UNPKG

ec-pem

Version:

Enables `crypto.sign` and `crypto.verify` using `crypto.createECDH` generated keys

github.com/shanewholloway/node-ec-pem

shanewholloway/node-ec-pem

114 lines (91 loc) 4.58 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
"use strict" const assert = require('assert') const crypto = require('crypto') const ec_pem = require('../ec_pem') const curve = 'secp521r1' const keys = { priv: ['-----BEGIN EC PRIVATE KEY-----', 'ME8CAQEEQYEYjwI7+EZlaLR9bVFluK0Jv57LFl+EgDdvCabqjUuW2IhxGC4ZylGd', 'Imp8OMoAUU1n7IGlDNmXZ5Ui0qdfvPlEoAcGBSuBBAAj', '-----END EC PRIVATE KEY-----'].join('\n'), pub: ['-----BEGIN PUBLIC KEY-----', 'MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBnFjGRSIqN/aqVGXkdAor3XkHkdbz', 'Q6xpwePa0+9dvNLzCUUrx69rhu2eP4amhyjshEK3UrJamjarUGboCaMYuqYBHIfh', 'u5sSi+Uen8SvRrJBh2nzHHlEiBsRWJ1C/pNxpnpTEfyJr+15nWF93OCl4hLZJZ+W', '7V2nmFPxLdo4iPr4rJ4=', '-----END PUBLIC KEY-----'].join('\n'), } describe('test key exchange', () => { it('should work', () => { const alice = crypto.createECDH(curve) alice.generateKeys() const bob = ec_pem.loadPrivateKey(keys.priv) const bob_secret = bob.computeSecret(alice.getPublicKey('hex'), 'hex', 'hex') const bob_key = ec_pem.loadPublicKey(keys.pub, 'hex') const alice_secret = alice.computeSecret(bob_key.public_key, 'hex', 'hex') assert.equal(bob_secret, alice_secret) const bob_key_ec = ec_pem.loadPublicKey(keys.pub) const alice_secret_ec = alice.computeSecret(bob_key_ec.getPublicKey()) assert.equal(bob_secret, alice_secret_ec.toString('hex')) assert.equal(bob_key.public_key, bob.getPublicKey('hex')) assert.equal(bob_key_ec.getPublicKey('hex'), bob.getPublicKey('hex')) }) }) describe('test key store/load/clone roundtrips', () => { let bob_private, bob_public before(() => { bob_private = ec_pem.loadPrivateKey(keys.priv) bob_public = ec_pem.loadPublicKey(keys.pub) }) it('should round trip private_key through Base64', () => assert.deepEqual( ec_pem.fromBase64(bob_private.toPrivateBase64()).toPrivateJSON(), {curve, private_key: ec_pem.asUrlSafeBase64(bob_private.getPrivateKey('base64'))}) ) it('should round trip public_key through Base64', () => assert.deepEqual( ec_pem.fromBase64(bob_public.toPublicBase64()).toPublicJSON(), {curve, public_key: ec_pem.asUrlSafeBase64(bob_public.getPublicKey('base64', 'compressed'))}) ) it('should round load private_key from Base64', () => assert.deepEqual( ec_pem.load(bob_private.toPrivateBase64()).toPrivateJSON(), {curve, private_key: ec_pem.asUrlSafeBase64(bob_private.getPrivateKey('base64'))}) ) it('should round load public_key from Base64', () => assert.deepEqual( ec_pem.load(bob_public.toPublicBase64()).toPublicJSON(), {curve, public_key: ec_pem.asUrlSafeBase64(bob_public.getPublicKey('base64', 'compressed'))}) ) // -- it('should round trip private_key through Buffer', () => assert.deepEqual( ec_pem.fromBuffer(bob_private.toPrivateBuffer()).toPrivateJSON(), bob_private.toPrivateJSON())) it('should round trip public_key through Buffer', () => assert.deepEqual( ec_pem.fromBuffer(bob_public.toPublicBuffer()).toPublicJSON(), bob_public.toPublicJSON())) it('should round load private_key from Base64', () => assert.deepEqual( ec_pem.load(bob_private.toPrivateBuffer()).toPrivateJSON(), bob_private.toPrivateJSON())) it('should round load public_key from Base64', () => assert.deepEqual( ec_pem.load(bob_public.toPublicBuffer()).toPublicJSON(), bob_public.toPublicJSON())) it('should clone properly', () => { assert.deepEqual(bob_public.toPublicJSON(), bob_public.clone().toPublicJSON()) assert.deepEqual(bob_public.toPublicJSON(), bob_private.clone('public').toPublicJSON()) assert.deepEqual(bob_private.toPrivateJSON(), bob_private.clone().toPrivateJSON()) }) it('public clones should throw when private key is accessed', () => { assert.throws(() => bob_public.toPrivateJSON()) assert.throws(() => bob_private.clone('public').toPrivateJSON()) assert.throws(() => bob_private.clonePublic().toPrivateJSON()) }) it('should clone public properly', () => assert.deepEqual(bob_public.toPublicJSON(), bob_private.clone('public').toPublicJSON()) ) it('should clonePublic properly', () => assert.deepEqual(bob_public.toPublicJSON(), bob_private.clonePublic().toPublicJSON()) ) it('should clone private properly', () => assert.deepEqual(bob_private.toPrivateJSON(), bob_private.clone('private').toPrivateJSON()) ) it('should clonePrivate properly', () => assert.deepEqual(bob_private.toPrivateJSON(), bob_private.clonePrivate().toPrivateJSON()) ) })