AJ ONeal 607e352b17 | ||
---|---|---|
bin | ||
fixtures | ||
lib | ||
README.md | ||
index.js | ||
package.json | ||
test.sh |
README.md
Rasha.js
Sponsored by Root. Built for ACME.js and Greenlock.js
RSA tools. Lightweight. Zero Dependencies. Universal compatibility.
- PEM-to-JWK
- JWK-to-PEM (in progress)
- SSH "pub" format
PEM-to-JWK
- PKCS#1 (traditional)
- PKCS#8, SPKI/PKIX
- 2048-bit, 4096-bit (and ostensibily all others)
- SSH (RFC4716), (RFC 4716/SSH2)
var Rasha = require('rasha');
var pem = require('fs')
.readFileSync('./node_modles/rasha/fixtures/privkey-rsa-2048.pkcs1.pem', 'ascii');
Rasha.import({ pem: pem }).then(function (jwk) {
console.log(jwk);
});
{
"kty": "RSA",
"n": "m2ttVBxPlWw06ZmGBWVDl...QlEz7UNNj9RGps_50-CNw",
"e": "AQAB",
"d": "Cpfo7Mm9Nu8YMC_xrZ54W...Our1IdDzJ_YfHPt9sHMQQ",
"p": "ynG-t9HwKCN3MWRYFdnFz...E9S4DsGcAarIuOT2TsTCE",
"q": "xIkAjgUzB1zaUzJtW2Zgv...38ahSrBFEVnxjpnPh1Q1c",
"dp": "tzDGjECFOU0ehqtuqhcu...dVGAXJoGOdv5VpaZ7B1QE",
"dq": "kh5dyDk7YCz7sUFbpsmu...aX9PKa12HFlny6K1daL48",
"qi": "AlHWbx1gp6Z9pbw_1hlS...lhmIOgRApS0t9VoXtHhFU"
}
JWK-to-PEM
- PKCS#1 (traditional)
- PKCS#8, SPKI/PKIX
- 2048-bit, 4096-bit (and ostensibily all others)
- SSH (RFC4716), (RFC 4716/SSH2)
var Rasha = require('rasha');
var jwk = require('rasha/fixtures/privkey-rsa-2048.jwk.json');
Rasha.export({ jwk: jwk }).then(function (pem) {
// PEM in PKCS1 (traditional) format
console.log(pem);
});
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAm2ttVBxPlWw06ZmGBWVDlfjkPAJ4DgnY0TrDwtCohHzLxGhD
NzUJefLukC+xu0LBKylYojT5vTkxaOhxeSYo31syu4WhxbkTBLICOFcCGMob6pSQ
38P8LdAIlb0pqDHxEJ9adWomjuFf0...e5cCBahfsiNtNR6WV1/iCSuINYs6uPdA
Jlw7hm9m8TAmFWWyfL0s7wiRvAYkQvpxetorTwHJVLabBDJ+WBOAY2enOLHIRQv+
atAvHrLXjkUdzF96o0icyF6n7QzGfUPmeWGYg6BEClLS31Whe0eEVQ==
-----END RSA PRIVATE KEY-----
-->
Advanced Options
public: 'true'
:
If a private key is used as input, a private key will be output.
If you'd like to output a public key instead you can pass public: true
.
Testing
You can compare these keys to the ones that you get from OpenSSL, ssh-keygen, and WebCrypto:
# Generate 2048-bit RSA Keypair
openssl genrsa -out privkey-rsa-2048.pkcs1.pem 2048
# Convert PKCS1 (traditional) RSA Keypair to PKCS8 format
openssl rsa -in privkey-rsa-2048.pkcs1.pem -pubout -out pub-rsa-2048.spki.pem
# Export Public-only RSA Key in PKCS1 (traditional) format
openssl pkcs8 -topk8 -nocrypt -in privkey-rsa-2048.pkcs1.pem -out privkey-rsa-2048.pkcs8.pem
# Convert PKCS1 (traditional) RSA Public Key to SPKI/PKIX format
openssl rsa -in pub-rsa-2048.spki.pem -pubin -RSAPublicKey_out -out pub-rsa-2048.pkcs1.pem
# Convert RSA public key to SSH format
ssh-keygen -f ./pub-rsa-2048.spki.pem -i -mPKCS8 > ./pub-rsa-2048.ssh.pub
Goals of this project
- Zero Dependencies
- Focused support for 2048-bit and 4096-bit RSA keypairs (although any size is technically supported)
- Convert both ways
- Browser support as well (TODO)
- OpenSSL, ssh-keygen, and WebCrypto compatibility
Legal
Licensed MPL-2.0