v1.2.0 add ability to read ssh pub files

6 years ago · 67bb76d19e
4 changed files with 46 additions and 4 deletions
--- a/README.md
+++ b/README.md
@ -9,6 +9,7 @@ ECDSA (elliptic curve) tools. Lightweight. Zero Dependencies. Universal compatib

 * [x] PEM-to-JWK
 * [x] JWK-to-PEM
+* [x] SSH "pub" format

 This project is fully functional and tested (and the code is pretty clean).

@ -18,6 +19,7 @@ It is considered to be complete, but if you find a bug please open an issue.

 * [x] SEC1/X9.62, PKCS#8, SPKI/PKIX
 * [x] P-256 (prime256v1, secp256r1), P-384 (secp384r1)
+* [x] SSH (RFC4716), (RFC 4716/SSH2)

 ```js
 var eckles = require('eckles');
--- a/lib/eckles.js
+++ b/lib/eckles.js
@ -16,6 +16,13 @@ var OBJ_ID_EC_384 = '06 05 2B81040022'.replace(/\s+/g, '').toLowerCase();
 // ecPublicKey (ANSI X9.62 public key type)
 var OBJ_ID_EC_PUB = '06 07 2A8648CE3D0201'.replace(/\s+/g, '').toLowerCase();

+                      // 19  e  c  d  s  a  -  s  h  a  2  -  n  i  s  t  p  2  5  6
+var SSH_EC_P256 = '00000013 65 63 64 73 61 2d 73 68 61 32 2d 6e 69 73 74 70 32 35 36'
+  .replace(/\s+/g, '').toLowerCase();
+
+                      // 19  e  c  d  s  a  -  s  h  a  2  -  n  i  s  t  p  3  8  4
+var SSH_EC_P384 = '00000013 65 63 64 73 61 2d 73 68 61 32 2d 6e 69 73 74 70 33 38 34'
+  .replace(/\s+/g, '').toLowerCase();

 // The one good thing that came from the b***kchain hysteria: good EC documentation
 // https://davidederosa.com/basic-blockchain-programming/elliptic-curve-keys/
@ -226,11 +233,35 @@ EC.parseSpki = function parsePem(u8, jwk) {
 };
 EC.parsePkix = EC.parseSpki;

+EC.parseSsh = function (pem) {
+  var jwk = { kty: 'EC', crv: null, x: null, y: null };
+  var b64 = pem.split(/\s+/g)[1];
+  var buf = Buffer.from(b64, 'base64');
+  var hex = buf.toString('hex');
+  var index = 40;
+  var len;
+  if (0 === hex.indexOf(SSH_EC_P256)) {
+    jwk.crv = 'P-256';
+    len = 32;
+  } else if (0 === hex.indexOf(SSH_EC_P384)) {
+    jwk.crv = 'P-384';
+    len = 48;
+  }
+  var x = buf.slice(index, index + len);
+  var y = buf.slice(index + len, index + len + len);
+  jwk.x = PEM._toUrlSafeBase64(x);
+  jwk.y = PEM._toUrlSafeBase64(y);
+  return jwk;
+};
+
 /*global Promise*/
 EC.parse = function parseEc(opts) {
  return Promise.resolve().then(function () {
-    if (!opts || !opts.pem) {
-      throw new Error("must pass { pem: pem }");
+    if (!opts || !opts.pem || 'string' !== typeof opts.pem) {
+      throw new Error("must pass { pem: pem } as a string");
+    }
+    if (0 === opts.pem.indexOf('ecdsa-sha2-')) {
+      return EC.parseSsh(opts.pem);
    }
    var pem = opts.pem;
    var u8 = PEM.parseBlock(pem).der;
--- a/package.json
+++ b/package.json
@ -1,7 +1,7 @@
 {
  "name": "eckles",
-  "version": "1.1.1",
-  "description": "PEM-to-JWK and JWK-to-PEM for ECDSA keys in a lightweight, zero-dependency library focused on perfect universal compatibility.",
+  "version": "1.2.0",
+  "description": "PEM-to-JWK and JWK-to-PEM (and SSH) for ECDSA keys in a lightweight, zero-dependency library focused on perfect universal compatibility.",
  "homepage": "https://git.coolaj86.com/coolaj86/eckles.js",
  "main": "index.js",
  "bin": {
--- a/test.sh
+++ b/test.sh
@ -11,6 +11,10 @@ node bin/eckles.js fixtures/privkey-ec-p256.pkcs8.pem | tee fixtures/privkey-ec-
 diff fixtures/privkey-ec-p256.jwk.json fixtures/privkey-ec-p256.jwk.2
 node bin/eckles.js fixtures/pub-ec-p256.spki.pem | tee fixtures/pub-ec-p256.jwk.2
 diff fixtures/pub-ec-p256.jwk.json fixtures/pub-ec-p256.jwk.2
+#
+node bin/eckles.js fixtures/pub-ec-p256.ssh.pub | tee fixtures/pub-ec-p256.jwk.2
+diff fixtures/pub-ec-p256.jwk.2 fixtures/pub-ec-p256.jwk.2
+

 echo ""
 echo ""
@ -22,6 +26,10 @@ node bin/eckles.js fixtures/privkey-ec-p384.pkcs8.pem | tee fixtures/privkey-ec-
 diff fixtures/privkey-ec-p384.jwk.json fixtures/privkey-ec-p384.jwk.2.2
 node bin/eckles.js fixtures/pub-ec-p384.spki.pem | tee fixtures/pub-ec-p384.jwk.2
 diff fixtures/pub-ec-p384.jwk.json fixtures/pub-ec-p384.jwk.2
+#
+node bin/eckles.js fixtures/pub-ec-p384.ssh.pub | tee fixtures/pub-ec-p384.jwk.2
+diff fixtures/pub-ec-p384.jwk.2 fixtures/pub-ec-p384.jwk.2
+

 echo ""
 echo ""
@ -39,6 +47,7 @@ diff fixtures/pub-ec-p256.spki.pem fixtures/pub-ec-p256.spki.pem.2
 node bin/eckles.js fixtures/pub-ec-p256.jwk.json ssh | tee fixtures/pub-ec-p256.ssh.pub.2
 diff fixtures/pub-ec-p256.ssh.pub fixtures/pub-ec-p256.ssh.pub.2

+
 echo ""
 echo ""
 echo "Testing JWK-to-PEM P-384"