coolaj86
/
rsa-compat.js
1
0
Fork 0
Code Issues 1 Pull Requests Releases Activity
rsa-compat.js/README.md

126 lines
3.3 KiB
Markdown
Raw Normal View History

Initial commit
2016-07-30 15:20:44 +00:00
# rsa-compat.js
initial commit
2016-07-30 19:59:48 +00:00
JavaScript RSA utils that work on Windows, Mac, and Linux with or without C compiler
In order to provide a module that "just works" everywhere, we mix and match methods
from `node.js` core, `ursa`, `forge`, and others.
(in the future we'd like to provide the same API to the browser)
Examples
--------
Generate an RSA Keypair:
```javascript
var PromiseA = require('bluebird');
var RSA = PromiseA.promisify(require('rsa-compat').RSA);
var bitlen = 1024;
typo 6553 -> 65537
2016-07-30 20:04:57 +00:00
var exp = 65537;
initial commit
2016-07-30 19:59:48 +00:00
var options = { public: true, pem: true, internal: true };
RSA.generateKeypair(bitlen, exp, options).then(function (keypair) {
console.log(keypair);
});
```
`console.log(keypair)`:
```javascript
// http://crypto.stackexchange.com/questions/6593/what-data-is-saved-in-rsa-private-key
{ publicKeyPem: '/*base64 pem-encoded string*/'
, privateKeyPem: '/*base64 pem-encoded string*/'
, privateKeyJwk: {
kty: "RSA"
, n: '/*base64 modulus n = pq*/'
typo 6553 -> 65537
2016-07-30 20:04:57 +00:00
, e: '/*base64 exponent (usually 65537)*/'
initial commit
2016-07-30 19:59:48 +00:00
, d: '/*base64 private exponent (d = e^1 (mod ϕ(n))/'
, p: '/*base64 first prime*/'
, q: /*base64 second prime*/
, dp: /*base64 first exponent for Chinese remainder theorem (dP = d (mod p1))*/
, dq: /*base64 Second exponent, used for CRT (dQ = d (mod q1))/
, qi: /*base64 Coefficient, used for CRT (qinv = q^1 (mod p))*/
}
, publicKeyJwk: {
kty: "RSA"
, n: /*base64 modulus n = pq*/
typo 6553 -> 65537
2016-07-30 20:04:57 +00:00
, e: /base64 exponent (usually 65537)*/
initial commit
2016-07-30 19:59:48 +00:00
}
, _ursa: /*undefined or intermediate ursa object*/
, _forge: /*undefined or intermediate forge object*/
}
// NOTE: this object is JSON safe as _ursa and _forge will be ignored
```
API
---
* `RSA.generateKeypair(bitlen, exp, options, cb)`
* `RSA.importPemPrivateKey(privatePem)`
### RSA.generateKeypair(bitlen, exp, options, cb)
Create a private keypair and export it as PEM, JWK, and/or internal formats
```javascript
RSA.generateKeypair(null, null, null, function (keypair) { /*...*/ });
typo 6553 -> 65537
2016-07-30 20:04:57 +00:00
RSA.generateKeypair(1024, 65537, { pem: false, public: false, internal: false }, function (keypair) { /*...*/ });
initial commit
2016-07-30 19:59:48 +00:00
```
`bitlen`: *1024* (default), 2048, or 4096
typo 6553 -> 65537
2016-07-30 20:04:57 +00:00
`exp`: *65537* (default)
initial commit
2016-07-30 19:59:48 +00:00
`options`:
```javascript
{ public: false // export public keys
, pem: false // export pems
, jwk: true // export jwks
, internal: false // preserve internal intermediate formats (_ursa, _forge)
, thumbprint: false // JWK sha256 thumbprint
, fingerprint: false // NOT IMPLEMENTED (RSA key fingerprint)
}
```
### RSA.import(keypair, options, cb)
Import a private key or public key as PEM, JWK, and/or internal formats
`rsa`:
```javascript
{ publicKeyPem: '...'
, privateKeyPem: '...'
, privateKeyJwk: { /*...*/ }
, publicKeyJwk: { /*...*/ }
, _ursa: '[Object object]'
, _forge: '[Object object]'
}
```
`options`:
```
// same as above, except the following are also added
{ private: true // export private key
// (as opposed to using a private key
// solely to export the public key)
}
```
### Other
(the code is there, but they aren't exposed yet)
* `toStandardB64(certbuf.toString('base64'))`
* `thumbprint(publicPem)`
* `generateCsr(privateKeyPem, ['example.com'])`
```
cert = toStandardB64(certbuf.toString('base64'))
cert=cert.match(/.{1,64}/g).join('\n');
return '-----BEGIN CERTIFICATE-----\n'+cert+'\n-----END CERTIFICATE-----';
```