The tlsSocket.exportKeyingMaterial() is an inbuilt application programming interface of class TLSSocket within tls module which is used to return the requested bytes of the keying material to prevent different kind of attacks in network protocols.
Syntax:
const tlsSocket.exportKeyingMaterial(length, label[, context])
Parameters: This method takes the following argument as parameter:
- length: It is the number of bytes.
- label: It’s an application specific label.
- context: Context for generating the keying material.
Return Value: This method returns the buffer containing the keying material.
How to generate Private key and Public certificate?
-
Private key: Open notepad and copy paste the following key:
-----BEGIN RSA PRIVATE KEY----- MIICXQIBAAKBgQC38R9wXcUbhOd44FavgmE5R3K4JeYOHLnI7dUq1B8/Gv7l3SOg JKef/m9gM1KvUx951mapXGtcWgwB08J3vUE2YOZ4tWJArrVZES0BI/RmFAyhQFP5 HcWl3LSM9LRihP98F33oIkKaCxA5LxOrkgpV4HrUzIKTABDYah7RPex1WQIDAQAB AoGBAIXR71xxa9gUfc5L7+TqBs+EMmrUb6Vusp8CoGXzQvRHMJCMrMFySV0131Nu o0YYRDsAh1nJefYLMNcXd1BjqI+qY8IeRsxaY+9CB2KKGVVDO2uLdurdC2ZdlWXT Vwr3dDoyR0trnXJMmH2ijTeO6bush8HuXxvxJBjvEllM5QYxAkEA3jwny9JP+RFu 0rkqPBe/wi5pXpPl7PUtdNAGrh6S5958wUoR4f9bvwmTBv1nQzExKWu4EIp+7vjJ fBeRZhnBvQJBANPjjge8418PS9zAFyKlITq6cxmM4gOWeveQZwXVNvav0NH+OKdQ sZnnDiG26JWmnD/B8Audu97LcxjxcWI8Jc0CQEYA5PhLU229lA9EzI0JXhoozIBC TlcKFDuLm88VSmlHqDyqvF9YNOpEdc/p2rFLuZS2ndB4D+vu6mjwc5iZ3HECQCxy GBHRclQ3Ti9w76lpv+2kvI4IekRMZWDWnnWfwta+DGxwCgw2pfpleBZkWqdBepb5 JFQbcxQJ0wvRYXo8qaUCQQCgTvWswBj6OTP7LTvBlU1teAN2Lnrk/N5AYHZIXW6m nUG9lYvH7DztWDTioXMrruPF7bdXfZOVJD8t0I4OUzvC -----END RSA PRIVATE KEY-----
Now save the filename as private-key.pem
-
Public certificate: Open notepad and copy paste the following key:
-----BEGIN CERTIFICATE----- MIICfzCCAegCCQDxxeXw914Y2DANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMC SU4xEzARBgNVBAgMCldlc3RiZW5nYWwxEDAOBgNVBAcMB0tvbGthdGExFDASBgNV BAoMC1BhbmNvLCBJbmMuMRUwEwYDVQQDDAxSb2hpdCBQcmFzYWQxIDAeBgkqhkiG 9w0BCQEWEXJvZm9mb2ZAZ21haWwuY29tMB4XDTIwMDkwOTA1NTExN1oXDTIwMTAw OTA1NTExN1owgYMxCzAJBgNVBAYTAklOMRMwEQYDVQQIDApXZXN0YmVuZ2FsMRAw DgYDVQQHDAdLb2xrYXRhMRQwEgYDVQQKDAtQYW5jbywgSW5jLjEVMBMGA1UEAwwM Um9oaXQgUHJhc2FkMSAwHgYJKoZIhvcNAQkBFhFyb2ZvZm9mQGdtYWlsLmNvbTCB nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAt/EfcF3FG4TneOBWr4JhOUdyuCXm Dhy5yO3VKtQfPxr+5d0joCSnn/5vYDNSr1MfedZmqVxrXFoMAdPCd71BNmDmeLVi QK61WREtASP0ZhQMoUBT+R3Fpdy0jPS0YoT/fBd96CJCmgsQOS8Tq5IKVeB61MyC kwAQ2Goe0T3sdVkCAwEAATANBgkqhkiG9w0BAQsFAAOBgQATe6ixdAjoV7BSHgRX bXM2+IZLq8kq3s7ck0EZrRVhsivutcaZwDXRCCinB+OlPedbzXwNZGvVX0nwPYHG BfiXwdiuZeVJ88ni6Fm6RhoPtu2QF1UExfBvSXuMBgR+evp+e3QadNpGx6Ppl1aC hWF6W2H9+MAlU7yvtmCQQuZmfQ== -----END CERTIFICATE-----
Now save the filename as public-cert.pem
Example 1: Filename: index.js
// Node.js program to demonstrate the // tlsSocket.exportKeyingMaterial() method var tls = require('tls'),
fs = require('fs'),
// Port and host address for server PORT = 1337, HOST = '127.0.0.1',
value = null;
// Private key and public certificate for access var options = {
key: fs.readFileSync('private-key.pem'),
cert: fs.readFileSync('public-cert.pem'),
rejectUnauthorized: false
}; // Creating and initializing server var server = tls.createServer(options, function(socket) {
// Print the data that we received
socket.on('data', function(data) {
console.log('\nReceived: %s ',
data.toString().replace(/(\n)/gm, ""));
});
// Stopping the server
// by using the close() method
server.close(() => {
console.log("Server closed successfully");
});
}); // Start listening on a specific port and address // by using listen() method server.listen(PORT, HOST, function() {
console.log("I'm listening at %s, on port %s", HOST, PORT);
}); // Creating and initializing client var client = tls.connect(PORT, HOST, options, function() {
// Getting keying material
// by using tlsSocket.exportKeyingMaterial() method
value = client.exportKeyingMaterial(
128, 'client finished');
client.write("keying material : " + value.toJSON().data);
client.end(() => {
console.log("Client closed successfully");
});
}); |
Run the index.js file using the following command:
node index.js
Output:
I'm listening at 127.0.0.1, on port 1337 Client closed successfully Received: keying material : 10, 183, 131,....... 52, 121, 159 Server closed successfully
Example 2: Filename: index.js
// Node.js program to demonstrate the // tlsSocket.exportKeyingMaterial() method var tls = require('tls'),
fs = require('fs'),
// Port and host address for server PORT = 1337, HOST = '127.0.0.1';
// Private key and public certificate for access var options = {
key: fs.readFileSync('private-key.pem'),
cert: fs.readFileSync('public-cert.pem'),
rejectUnauthorized: false
}; // Creating and initializing server var server = tls.createServer(options, function(socket) {
// Getting keying material
// by using tlsSocket.exportKeyingMaterial() method
value = socket.exportKeyingMaterial(
128, 'server finished');;
socket.write("keying material : " + value.toJSON().data);
// Stopping the server
// by using the close() method
server.close(() => {
console.log("Server closed successfully")
});
}); // Start listening on a specific port and address // by using listen() method server.listen(PORT, HOST, function() {
console.log("I'm listening at %s, on port %s", HOST, PORT);
}); // Creating and initializing client var client = tls.connect(PORT, HOST, options, function() {
console.log("client is connected");
}); client.on("data", function(data) {
console.log('Received: %s',
data.toString().replace(/(\n)/gm, ""));
// Close the connection after receiving the message
client.end(() => {
console.log("client closed successfully")
});
}); |
Run the index.js file using the following command:
node index.js
Output:
I'm listening at 127.0.0.1, on port 1337 client is connected Received: keying material : 239, 29, 74, 173 .... 209, 242, 131 client closed successfully Server closed successfully