RSA Cryptography & Byte Utils

This module provides RSA asymmetric cryptography primitives and critical byte-length validation utilities. All operations are powered by the Go security core for maximum performance and security.

RSA Key Management

Generate 4096-bit RSA key pairs using a cryptographically secure random source. Keys are PEM-encoded and compatible with standard OpenSSL tools.

import { generateRSAKeyPair } from "xypriss-security";

const { publicKey, privateKey } = await generateRSAKeyPair();

console.log(publicKey);
// -----BEGIN PUBLIC KEY-----
// MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA...
// -----END PUBLIC KEY-----

RSA Signatures (RSA-PSS)

XyPriss uses RSA-PSS with SHA-256, the modern successor to PKCS#1 v1.5. It includes random salting, making each signature unique even for identical inputs.

import { rsaSign, rsaVerify } from "xypriss-security";

const signature = await rsaSign(privateKey, "payload-to-sign");
const isValid = await rsaVerify(publicKey, "payload-to-sign", signature);

RSA Encryption (RSA-OAEP)

XyPriss uses RSA-OAEP with SHA-256 for secure asymmetric encryption. Note that RSA is limited by payload size (max 446 bytes for 4096-bit keys with SHA-256).

import { rsaEncrypt, rsaDecrypt } from "xypriss-security";

const encrypted = await rsaEncrypt(publicKey, "secret-value");
const decrypted = await rsaDecrypt(privateKey, encrypted);

Byte Length Utilities

Standard JavaScript .length counts characters, not bytes. For security-sensitive operations like AES-256 key validation, you must use actual UTF-8 byte counts.

import { getByteLength } from "xypriss-security";

getByteLength("café"); // 5
getByteLength("你好"); // 6

import { isValidByteLength } from "xypriss-security";

// Exactly 32 bytes for AES-256
isValidByteLength(keyCandidate, 32);