update README, correct PKCS8 comments

This commit is contained in:
AJ ONeal 2018-11-21 00:36:53 -07:00
parent 67bb76d19e
commit d3357fdb23
5 changed files with 30 additions and 6 deletions

View File

@ -127,6 +127,27 @@ rMjgyCokrnjDft6Y/YnA4A50yZe7CnFsqeDcpnPbubP6cpYiVcnevNIYyg==
-----END PUBLIC KEY----- -----END PUBLIC KEY-----
``` ```
Testing
-------
All cases are tested in `test.sh`.
You can compare these keys to the ones that you get from OpenSSL, ssh-keygen, and WebCrypto:
```bash
# Generate EC P-256 Keypair
openssl ecparam -genkey -name prime256v1 -noout -out ./privkey-ec-p256.sec1.pem
# Export Public-only EC Key (as SPKI)
openssl ec -in ./privkey-ec-p256.sec1.pem -pubout -out ./pub-ec-p256.spki.pem
# Convert SEC1 (traditional) EC Keypair to PKCS8 format
openssl pkcs8 -topk8 -nocrypt -in ./privkey-ec-p256.sec1.pem -out ./privkey-ec-p256.pkcs8.pem
# Convert EC public key to SSH format
ssh-keygen -f ./pub-ec-p256.spki.pem -i -mPKCS8 > ./pub-ec-p256.ssh.pub
```
Goals of this project Goals of this project
----- -----
@ -134,6 +155,7 @@ Goals of this project
* Focused support for P-256 and P-384, which are already universally supported. * Focused support for P-256 and P-384, which are already universally supported.
* Convert both ways * Convert both ways
* Browser support as well (TODO) * Browser support as well (TODO)
* OpenSSL, ssh-keygen, and WebCrypto compatibility
Legal Legal
----- -----

View File

@ -1,5 +1,5 @@
-----BEGIN EC PRIVATE KEY----- -----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgiYydo27aNGO9DBUW MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgiYydo27aNGO9DBUW
eGEPD8oNi1LZDqfxPmQlieLBjVShRANCAAQhPVJYvGxpw+ITlnXqOSikCfz/7zms eGEPD8oNi1LZDqfxPmQlieLBjVShRANCAAQhPVJYvGxpw+ITlnXqOSikCfz/7zms
yODIKiSueMN+3pj9icDgDnTJl7sKcWyp4Nymc9u5s/pyliJVyd680hjK yODIKiSueMN+3pj9icDgDnTJl7sKcWyp4Nymc9u5s/pyliJVyd680hjK
-----END EC PRIVATE KEY----- -----END PRIVATE KEY-----

View File

@ -1,6 +1,6 @@
-----BEGIN EC PRIVATE KEY----- -----BEGIN PRIVATE KEY-----
MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBeXK4IRZJNNLxTv078 MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBeXK4IRZJNNLxTv078
zPTnPXy+HiRvXSzO+7/ul1e4ZZXqV8TI8THJRhawDoDaR1WhZANiAATbMRTRsoJr zPTnPXy+HiRvXSzO+7/ul1e4ZZXqV8TI8THJRhawDoDaR1WhZANiAATbMRTRsoJr
t6Mosgnyg8acuGqHHKK/j/DfwrZrRI8Lp2xJ33+CU0nyVyq/Sx9/kZtUPiOe7zdL t6Mosgnyg8acuGqHHKK/j/DfwrZrRI8Lp2xJ33+CU0nyVyq/Sx9/kZtUPiOe7zdL
qxyfr9N4CPcRk5EQZs6zp3OhWlq6Cf5dAwzIL07hUtsMMUYFlMmUyxs= qxyfr9N4CPcRk5EQZs6zp3OhWlq6Cf5dAwzIL07hUtsMMUYFlMmUyxs=
-----END EC PRIVATE KEY----- -----END PRIVATE KEY-----

View File

@ -367,7 +367,7 @@ EC.pack = function (opts) {
if ('sec1' === format) { if ('sec1' === format) {
return PEM.packBlock({ type: "EC PRIVATE KEY", bytes: EC.packSec1(jwk) }); return PEM.packBlock({ type: "EC PRIVATE KEY", bytes: EC.packSec1(jwk) });
} else if ('pkcs8' === format) { } else if ('pkcs8' === format) {
return PEM.packBlock({ type: "EC PRIVATE KEY", bytes: EC.packPkcs8(jwk) }); return PEM.packBlock({ type: "PRIVATE KEY", bytes: EC.packPkcs8(jwk) });
} else if (-1 !== [ 'spki', 'pkix' ].indexOf(format)) { } else if (-1 !== [ 'spki', 'pkix' ].indexOf(format)) {
return PEM.packBlock({ type: "PUBLIC KEY", bytes: EC.packSpki(jwk) }); return PEM.packBlock({ type: "PUBLIC KEY", bytes: EC.packSpki(jwk) });
} else if (-1 !== [ 'ssh', 'rfc4716' ].indexOf(format)) { } else if (-1 !== [ 'ssh', 'rfc4716' ].indexOf(format)) {

View File

@ -1,6 +1,6 @@
{ {
"name": "eckles", "name": "eckles",
"version": "1.2.0", "version": "1.2.1",
"description": "PEM-to-JWK and JWK-to-PEM (and SSH) for ECDSA keys in a lightweight, zero-dependency library focused on perfect universal compatibility.", "description": "PEM-to-JWK and JWK-to-PEM (and SSH) for ECDSA keys in a lightweight, zero-dependency library focused on perfect universal compatibility.",
"homepage": "https://git.coolaj86.com/coolaj86/eckles.js", "homepage": "https://git.coolaj86.com/coolaj86/eckles.js",
"main": "index.js", "main": "index.js",
@ -29,6 +29,8 @@
"PEM-to-JWK", "PEM-to-JWK",
"ECDSA", "ECDSA",
"EC", "EC",
"SSH-to-JWK",
"JWK-to-SSH",
"p-256", "p-256",
"prime256v1", "prime256v1",
"secp256r1", "secp256r1",