Skip to content

Latest commit

 

History

History
167 lines (131 loc) · 5.34 KB

README.md

File metadata and controls

167 lines (131 loc) · 5.34 KB

Build Status Coverage Status Dependency Status License

Table of Contents

rsa-pem-to-jwk

Converts PEM encoded RSA public and private keys to the JWK (JSON Web Key) format.

For example, given the following PEM encoded RSA key:

-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQDfn1nKQshOSj8xw44oC2klFWSNLmK3BnHONCJ1bZfq0EQ5gIfg
tlvB+Px8Ya+VS3OnK7Cdi4iU1fxO9ktN6c6TjmmmFevk8wIwqLthmCSF3r+3+h4e
ddj7hucMsXWv05QUrCPoL6YUUz7Cgpz7ra24rpAmK5z7lsV+f3BEvXkrUQIDAQAB
AoGAC0G3QGI6OQ6tvbCNYGCqq043YI/8MiBl7C5dqbGZmx1ewdJBhMNJPStuckhs
kURaDwk4+8VBW9SlvcfSJJrnZhgFMjOYSSsBtPGBIMIdM5eSKbenCCjO8Tg0BUh/
xa3CHST1W4RQ5rFXadZ9AeNtaGcWj2acmXNO3DVETXAX3x0CQQD13LrBTEDR44ei
lQ/4TlCMPO5bytd1pAxHnrqgMnWovSIPSShAAH1feFugH7ZGu7RoBO7pYNb6N3ia
C1idc7yjAkEA6Nfc6c8meTRkVRAHCF24LB5GLfsjoMB0tOeEO9w9Ous1a4o+D24b
AePMUImAp3woFoNDRfWtlNktOqLel5PjewJBAN9kBoA5o6/Rl9zeqdsIdWFmv4DB
5lEqlEnC7HlAP+3oo3jWFO9KQqArQL1V8w2D4aCd0uJULiC9pCP7aTHvBhcCQQDb
W0mOp436T6ZaELBfbFNulNLOzLLi5YzNRPLppfG1SRNZjbIrvTIKVL4N/YxLvQbT
NrQw+2OdQACBJiEHsdZzAkBcsTk7frTH4yGx0VfHxXDPjfTj4wmD6gZIlcIr9lZg
4H8UZcVFN95vEKxJiLRjAmj6g273pu9kK4ymXNEjWWJn
-----END RSA PRIVATE KEY-----

the following private RSA JWK is returned:

{
  "kty": "RSA",
  "n": "AN-fWcpCyE5KPzHDjigLaSUVZI0uYrcGcc40InVtl-rQRDmAh-C2W8H4_Hxhr5VLc6crsJ2LiJTV_E72S03pzpOOaaYV6-TzAjCou2GYJIXev7f6Hh512PuG5wyxda_TlBSsI-gvphRTPsKCnPutrbiukCYrnPuWxX5_cES9eStR",
  "e": "AQAB",
  "d": "C0G3QGI6OQ6tvbCNYGCqq043YI_8MiBl7C5dqbGZmx1ewdJBhMNJPStuckhskURaDwk4-8VBW9SlvcfSJJrnZhgFMjOYSSsBtPGBIMIdM5eSKbenCCjO8Tg0BUh_xa3CHST1W4RQ5rFXadZ9AeNtaGcWj2acmXNO3DVETXAX3x0",
  "p": "APXcusFMQNHjh6KVD_hOUIw87lvK13WkDEeeuqAydai9Ig9JKEAAfV94W6Aftka7tGgE7ulg1vo3eJoLWJ1zvKM",
  "q": "AOjX3OnPJnk0ZFUQBwhduCweRi37I6DAdLTnhDvcPTrrNWuKPg9uGwHjzFCJgKd8KBaDQ0X1rZTZLTqi3peT43s",
  "dp": "AN9kBoA5o6_Rl9zeqdsIdWFmv4DB5lEqlEnC7HlAP-3oo3jWFO9KQqArQL1V8w2D4aCd0uJULiC9pCP7aTHvBhc",
  "dq": "ANtbSY6njfpPploQsF9sU26U0s7MsuLljM1E8uml8bVJE1mNsiu9MgpUvg39jEu9BtM2tDD7Y51AAIEmIQex1nM",
  "qi": "XLE5O360x-MhsdFXx8Vwz4304-MJg-oGSJXCK_ZWYOB_FGXFRTfebxCsSYi0YwJo-oNu96bvZCuMplzRI1liZw"
}

alternatively, the PEM can also be converted to a public RSA JWK:

{
  "kty": "RSA",
  "n": "AN-fWcpCyE5KPzHDjigLaSUVZI0uYrcGcc40InVtl-rQRDmAh-C2W8H4_Hxhr5VLc6crsJ2LiJTV_E72S03pzpOOaaYV6-TzAjCou2GYJIXev7f6Hh512PuG5wyxda_TlBSsI-gvphRTPsKCnPutrbiukCYrnPuWxX5_cES9eStR",
  "e": "AQAB"
}

Getting Started

Installation

The library can be installed with npm using

$ npm install rsa-pem-to-jwk

Running the tests, coverage, and style checks

The module's tests are run with:

$ npm test

The coverage report is generated with:

$ npm run cover

jshint (lint) and jscs (style) is automated with gulp:

$ gulp lint
$ gulp style

or just

$ gulp

PEM Format

This module expects the input RSA keys to be in "PEM" format. Most tools agree on what this means for private keys but some tools have different definitions for public keys.

Private Keys

Both OpenSSH and OpenSSL use the same RSA private key PEM format. Below is an example of generating such a PEM of a 2048 bit RSA private key with each tool:

OpenSSL:

$ openssl genrsa -out private.pem 2048

OpenSSH:

$ ssh-keygen -t rsa -b 2048 -m PEM -f private.pem

Public Keys

The expected PEM format for public keys is RSAPublicKey. This is the default output PEM format for the OpenSSH key generation tool but not for OpenSSL (requires -RSAPublicKey_out flag). Below is an example of generating the public key from a RSA private key PEM with each tool:

OpenSSL:

$ openssl rsa -in private.pem -RSAPublicKey_out -out public.pem

OpenSSH:

$ ssh-keygen -f private.pem -e -m PEM > public.pem

API Reference

rsaPemToJwk(pem, extraKeys, type)

Converts PEM encoded RSA public and private keys to the JWK (JSON Web Key) format.

Parameters

pem {String} of a PEM encoded RSA public or private key.

extraKeys {Object} whose keys appear in the JWK body. Default: {}

type {String} equal to:

  • public -- JWK will only contain the public portions of the RSA key.

  • private -- JWK will contain both the public and private portions of the RSA key.

    Default: type of input PEM

Usage Example

var fs = require('fs');
var rsaPemToJwk = require('rsa-pem-to-jwk');

var pem = fs.readFileSync('privateKey.pem');

var jwk = rsaPemToJwk(pem, {use: 'sig'}, 'public');