Node.js tlsSocket.exportKeyingMaterial() Method
Last Updated :
29 Sep, 2020
The tlsSocket.exportKeyingMaterial() is an inbuilt application programming interface of class TLSSocket within tls module which is used to return the requested bytes of the keying material to prevent different kind of attacks in network protocols.
Syntax:
const tlsSocket.exportKeyingMaterial(length, label[, context])
Parameters: This method takes the following argument as parameter:
- length: It is the number of bytes.
- label: It’s an application specific label.
- context: Context for generating the keying material.
Return Value: This method returns the buffer containing the keying material.
How to generate Private key and Public certificate?
-
Private key: Open notepad and copy paste the following key:
-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQC38R9wXcUbhOd44FavgmE5R3K4JeYOHLnI7dUq1B8/Gv7l3SOg
JKef/m9gM1KvUx951mapXGtcWgwB08J3vUE2YOZ4tWJArrVZES0BI/RmFAyhQFP5
HcWl3LSM9LRihP98F33oIkKaCxA5LxOrkgpV4HrUzIKTABDYah7RPex1WQIDAQAB
AoGBAIXR71xxa9gUfc5L7+TqBs+EMmrUb6Vusp8CoGXzQvRHMJCMrMFySV0131Nu
o0YYRDsAh1nJefYLMNcXd1BjqI+qY8IeRsxaY+9CB2KKGVVDO2uLdurdC2ZdlWXT
Vwr3dDoyR0trnXJMmH2ijTeO6bush8HuXxvxJBjvEllM5QYxAkEA3jwny9JP+RFu
0rkqPBe/wi5pXpPl7PUtdNAGrh6S5958wUoR4f9bvwmTBv1nQzExKWu4EIp+7vjJ
fBeRZhnBvQJBANPjjge8418PS9zAFyKlITq6cxmM4gOWeveQZwXVNvav0NH+OKdQ
sZnnDiG26JWmnD/B8Audu97LcxjxcWI8Jc0CQEYA5PhLU229lA9EzI0JXhoozIBC
TlcKFDuLm88VSmlHqDyqvF9YNOpEdc/p2rFLuZS2ndB4D+vu6mjwc5iZ3HECQCxy
GBHRclQ3Ti9w76lpv+2kvI4IekRMZWDWnnWfwta+DGxwCgw2pfpleBZkWqdBepb5
JFQbcxQJ0wvRYXo8qaUCQQCgTvWswBj6OTP7LTvBlU1teAN2Lnrk/N5AYHZIXW6m
nUG9lYvH7DztWDTioXMrruPF7bdXfZOVJD8t0I4OUzvC
-----END RSA PRIVATE KEY-----
Now save the filename as private-key.pem
-
Public certificate: Open notepad and copy paste the following key:
-----BEGIN CERTIFICATE-----
MIICfzCCAegCCQDxxeXw914Y2DANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMC
SU4xEzARBgNVBAgMCldlc3RiZW5nYWwxEDAOBgNVBAcMB0tvbGthdGExFDASBgNV
BAoMC1BhbmNvLCBJbmMuMRUwEwYDVQQDDAxSb2hpdCBQcmFzYWQxIDAeBgkqhkiG
9w0BCQEWEXJvZm9mb2ZAZ21haWwuY29tMB4XDTIwMDkwOTA1NTExN1oXDTIwMTAw
OTA1NTExN1owgYMxCzAJBgNVBAYTAklOMRMwEQYDVQQIDApXZXN0YmVuZ2FsMRAw
DgYDVQQHDAdLb2xrYXRhMRQwEgYDVQQKDAtQYW5jbywgSW5jLjEVMBMGA1UEAwwM
Um9oaXQgUHJhc2FkMSAwHgYJKoZIhvcNAQkBFhFyb2ZvZm9mQGdtYWlsLmNvbTCB
nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAt/EfcF3FG4TneOBWr4JhOUdyuCXm
Dhy5yO3VKtQfPxr+5d0joCSnn/5vYDNSr1MfedZmqVxrXFoMAdPCd71BNmDmeLVi
QK61WREtASP0ZhQMoUBT+R3Fpdy0jPS0YoT/fBd96CJCmgsQOS8Tq5IKVeB61MyC
kwAQ2Goe0T3sdVkCAwEAATANBgkqhkiG9w0BAQsFAAOBgQATe6ixdAjoV7BSHgRX
bXM2+IZLq8kq3s7ck0EZrRVhsivutcaZwDXRCCinB+OlPedbzXwNZGvVX0nwPYHG
BfiXwdiuZeVJ88ni6Fm6RhoPtu2QF1UExfBvSXuMBgR+evp+e3QadNpGx6Ppl1aC
hWF6W2H9+MAlU7yvtmCQQuZmfQ==
-----END CERTIFICATE-----
Now save the filename as public-cert.pem
Example 1: Filename: index.js
var tls = require('tls'),
fs = require('fs'),
PORT = 1337,
HOST = '127.0.0.1',
value = null;
var options = {
key: fs.readFileSync('private-key.pem'),
cert: fs.readFileSync('public-cert.pem'),
rejectUnauthorized: false
};
var server = tls.createServer(options, function(socket) {
socket.on('data', function(data) {
console.log('\nReceived: %s ',
data.toString().replace(/(\n)/gm, ""));
});
server.close(() => {
console.log("Server closed successfully");
});
});
server.listen(PORT, HOST, function() {
console.log("I'm listening at %s, on port %s", HOST, PORT);
});
var client = tls.connect(PORT, HOST, options, function() {
value = client.exportKeyingMaterial(
128, 'client finished');
client.write("keying material : " + value.toJSON().data);
client.end(() => {
console.log("Client closed successfully");
});
});
|
Run the index.js file using the following command:
node index.js
Output:
I'm listening at 127.0.0.1, on port 1337
Client closed successfully
Received: keying material : 10, 183, 131,....... 52, 121, 159
Server closed successfully
Example 2: Filename: index.js
var tls = require('tls'),
fs = require('fs'),
PORT = 1337,
HOST = '127.0.0.1';
var options = {
key: fs.readFileSync('private-key.pem'),
cert: fs.readFileSync('public-cert.pem'),
rejectUnauthorized: false
};
var server = tls.createServer(options, function(socket) {
value = socket.exportKeyingMaterial(
128, 'server finished');;
socket.write("keying material : " + value.toJSON().data);
server.close(() => {
console.log("Server closed successfully")
});
});
server.listen(PORT, HOST, function() {
console.log("I'm listening at %s, on port %s", HOST, PORT);
});
var client = tls.connect(PORT, HOST, options, function() {
console.log("client is connected");
});
client.on("data", function(data) {
console.log('Received: %s',
data.toString().replace(/(\n)/gm, ""));
client.end(() => {
console.log("client closed successfully")
});
});
|
Run the index.js file using the following command:
node index.js
Output:
I'm listening at 127.0.0.1, on port 1337
client is connected
Received: keying material : 239, 29, 74, 173 .... 209, 242, 131
client closed successfully
Server closed successfully
Reference: https://nodejs.org/dist/latest-v12.x/docs/api/tls.html#tls_tlssocket_exportkeyingmaterial_length_label_context
Like Article
Suggest improvement
Share your thoughts in the comments
Please Login to comment...