💯 SSH to JWK in a lightweight, zero-dependency library.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
AJ ONeal d5cb30f6bc v1.2.6: Use native BigInt to generate dp and dq vals for RSA 5 years ago
bin v1.2.1: fingerprint privkeys, doc priv parsing, update bin 5 years ago
fixtures v1.2.6: Use native BigInt to generate dp and dq vals for RSA 5 years ago
lib v1.2.6: Use native BigInt to generate dp and dq vals for RSA 5 years ago
README.md v1.2.6: Use native BigInt to generate dp and dq vals for RSA 5 years ago
index.js v1.0.0: parse EC and RSA ssh public keys 5 years ago
package.json v1.2.6: Use native BigInt to generate dp and dq vals for RSA 5 years ago

README.md

SSH to JWK (for node.js)

A minimal library to parse an SSH public key (id_rsa.pub) and convert it into a public JWK.

Works for RSA and ECDSA public keys.

Features

< 100 lines of code | <1kb gzipped | 1.8kb minified | 3.1kb with comments

  • SSH Public Keys (RFC 4253)
    • fingerprint
  • OpenSSH Private Keys
  • RSA
    • 2048, 3072, 4096
  • EC Public Keys
    • P-256 (prime256v1, secp256r1)
    • P-384 (secp384r1)
  • Browser Version

Note: Lines of code have increased by about 2x since adding private key support.

Need JWK to SSH? SSH to PEM?

Try one of these:

Need SSH Private Keys?

Many SSH private keys are just normal PEM files, so you can use Eckles or Rasha, as mentioned above.

As for the OpenSSH-specific Private Keys, both EC and RSA are fully supported.

CLI

You can install ssh-to-jwk and use it from command line:

npm install -g ssh-to-jwk
ssh-to-jwk ~/.ssh/id_rsa.pub
ssh-to-jwk ~/.ssh/id_rsa

Usage

You can also use it from JavaScript:

SSH to JWK

var fs = require('fs');
var sshtojwk = require('ssh-to-jwk');
var ssh;

ssh = sshtojwk.parse({ pub: fs.readFileSync("./id_rsa.pub") });
console.info(ssh.jwk);

// For OpenSSH PEMs only, use Rasha for standard RSA or Eckles for standard EC
ssh = sshtojwk.parse({ pem: fs.readFileSync("./id_rsa") });
console.info(ssh.jwk);

SSH Fingerprint

var fs = require('fs');
var sshtojwk = require('ssh-to-jwk');
var pub = fs.readFileSync("./id_rsa.pub");

sshtojwk.fingerprint({ pub: pub }).then(function (fingerprint) {
  console.info(fingerprint);
  // SHA256:yCB62vBVsOwqksgYwy/WDbaMF2PhPijAwcrlzmrxfko
});

Legal

ssh-to-jwk.js | MPL-2.0 | Terms of Use | Privacy Policy