| 
									
										
										
										
											2018-11-22 04:05:00 -07:00
										 |  |  | Rasha.js | 
					
						
							|  |  |  | ========= | 
					
						
							| 
									
										
										
										
											2018-11-20 01:02:36 -07:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-11-22 04:05:00 -07:00
										 |  |  | Sponsored by [Root](https://therootcompany.com). | 
					
						
							|  |  |  | Built for [ACME.js](https://git.coolaj86.com/coolaj86/acme.js) | 
					
						
							|  |  |  | and [Greenlock.js](https://git.coolaj86.com/coolaj86/greenlock.js) | 
					
						
							| 
									
										
										
										
											2018-11-20 01:02:36 -07:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-11-22 04:05:00 -07:00
										 |  |  | RSA tools. Lightweight. Zero Dependencies. Universal compatibility. | 
					
						
							| 
									
										
										
										
											2018-11-20 01:02:36 -07:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-11-22 04:05:00 -07:00
										 |  |  | * [x] PEM-to-JWK | 
					
						
							|  |  |  | * [ ] JWK-to-PEM (in progress) | 
					
						
							|  |  |  | * [x] SSH "pub" format | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | <!-- This project is fully functional and tested (and the code is pretty clean).
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | It is considered to be complete, but if you find a bug please open an issue. --> | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ## PEM-to-JWK
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | * [x] PKCS#1 (traditional), PKCS#8, SPKI/PKIX | 
					
						
							|  |  |  | * [x] 2048-bit, 4096-bit (and ostensibily all others) | 
					
						
							|  |  |  | * [x] SSH (RFC4716), (RFC 4716/SSH2) | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ```js | 
					
						
							|  |  |  | var Rasha = require('rasha'); | 
					
						
							|  |  |  | var pem = require('fs') | 
					
						
							|  |  |  |   .readFileSync('./node_modles/rasha/fixtures/privkey-rsa-2048.pkcs1.pem', 'ascii'); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | Rasha.import({ pem: pem }).then(function (jwk) { | 
					
						
							|  |  |  |   console.log(jwk); | 
					
						
							|  |  |  | }); | 
					
						
							|  |  |  | ``` | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ```js | 
					
						
							|  |  |  | { | 
					
						
							|  |  |  |   "kty": "RSA", | 
					
						
							|  |  |  |   "n": "m2ttVBxPlWw06ZmGBWVDl...QlEz7UNNj9RGps_50-CNw", | 
					
						
							|  |  |  |   "e": "AQAB", | 
					
						
							|  |  |  |   "d": "Cpfo7Mm9Nu8YMC_xrZ54W...Our1IdDzJ_YfHPt9sHMQQ", | 
					
						
							|  |  |  |   "p": "ynG-t9HwKCN3MWRYFdnFz...E9S4DsGcAarIuOT2TsTCE", | 
					
						
							|  |  |  |   "q": "xIkAjgUzB1zaUzJtW2Zgv...38ahSrBFEVnxjpnPh1Q1c", | 
					
						
							|  |  |  |   "dp": "tzDGjECFOU0ehqtuqhcu...dVGAXJoGOdv5VpaZ7B1QE", | 
					
						
							|  |  |  |   "dq": "kh5dyDk7YCz7sUFbpsmu...aX9PKa12HFlny6K1daL48", | 
					
						
							|  |  |  |   "qi": "AlHWbx1gp6Z9pbw_1hlS...lhmIOgRApS0t9VoXtHhFU" | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | ``` | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | <!--
 | 
					
						
							|  |  |  | ## JWK-to-PEM
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | * [x] PKCS#1 (traditional), PKCS#8, SPKI/PKIX | 
					
						
							|  |  |  | * [x] 2048-bit, 4096-bit (and ostensibily all others) | 
					
						
							|  |  |  | * [x] SSH (RFC4716), (RFC 4716/SSH2) | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ```js | 
					
						
							|  |  |  | var Rasha = require('rasha'); | 
					
						
							|  |  |  | var jwk = require('rasha/fixtures/privkey-rsa-2038.jwk.json'); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | Rasha.export({ jwk: jwk }).then(function (pem) { | 
					
						
							|  |  |  |   // PEM in PKCS1 (traditional) format | 
					
						
							|  |  |  |   console.log(pem); | 
					
						
							|  |  |  | }); | 
					
						
							|  |  |  | ``` | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``` | 
					
						
							|  |  |  | -----BEGIN RSA PRIVATE KEY----- | 
					
						
							|  |  |  | MIIEpAIBAAKCAQEAm2ttVBxPlWw06ZmGBWVDlfjkPAJ4DgnY0TrDwtCohHzLxGhD | 
					
						
							|  |  |  | NzUJefLukC+xu0LBKylYojT5vTkxaOhxeSYo31syu4WhxbkTBLICOFcCGMob6pSQ | 
					
						
							|  |  |  | 38P8LdAIlb0pqDHxEJ9adWomjuFf0...e5cCBahfsiNtNR6WV1/iCSuINYs6uPdA | 
					
						
							|  |  |  | Jlw7hm9m8TAmFWWyfL0s7wiRvAYkQvpxetorTwHJVLabBDJ+WBOAY2enOLHIRQv+ | 
					
						
							|  |  |  | atAvHrLXjkUdzF96o0icyF6n7QzGfUPmeWGYg6BEClLS31Whe0eEVQ== | 
					
						
							|  |  |  | -----END RSA PRIVATE KEY----- | 
					
						
							|  |  |  | ``` | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | --> | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ### Advanced Options
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | <!--
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | `format: 'pkcs8'`: | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | The default output format `pkcs1` (RSA-specific format) is used for private keys. | 
					
						
							|  |  |  | Use `format: 'pkcs8'` to output in PKCS#8 format instead. | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ```js | 
					
						
							|  |  |  | Rasha.export({ jwk: jwk, format: 'pkcs8' }).then(function (pem) { | 
					
						
							|  |  |  |   // PEM in PKCS#8 format | 
					
						
							|  |  |  |   console.log(pem); | 
					
						
							|  |  |  | }); | 
					
						
							|  |  |  | ``` | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``` | 
					
						
							|  |  |  | -----BEGIN PRIVATE KEY----- | 
					
						
							|  |  |  | MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCba21UHE+VbDTp | 
					
						
							|  |  |  | mYYFZUOV+OQ8AngOCdjROsPC0KiEfMvEaEM3NQl58u6QL7G7QsErKViiNPm9OTFo | 
					
						
							|  |  |  | 6HF5JijfWzK7haHFuRMEsgI4VwIYy...fLorV1ovjwKBgAJR1m8dYKemfaW8P9YZ | 
					
						
							|  |  |  | Uux7lwIFqF+yI201HpZXX+IJK4g1izq490AmXDuGb2bxMCYVZbJ8vSzvCJG8BiRC | 
					
						
							|  |  |  | +nF62itPAclUtpsEMn5YE4BjZ6c4schFC/5q0C8esteORR3MX3qjSJzIXqftDMZ9 | 
					
						
							|  |  |  | Q+Z5YZiDoEQKUtLfVaF7R4RV | 
					
						
							|  |  |  | -----END PRIVATE KEY----- | 
					
						
							|  |  |  | ``` | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | `format: 'ssh'`: | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | Although SSH uses PKCS#1 for private keys, it uses ts own special non-ASN1 format | 
					
						
							|  |  |  | (affectionately known as rfc4716) for public keys. I got curious and then decided | 
					
						
							|  |  |  | to add this format as well. | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | To get the same format as you | 
					
						
							|  |  |  | would get with `ssh-keygen`, pass `ssh` as the format option: | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ```js | 
					
						
							|  |  |  | Rasha.export({ jwk: jwk, format: 'ssh' }).then(function (pub) { | 
					
						
							|  |  |  |   // Special SSH2 Public Key format (RFC 4716) | 
					
						
							|  |  |  |   console.log(pub); | 
					
						
							|  |  |  | }); | 
					
						
							|  |  |  | ``` | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``` | 
					
						
							|  |  |  | ssh-rsa TODO-TODO-TODO RSA-2048@localhost | 
					
						
							|  |  |  | ``` | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | --> | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | `public: 'true'`: | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | If a private key is used as input, a private key will be output. | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | If you'd like to output a public key instead you can pass `public: true`. | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | <!--
 | 
					
						
							|  |  |  | or `format: 'spki'`. | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ```js | 
					
						
							|  |  |  | Rasha.export({ jwk: jwk, public: true }).then(function (pem) { | 
					
						
							|  |  |  |   // PEM in SPKI/PKIX format | 
					
						
							|  |  |  |   console.log(pem); | 
					
						
							|  |  |  | }); | 
					
						
							|  |  |  | ``` | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ``` | 
					
						
							|  |  |  | -----BEGIN RSA PUBLIC KEY----- | 
					
						
							|  |  |  | MIIBCgKCAQEAm2ttVBxPlWw06ZmGBWVDlfjkPAJ4DgnY0TrDwtCohHzLxGhDNzUJ | 
					
						
							|  |  |  | efLukC+xu0LBKylYojT5vTkxaOhxe...eTmzCh2ikrwTMja7mUdBJf2bK3By5AB0 | 
					
						
							|  |  |  | Qi49OykUCfNZeQlEz7UNNj9RGps/50+CNwIDAQAB | 
					
						
							|  |  |  | -----END RSA PUBLIC KEY----- | 
					
						
							|  |  |  | ``` | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | --> | 
					
						
							| 
									
										
										
										
											2018-11-21 01:19:57 -07:00
										 |  |  | 
 | 
					
						
							|  |  |  | Testing | 
					
						
							|  |  |  | ------- | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-11-22 04:05:00 -07:00
										 |  |  | <!-- All cases are tested in `test.sh`. --> | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | You can compare these keys to the ones that you get from OpenSSL, ssh-keygen, and WebCrypto: | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ```bash | 
					
						
							|  |  |  | # Generate 2048-bit RSA Keypair
 | 
					
						
							| 
									
										
										
										
											2018-11-21 01:19:57 -07:00
										 |  |  | openssl genrsa -out privkey-rsa-2048.pkcs1.pem 2048 | 
					
						
							| 
									
										
										
										
											2018-11-22 04:05:00 -07:00
										 |  |  | 
 | 
					
						
							|  |  |  | # Convert PKCS1 (traditional) RSA Keypair to PKCS8 format
 | 
					
						
							| 
									
										
										
										
											2018-11-21 01:19:57 -07:00
										 |  |  | openssl rsa -in privkey-rsa-2048.pkcs1.pem -pubout -out pub-rsa-2048.spki.pem | 
					
						
							| 
									
										
										
										
											2018-11-22 04:05:00 -07:00
										 |  |  | 
 | 
					
						
							|  |  |  | # Export Public-only RSA Key in PKCS1 (traditional) format
 | 
					
						
							| 
									
										
										
										
											2018-11-21 01:19:57 -07:00
										 |  |  | openssl pkcs8 -topk8 -nocrypt -in privkey-rsa-2048.pkcs1.pem -out privkey-rsa-2048.pkcs8.pem | 
					
						
							| 
									
										
										
										
											2018-11-22 04:05:00 -07:00
										 |  |  | 
 | 
					
						
							|  |  |  | # Convert PKCS1 (traditional) RSA Public Key to SPKI/PKIX format
 | 
					
						
							| 
									
										
										
										
											2018-11-21 01:19:57 -07:00
										 |  |  | openssl rsa -in pub-rsa-2048.spki.pem -pubin -RSAPublicKey_out -out pub-rsa-2048.pkcs1.pem | 
					
						
							| 
									
										
										
										
											2018-11-22 04:05:00 -07:00
										 |  |  | 
 | 
					
						
							|  |  |  | # Convert RSA public key to SSH format
 | 
					
						
							| 
									
										
										
										
											2018-11-21 01:19:57 -07:00
										 |  |  | ssh-keygen -f ./pub-rsa-2048.spki.pem -i -mPKCS8 > ./pub-rsa-2048.ssh.pub | 
					
						
							|  |  |  | ``` | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-11-22 04:05:00 -07:00
										 |  |  | Goals of this project | 
					
						
							|  |  |  | ----- | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | * Zero Dependencies | 
					
						
							|  |  |  | * Focused support for 2048-bit and 4096-bit RSA keypairs (although any size is technically supported) | 
					
						
							|  |  |  | * Convert both ways | 
					
						
							|  |  |  | * Browser support as well (TODO) | 
					
						
							|  |  |  | * OpenSSL, ssh-keygen, and WebCrypto compatibility | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | Legal | 
					
						
							|  |  |  | ----- | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | Licensed MPL-2.0 | 
					
						
							| 
									
										
										
										
											2018-11-21 01:19:57 -07:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-11-22 04:05:00 -07:00
										 |  |  | [Terms of Use](https://therootcompany.com/legal/#terms) | | 
					
						
							|  |  |  | [Privacy Policy](https://therootcompany.com/legal/#privacy) |