💯 RSA tools. Lightweight. Zero Dependencies. Great tests. Universal compatibility.
rsa
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
AJ ONeal 4e16f360ed update tests 10 months ago
bin handles all known pem formats 10 months ago
fixtures update tests 10 months ago
lib v0.8.0: JWK-to-PEM for PKCS#1 and SSH 10 months ago
README.md v0.8.0: JWK-to-PEM for PKCS#1 and SSH 10 months ago
index.js a squeaky clean start 10 months ago
package.json v0.8.0: JWK-to-PEM for PKCS#1 and SSH 10 months ago
test.sh update tests 10 months ago

README.md

Rasha.js

Sponsored by Root. Built for ACME.js and Greenlock.js

RSA tools. Lightweight. Zero Dependencies. Universal compatibility.

  • PEM-to-JWK
  • JWK-to-PEM (in progress)
  • SSH “pub” format

PEM-to-JWK

  • PKCS#1 (traditional)
  • PKCS#8, SPKI/PKIX
  • 2048-bit, 4096-bit (and ostensibily all others)
  • SSH (RFC4716), (RFC 4716/SSH2)
var Rasha = require('rasha');
var pem = require('fs')
  .readFileSync('./node_modles/rasha/fixtures/privkey-rsa-2048.pkcs1.pem', 'ascii');

Rasha.import({ pem: pem }).then(function (jwk) {
  console.log(jwk);
});
{
  "kty": "RSA",
  "n": "m2ttVBxPlWw06ZmGBWVDl...QlEz7UNNj9RGps_50-CNw",
  "e": "AQAB",
  "d": "Cpfo7Mm9Nu8YMC_xrZ54W...Our1IdDzJ_YfHPt9sHMQQ",
  "p": "ynG-t9HwKCN3MWRYFdnFz...E9S4DsGcAarIuOT2TsTCE",
  "q": "xIkAjgUzB1zaUzJtW2Zgv...38ahSrBFEVnxjpnPh1Q1c",
  "dp": "tzDGjECFOU0ehqtuqhcu...dVGAXJoGOdv5VpaZ7B1QE",
  "dq": "kh5dyDk7YCz7sUFbpsmu...aX9PKa12HFlny6K1daL48",
  "qi": "AlHWbx1gp6Z9pbw_1hlS...lhmIOgRApS0t9VoXtHhFU"
}

JWK-to-PEM

  • PKCS#1 (traditional)
  • PKCS#8, SPKI/PKIX
  • 2048-bit, 4096-bit (and ostensibily all others)
  • SSH (RFC4716), (RFC 4716/SSH2)
var Rasha = require('rasha');
var jwk = require('rasha/fixtures/privkey-rsa-2048.jwk.json');

Rasha.export({ jwk: jwk }).then(function (pem) {
  // PEM in PKCS1 (traditional) format
  console.log(pem);
});
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAm2ttVBxPlWw06ZmGBWVDlfjkPAJ4DgnY0TrDwtCohHzLxGhD
NzUJefLukC+xu0LBKylYojT5vTkxaOhxeSYo31syu4WhxbkTBLICOFcCGMob6pSQ
38P8LdAIlb0pqDHxEJ9adWomjuFf0...e5cCBahfsiNtNR6WV1/iCSuINYs6uPdA
Jlw7hm9m8TAmFWWyfL0s7wiRvAYkQvpxetorTwHJVLabBDJ+WBOAY2enOLHIRQv+
atAvHrLXjkUdzF96o0icyF6n7QzGfUPmeWGYg6BEClLS31Whe0eEVQ==
-----END RSA PRIVATE KEY-----

-->

Advanced Options

public: 'true':

If a private key is used as input, a private key will be output.

If you’d like to output a public key instead you can pass public: true.

Testing

You can compare these keys to the ones that you get from OpenSSL, ssh-keygen, and WebCrypto:

# Generate 2048-bit RSA Keypair
openssl genrsa -out privkey-rsa-2048.pkcs1.pem 2048

# Convert PKCS1 (traditional) RSA Keypair to PKCS8 format
openssl rsa -in privkey-rsa-2048.pkcs1.pem -pubout -out pub-rsa-2048.spki.pem

# Export Public-only RSA Key in PKCS1 (traditional) format
openssl pkcs8 -topk8 -nocrypt -in privkey-rsa-2048.pkcs1.pem -out privkey-rsa-2048.pkcs8.pem

# Convert PKCS1 (traditional) RSA Public Key to SPKI/PKIX format
openssl rsa -in pub-rsa-2048.spki.pem -pubin -RSAPublicKey_out -out pub-rsa-2048.pkcs1.pem

# Convert RSA public key to SSH format
ssh-keygen -f ./pub-rsa-2048.spki.pem -i -mPKCS8 > ./pub-rsa-2048.ssh.pub

Goals of this project

  • Zero Dependencies
  • Focused support for 2048-bit and 4096-bit RSA keypairs (although any size is technically supported)
  • Convert both ways
  • Browser support as well (TODO)
  • OpenSSL, ssh-keygen, and WebCrypto compatibility

Licensed MPL-2.0

Terms of Use | Privacy Policy