update README, correct PKCS8 comments

README.md

@@ -127,6 +127,27 @@ rMjgyCokrnjDft6Y/YnA4A50yZe7CnFsqeDcpnPbubP6cpYiVcnevNIYyg==
 -----END PUBLIC KEY-----
 ```
 
+Testing
+-------
+
+All cases are tested in `test.sh`.
+
+You can compare these keys to the ones that you get from OpenSSL, ssh-keygen, and WebCrypto:
+
+```bash
+# Generate EC P-256 Keypair
+openssl ecparam -genkey -name prime256v1 -noout -out ./privkey-ec-p256.sec1.pem
+
+# Export Public-only EC Key (as SPKI)
+openssl ec -in ./privkey-ec-p256.sec1.pem -pubout -out ./pub-ec-p256.spki.pem
+
+# Convert SEC1 (traditional) EC Keypair to PKCS8 format
+openssl pkcs8 -topk8 -nocrypt -in ./privkey-ec-p256.sec1.pem -out ./privkey-ec-p256.pkcs8.pem
+
+# Convert EC public key to SSH format
+ssh-keygen -f ./pub-ec-p256.spki.pem -i -mPKCS8 > ./pub-ec-p256.ssh.pub
+```
+
 Goals of this project
 -----
 
@@ -134,6 +155,7 @@ Goals of this project
 * Focused support for P-256 and P-384, which are already universally supported.
 * Convert both ways
 * Browser support as well (TODO)
+* OpenSSL, ssh-keygen, and WebCrypto compatibility
 
 Legal
 -----

fixtures/privkey-ec-p256.pkcs8.pem

@@ -1,5 +1,5 @@
------BEGIN EC PRIVATE KEY-----
+-----BEGIN PRIVATE KEY-----
 MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgiYydo27aNGO9DBUW
 eGEPD8oNi1LZDqfxPmQlieLBjVShRANCAAQhPVJYvGxpw+ITlnXqOSikCfz/7zms
 yODIKiSueMN+3pj9icDgDnTJl7sKcWyp4Nymc9u5s/pyliJVyd680hjK
------END EC PRIVATE KEY-----
+-----END PRIVATE KEY-----

fixtures/privkey-ec-p384.pkcs8.pem

@@ -1,6 +1,6 @@
------BEGIN EC PRIVATE KEY-----
+-----BEGIN PRIVATE KEY-----
 MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBeXK4IRZJNNLxTv078
 zPTnPXy+HiRvXSzO+7/ul1e4ZZXqV8TI8THJRhawDoDaR1WhZANiAATbMRTRsoJr
 t6Mosgnyg8acuGqHHKK/j/DfwrZrRI8Lp2xJ33+CU0nyVyq/Sx9/kZtUPiOe7zdL
 qxyfr9N4CPcRk5EQZs6zp3OhWlq6Cf5dAwzIL07hUtsMMUYFlMmUyxs=
------END EC PRIVATE KEY-----
+-----END PRIVATE KEY-----

lib/eckles.js

@@ -367,7 +367,7 @@ EC.pack = function (opts) {
     if ('sec1' === format) {
       return PEM.packBlock({ type: "EC PRIVATE KEY", bytes: EC.packSec1(jwk) });
     } else if ('pkcs8' === format) {
-      return PEM.packBlock({ type: "EC PRIVATE KEY", bytes: EC.packPkcs8(jwk) });
+      return PEM.packBlock({ type: "PRIVATE KEY", bytes: EC.packPkcs8(jwk) });
     } else if (-1 !== [ 'spki', 'pkix' ].indexOf(format)) {
       return PEM.packBlock({ type: "PUBLIC KEY", bytes: EC.packSpki(jwk) });
     } else if (-1 !== [ 'ssh', 'rfc4716' ].indexOf(format)) {

package.json

@@ -1,6 +1,6 @@
 {
   "name": "eckles",
-  "version": "1.2.0",
+  "version": "1.2.1",
   "description": "PEM-to-JWK and JWK-to-PEM (and SSH) for ECDSA keys in a lightweight, zero-dependency library focused on perfect universal compatibility.",
   "homepage": "https://git.coolaj86.com/coolaj86/eckles.js",
   "main": "index.js",
@@ -29,6 +29,8 @@
     "PEM-to-JWK",
     "ECDSA",
     "EC",
+    "SSH-to-JWK",
+    "JWK-to-SSH",
     "p-256",
     "prime256v1",
     "secp256r1",