crypto.createSign() Method in Node.js

The crypto.createSign() method creates and returns a Sign object that uses the specified algorithm for generating digital signatures. You can use crypto.getHashes() to get the names of all available digest algorithms. Sign instances can also be created using signature algorithms like 'RSA-SHA256' in some cases.

Syntax

crypto.createSign(algorithm, [options])

Parameters

The parameters are described as follows:

• algorithm - The algorithm name to be used while creating the sign object/instance (e.g., 'SHA256', 'RSA-SHA256').

• options - An optional parameter for controlling stream behavior.

Basic Example: Creating a Sign Object

// Node.js program to demonstrate the use of createSign() method

// Importing the crypto module
const crypto = require('crypto');

// Creating sign object with the input algorithm
const sign = crypto.createSign('SHA256');

// Check if sign object is created successfully
console.log("Sign object created:", typeof sign);
console.log("Constructor name:", sign.constructor.name);

Sign object created: object
Constructor name: Sign

Example: Writing Data to Sign Object

// Node.js program to demonstrate writing data to Sign object

// Importing the crypto module
const crypto = require('crypto');

// Creating sign object with the input algorithm
const sign = crypto.createSign('SHA256');

// Writing data to the sign object
const result = sign.write('Welcome to Tutorials Point');
console.log("Data written successfully:", result);

// You can also chain updates
sign.update('Additional data');
console.log("Sign object ready for signing");

Data written successfully: true
Sign object ready for signing

Complete Signing Example

// Complete example of creating and using a digital signature

const crypto = require('crypto');

// Generate key pair for demonstration
const { publicKey, privateKey } = crypto.generateKeyPairSync('rsa', {
    modulusLength: 2048,
});

// Create sign object
const sign = crypto.createSign('SHA256');

// Add data to be signed
sign.update('Hello, this is a secret message');
sign.end();

// Generate signature
const signature = sign.sign(privateKey, 'hex');
console.log("Signature generated:", signature.substring(0, 50) + "...");

// Verify the signature
const verify = crypto.createVerify('SHA256');
verify.update('Hello, this is a secret message');
verify.end();

const isValid = verify.verify(publicKey, signature, 'hex');
console.log("Signature verification:", isValid);

Signature generated: a1b2c3d4e5f6789012345678901234567890abcdef1234567...
Signature verification: true

Available Algorithms

const crypto = require('crypto');

// Get all available hash algorithms
const hashes = crypto.getHashes();
console.log("Available hash algorithms:");
console.log(hashes.slice(0, 10)); // Show first 10 algorithms

Available hash algorithms:
[
  'RSA-MD5',
  'RSA-RIPEMD160',
  'RSA-SHA1',
  'RSA-SHA1-2',
  'RSA-SHA224',
  'RSA-SHA256',
  'RSA-SHA3-224',
  'RSA-SHA3-256',
  'RSA-SHA3-384',
  'RSA-SHA3-512'
]

Conclusion

The crypto.createSign() method is essential for creating digital signatures in Node.js. Use it with update() to add data and sign() to generate the signature with a private key.