, // Additional contract data
  privateKey: privateKeyPem,
  algorithm: 'sha256'
});

console.log('Signature:', signature.signature);
console.log('Signed at:', signature.signedAt);

Signature Verification

import { verifyContractSignature } from '@contract-js/crypto';

const isValid = verifyContractSignature({
  algorithm: 'sha256',
  pdfHash: 'abc123...',
  data: { contractId: 'CONTRACT-001', version: '1.0' }, // Same data used for signing
  signedAt: new Date('2024-01-01T00:00:00Z'), // Original signing timestamp
  publicKey: publicKeyPem,
  signature: signatureString
});

console.log('Signature valid:', isValid);

🔐 Signature Process

The digital signature process now includes additional contract metadata for enhanced security:

1. Payload Creation: Combines PDF hash, contract data, and signing timestamp
2. JSON Serialization: Creates a consistent string representation
3. Digital Signing: Signs the serialized payload using the specified algorithm
4. Base64 Encoding: Returns the signature in base64 format

This approach ensures that signatures are tied to specific contract data and timestamps, providing better integrity verification.

📦 Installation

# npm
npm install @contract-js/crypto

# pnpm (recommended)
pnpm add @contract-js/crypto

# yarn
yarn add @contract-js/crypto

📋 API Reference

| Function | Description | Parameters | |----------|-------------|------------| | generateRsaKeyPairSync | Generate RSA key pair | None | | signContract | Create digital signature | pdfHash, data, privateKey, algorithm | | verifyContractSignature | Verify signature | algorithm, pdfHash, data, signedAt, publicKey, signature |

🔒 Supported Algorithms

• SHA-1 – Fast but less secure
• SHA-256 – Recommended for most use cases
• SHA-384 – Higher security
• SHA-512 – Maximum security

📝 License

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Copyright © Jeonhui