no-acme #10
49
README.md
49
README.md
|
@ -1,9 +1,46 @@
|
|||
# Bluecrypt™ Keypairs
|
||||
# Bluecrypt™ [Keypairs](https://git.rootprojects.org/root/bluecrypt-keypairs.js) | A [Root](https://rootprojects.org) Project
|
||||
|
||||
A port of [keypairs.js](https://git.coolaj86.com/coolaj86/keypairs.js) to the browser.
|
||||
|
||||
* Keypairs
|
||||
* Eckles (ECDSA)
|
||||
* Rasha (RSA)
|
||||
* X509
|
||||
* ASN1
|
||||
# Features (port in-progress)
|
||||
|
||||
* [x] Keypair generation and encoding
|
||||
* [x] RSA
|
||||
* [x] ECDSA (P-256, P-384)
|
||||
* [x] JWK-to-PEM
|
||||
* [ ] JWK-to-SSH
|
||||
* [ ] PEM-to-JWK
|
||||
* [ ] SSH-to-JWK
|
||||
* [x] ASN1, X509, PEM, DER
|
||||
* [x] SHA256 JWK Thumbprints
|
||||
* [x] Sign JWS
|
||||
* [ ] Create JWTs
|
||||
* [ ] JWK fetching. See [Keyfetch.js](https://npmjs.com/packages/keyfetch/)
|
||||
* [ ] OIDC
|
||||
* [ ] Auth0
|
||||
* [ ] CLI (ee [keypairs-cli](https://npmjs.com/packages/keypairs-cli/))
|
||||
* [ ] Node.js (ee [keypairs.js](https://npmjs.com/packages/keypairs.js))
|
||||
* [ ] [CSR.js](https://git.rootprojects.org/root/bluecrypt-csr.js)
|
||||
* [ ] [ACME.js](https://git.rootprojects.org/root/bluecrypt-acme.js) (Let's Encyrpt)
|
||||
|
||||
# Online Demos
|
||||
|
||||
* Bluecrypt Keypairs.js Demo <https://rootprojects.org/keypairs/>
|
||||
|
||||
# QuickStart
|
||||
|
||||
`bluecrypt-keypairs.js`
|
||||
```html
|
||||
<script src="https://rootprojects.org/keypairs/bluecrypt-keypairs.js"></script>
|
||||
```
|
||||
|
||||
`bluecrypt-keypairs.min.js`
|
||||
```html
|
||||
<script src="https://rootprojects.org/keypairs/bluecrypt-keypairs.min.js"></script>
|
||||
```
|
||||
|
||||
You can see `index.html` and `app.js` in the repo for full example usage.
|
||||
|
||||
# Documentation
|
||||
|
||||
See [keypairs.js](https://git.coolaj86.com/coolaj86/keypairs.js) for documentation.
|
||||
|
|
7
app.js
7
app.js
|
@ -17,11 +17,6 @@
|
|||
return Array.prototype.slice.call(document.querySelectorAll(sel));
|
||||
}
|
||||
|
||||
function checkTos(tos) {
|
||||
console.log("TODO checkbox for agree to terms");
|
||||
return tos;
|
||||
}
|
||||
|
||||
function run() {
|
||||
console.log('hello');
|
||||
|
||||
|
@ -113,8 +108,6 @@
|
|||
$$('button').map(function ($el) { $el.disabled = false; });
|
||||
$('.js-toc-jwk').hidden = false;
|
||||
|
||||
$('.js-create-account').hidden = false;
|
||||
$('.js-create-csr').hidden = false;
|
||||
});
|
||||
});
|
||||
|
||||
|
|
|
@ -0,0 +1,42 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Development Version
|
||||
cat > bluecrypt-keypairs.js << EOF
|
||||
// Copyright 2015-2019 AJ ONeal. All rights reserved
|
||||
/* This Source Code Form is subject to the terms of the Mozilla Public
|
||||
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
||||
;
|
||||
EOF
|
||||
cat ./lib/encoding.js \
|
||||
./lib/asn1-packer.js \
|
||||
./lib/x509.js \
|
||||
./lib/ecdsa.js \
|
||||
./lib/rsa.js \
|
||||
./lib/keypairs.js \
|
||||
>> bluecrypt-keypairs.js
|
||||
|
||||
# Gzipped
|
||||
cat > bluecrypt-keypairs.min.js << EOF
|
||||
// Copyright 2015-2019 AJ ONeal. All rights reserved
|
||||
/* This Source Code Form is subject to the terms of the Mozilla Public
|
||||
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
||||
;
|
||||
EOF
|
||||
uglifyjs bluecrypt-keypairs.js >> bluecrypt-keypairs.min.js
|
||||
gzip -f bluecrypt-keypairs.min.js
|
||||
|
||||
# Minified Gzipped
|
||||
cat > bluecrypt-keypairs.min.js << EOF
|
||||
// Copyright 2015-2019 AJ ONeal. All rights reserved
|
||||
/* This Source Code Form is subject to the terms of the Mozilla Public
|
||||
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
||||
;
|
||||
EOF
|
||||
uglifyjs bluecrypt-keypairs.js >> bluecrypt-keypairs.min.js
|
||||
|
||||
rsync -av ./ root@beta.therootcompany.com:~/beta.therootcompany.com/keypairs/
|
||||
rsync -av ./ root@beta.rootprojects.org:~/beta.rootprojects.org/keypairs/
|
||||
rsync -av ./ ubuntu@rootprojects.org:/srv/www/rootprojects.org/keypairs/
|
43
index.html
43
index.html
|
@ -15,12 +15,20 @@
|
|||
white-space: -o-pre-wrap; /* Opera 7 */
|
||||
word-wrap: break-word; /* IE */
|
||||
}
|
||||
</style>
|
||||
</head>
|
||||
<body>
|
||||
<h1>BlueCrypt for the Browser</h1>
|
||||
<p>BlueCrypt is universal crypto for the browser. It's lightweight, fast, and based on native webcrypto.
|
||||
This means it's easy-to-use crypto in kilobytes, not megabytes.</p>
|
||||
</style>
|
||||
</head>
|
||||
<body>
|
||||
<h1>@bluecrypt/keypairs: Universal keygen & signing for browsers</h1>
|
||||
<p>Keypairs.js is <strong>easy-to-use browser crypto in kilobytes, not megabytes.</strong></p>
|
||||
|
||||
<p>It's a modern alternative to larger, legacy libraries like PKI.js and rsasign,
|
||||
with more universal support for keygen, signing, and verification (including PKI, X509, JOSE, JWS, and JWT)
|
||||
at a fraction of the cost.</p>
|
||||
|
||||
<p>This is intended to be explored with your JavaScript console open.</p>
|
||||
<pre><code><script src="<a href="https://rootprojects.org/keypairs/bluecrypt-keypairs.js">https://rootprojects.org/keypairs/bluecrypt-keypairs.js</a>"></script></code></pre>
|
||||
<pre><code><script src="<a href="https://rootprojects.org/keypairs/bluecrypt-keypairs.min.js">https://rootprojects.org/keypairs/bluecrypt-keypairs.min.js</a>"></script></code></pre>
|
||||
<a href="https://git.rootprojects.org/root/bluecrypt-keypairs.js">Documentation</a>
|
||||
|
||||
<h2>Keypair Generation</h2>
|
||||
<form class="js-keygen">
|
||||
|
@ -109,12 +117,19 @@
|
|||
<pre><code class="js-jwt" ></code></pre>
|
||||
</details>
|
||||
|
||||
<script src="./lib/bluecrypt-encoding.js"></script>
|
||||
<script src="./lib/asn1-packer.js"></script>
|
||||
<script src="./lib/x509.js"></script>
|
||||
<script src="./lib/ecdsa.js"></script>
|
||||
<script src="./lib/rsa.js"></script>
|
||||
<script src="./lib/keypairs.js"></script>
|
||||
<script src="./app.js"></script>
|
||||
</body>
|
||||
<br>
|
||||
<p>Bluecrypt™ is a collection of lightweight, zero-dependency, libraries written in VanillaJS.
|
||||
They are fast, tiny, and secure, using the native features of modern browsers where possible.</p>
|
||||
<br>
|
||||
<footer>View (git) source
|
||||
<a href="https://git.rootprojects.org/root/bluecrypt-keypairs.js">@bluecrypt/keypairs</a></footer>
|
||||
|
||||
<script src="./lib/bluecrypt-encoding.js"></script>
|
||||
<script src="./lib/asn1-packer.js"></script>
|
||||
<script src="./lib/x509.js"></script>
|
||||
<script src="./lib/ecdsa.js"></script>
|
||||
<script src="./lib/rsa.js"></script>
|
||||
<script src="./lib/keypairs.js"></script>
|
||||
<script src="./app.js"></script>
|
||||
</body>
|
||||
</html>
|
||||
|
|
|
@ -125,7 +125,7 @@ PEM.parseBlock = PEM.parseBlock || function (str) {
|
|||
var der = str.split(/\n/).filter(function (line) {
|
||||
return !/-----/.test(line);
|
||||
}).join('');
|
||||
return { der: Enc.base64ToBuf(der) };
|
||||
return { bytes: Enc.base64ToBuf(der) };
|
||||
};
|
||||
|
||||
Enc.base64ToBuf = function (b64) {
|
||||
|
|
|
@ -66,8 +66,11 @@ Enc.numToHex = function (d) {
|
|||
};
|
||||
|
||||
Enc.bufToUrlBase64 = function (u8) {
|
||||
return Enc.bufToBase64(u8)
|
||||
.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, '');
|
||||
return Enc.base64ToUrlBase64(Enc.bufToBase64(u8));
|
||||
};
|
||||
|
||||
Enc.base64ToUrlBase64 = function (str) {
|
||||
return str.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, '');
|
||||
};
|
||||
|
||||
Enc.bufToBase64 = function (u8) {
|
|
@ -186,10 +186,6 @@ Keypairs.signJws = function (opts) {
|
|||
, signature: Enc.bufToUrlBase64(buf)
|
||||
};
|
||||
|
||||
console.log('Signed Base64 Msg:');
|
||||
console.log(JSON.stringify(signedMsg, null, 2));
|
||||
|
||||
console.log('msg:', msg);
|
||||
return signedMsg;
|
||||
});
|
||||
}
|
||||
|
@ -219,10 +215,12 @@ Keypairs._sign = function (opts, payload) {
|
|||
).then(function (signature) {
|
||||
signature = new Uint8Array(signature); // ArrayBuffer -> u8
|
||||
// This will come back into play for CSRs, but not for JOSE
|
||||
if ('EC' === opts.jwk.kty && /x509/i.test(opts.format)) {
|
||||
signature = Keypairs._ecdsaJoseSigToAsn1Sig(signature);
|
||||
if ('EC' === opts.jwk.kty && /x509|asn1/i.test(opts.format)) {
|
||||
return Keypairs._ecdsaJoseSigToAsn1Sig(signature);
|
||||
} else {
|
||||
// jose/jws/jwt
|
||||
return signature;
|
||||
}
|
||||
return signature;
|
||||
});
|
||||
});
|
||||
};
|
||||
|
@ -261,7 +259,6 @@ Keypairs._import = function (opts) {
|
|||
opts.jwk.ext = true;
|
||||
opts.jwk.key_ops = ops;
|
||||
|
||||
console.log('jwk', opts.jwk);
|
||||
return window.crypto.subtle.importKey(
|
||||
"jwk"
|
||||
, opts.jwk
|
||||
|
@ -298,7 +295,7 @@ Keypairs._ecdsaJoseSigToAsn1Sig = function (bufsig) {
|
|||
if (len >= 0x80) { head.push(0x81); }
|
||||
head.push(len);
|
||||
|
||||
return Uint8Array.from(head.concat([0x02, r.length], r, [0x02, s.byteLength], s));
|
||||
return Uint8Array.from(head.concat([0x02, r.length], r, [0x02, s.length], s));
|
||||
};
|
||||
|
||||
function setTime(time) {
|
||||
|
|
11
package.json
11
package.json
|
@ -1,13 +1,18 @@
|
|||
{
|
||||
"name": "bluecrypt-keypairs",
|
||||
"name": "@bluecrypt/keypairs",
|
||||
"version": "0.1.1",
|
||||
"description": "Zero-Dependency Native Browser support for ECDSA P-256 and P-384, and RSA 2048/3072/4096 written in VanillaJS",
|
||||
"homepage": "https://rootprojects.org/keypairs/",
|
||||
"files": [
|
||||
"lib",
|
||||
"bluecrypt-keypairs.js",
|
||||
"bluecrypt-keypairs.min.js"
|
||||
],
|
||||
"directories": {
|
||||
"lib": "lib"
|
||||
},
|
||||
"scripts": {
|
||||
"test": "node server.js",
|
||||
"start": "node server.js"
|
||||
"test": "node test.js"
|
||||
},
|
||||
"repository": {
|
||||
"type": "git",
|
||||
|
|
Loading…
Reference in New Issue