UNPKG

crypto-key-composer

Version:

A library to decompose and compose crypto keys of different types and formats

github.com/ipfs-shipyard/js-crypto-key-composer

ipfs-shipyard/js-crypto-key-composer

161 lines (138 loc) 4.64 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
import { decodeAsn1, encodeAsn1 } from '../../util/asn1-encoder'; import { RsaPrivateKey, RsaPublicKey, EcPrivateKey } from '../../util/asn1-entities'; import { decodeEcPoint, encodeEcPoint, validateEcD } from '../../util/ec'; import { UnsupportedAlgorithmError } from '../../util/errors'; import { OIDS, FLIPPED_OIDS } from '../../util/oids'; import { KEY_TYPES } from '../../util/key-types'; export const SUPPORTED_KEY_TYPES = { private: ['rsa', 'ec'], public: ['rsa'] }; export const decomposeRsaPrivateKey = rsaPrivateKeyAsn1 => { const { version, ...keyData } = decodeAsn1(rsaPrivateKeyAsn1, RsaPrivateKey); return { keyAlgorithm: { id: 'rsa-encryption' }, keyData }; }; export const composeRsaPrivateKey = (keyAlgorithm, keyData) => { const otherPrimeInfos = keyData.otherPrimeInfos; const hasMultiplePrimes = otherPrimeInfos && otherPrimeInfos.length > 0; const rsaPrivateKey = { ...keyData, version: hasMultiplePrimes ? 1 : 0, otherPrimeInfos: hasMultiplePrimes ? otherPrimeInfos : undefined }; return encodeAsn1(rsaPrivateKey, RsaPrivateKey); }; export const decomposeRsaPublicKey = rsaPublicKeyAsn1 => { const { version, ...keyData } = decodeAsn1(rsaPublicKeyAsn1, RsaPublicKey); return { keyAlgorithm: { id: 'rsa-encryption' }, keyData }; }; export const composeRsaPublicKey = (keyAlgorithm, keyData) => encodeAsn1(keyData, RsaPublicKey); export const decomposeEcPrivateKey = ecPrivateKeyAsn1 => { const ecPrivateKey = decodeAsn1(ecPrivateKeyAsn1, EcPrivateKey); // Validate parameters & publicKey /* istanbul ignore if */ if (!ecPrivateKey.parameters) { throw new UnsupportedAlgorithmError('Missing parameters from ECPrivateKey'); } /* istanbul ignore if */ if (ecPrivateKey.parameters.type !== 'namedCurve') { throw new UnsupportedAlgorithmError('Only EC named curves are supported'); } /* istanbul ignore if */ if (!ecPrivateKey.publicKey) { throw new UnsupportedAlgorithmError('Missing publicKey from ECPrivateKey'); } // Ensure that the named curve is supported const namedCurve = OIDS[ecPrivateKey.parameters.value]; if (!namedCurve) { throw new UnsupportedAlgorithmError(`Unsupported named curve OID '${ecPrivateKey.parameters.value}'`); } // Validate & encode point (public key) const { x, y } = decodeEcPoint(namedCurve, ecPrivateKey.publicKey.data); return { keyAlgorithm: { id: 'ec-public-key', namedCurve }, keyData: { d: ecPrivateKey.privateKey, x, y } }; }; export const composeEcPrivateKey = (keyAlgorithm, keyData) => { // Validate named curve const namedCurveOid = FLIPPED_OIDS[keyAlgorithm.namedCurve]; if (!namedCurveOid) { throw new UnsupportedAlgorithmError(`Unsupported named curve '${keyAlgorithm.namedCurve}'`); } // Validate D value (private key) const privateKey = validateEcD(keyAlgorithm.namedCurve, keyData.d); // Encode point (public key) const publicKey = encodeEcPoint(keyAlgorithm.namedCurve, keyData.x, keyData.y); const ecPrivateKey = { version: 1, privateKey, parameters: { type: 'namedCurve', value: namedCurveOid }, publicKey: { unused: 0, data: publicKey } }; return encodeAsn1(ecPrivateKey, EcPrivateKey); }; export const decomposeRawPrivateKey = (keyType, privateKeyAsn1) => { switch (keyType) { case 'rsa': return decomposeRsaPrivateKey(privateKeyAsn1); case 'ec': return decomposeEcPrivateKey(privateKeyAsn1); default: throw new UnsupportedAlgorithmError(`Unsupported key type '${keyType}'`); } }; export const composeRawPrivateKey = (keyAlgorithm, keyData) => { const keyType = KEY_TYPES[keyAlgorithm.id]; switch (keyType) { case 'rsa': return composeRsaPrivateKey(keyAlgorithm, keyData); case 'ec': return composeEcPrivateKey(keyAlgorithm, keyData); default: throw new UnsupportedAlgorithmError(`Unsupported key algorithm id '${keyAlgorithm.id}'`); } }; export const decomposeRawPublicKey = (keyType, publicKeyAsn1) => { switch (keyType) { case 'rsa': return decomposeRsaPublicKey(publicKeyAsn1); default: throw new UnsupportedAlgorithmError(`Unsupported key type '${keyType}'`); } }; export const composeRawPublicKey = (keyAlgorithm, keyData) => { const keyType = KEY_TYPES[keyAlgorithm.id]; switch (keyType) { case 'rsa': return composeRsaPublicKey(keyAlgorithm, keyData); default: throw new UnsupportedAlgorithmError(`Unsupported key algorithm id '${keyAlgorithm.id}'`); } };