Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@trust/keyto

Package Overview
Dependencies
Maintainers
7
Versions
13
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@trust/keyto

A utility for translating cryptographic keys between representations

  • 1.0.1
  • latest
  • Source
  • npm
  • Socket score
Version published
Maintainers
7
Created
Source

Keyto (@trust/keyto)

standard-readme compliant Build Status codecov

A utility for translating cryptographic keys between representations.

Keyto is pronounced 'key-to'.

Full project documentation is available here.

Table of Contents

Status

RSA

  • PKCS1
  • PKCS8
  • JWK

ECDSA - secp256k1 (Blockchain Curve)

  • PKCS1 (Private Only)
  • PKCS8
  • JWK
  • BLK (Private Key Hex String)

ECDSA - secp256r1 (P-256)

  • PKCS1 (Private Only)
  • PKCS8
  • JWK

ECDSA - secp384r1 (P-384)

  • PKCS1 (Private Only)
  • PKCS8
  • JWK

ECDSA - secp521r1 (P-521)

  • PKCS1 (Private Only)
  • PKCS8
  • JWK

EDDSA - ed25519

  • PKCS8
  • JWK

EDDSA - ed448

  • PKCS8
  • JWK

Install

$ npm install @trust/keyto --save

Usage

Translate Private PEM to Public JWK:

const keyto = require('@trust/keyto')

let pemPrivate = getPrivatePemStringSomehow()
let jwk = getPublicJwkSomehow()

// String data can either be passed in directly:
let key = keyto.from(pemPrivate, 'pem').toJwk('public')

// Or can be passed in as an object instead:
let key = keyto.from({ key: pemPrivate }, 'pem').toJwk('public')
assertEqual(jwk, key)

Translate Private Hex (Blockchain) Key to PKCS8 Public PEM:

const keyto = require('@trust/keyto')

let blk = getPrivateBlockchainHexStringSomehow()
let pemPublic = getPublicPemSomehow()

let key = keyto.from(blk, 'blk').toString('pem', 'public_pkcs8')
assertEqual(pemPublic, key)

API

keyto.from(key, format) -> {Key}

args:

  • key := (String|JWK)
  • format := String

format:

Format can be any of these: 'pem', 'jwk' or 'blk'.

  • format = pem: will parse a PEM encoded string (as per OpenSSL output).
  • format = jwk: will parse a JWK object or JSON String
  • format = blk: will parse a hex encoded key string as used on various blockchains (limited to secp256k1 keys).

{Key}.toJwk(selector = 'public') -> {JWK}

args:

  • selector := String

selector:

Selector can be any of these: 'public', 'private'.

  • selector := public: will produce a public JWK.
  • selector := private: will produce a private JWK.

{Key}.toString(format = 'pem', selector = 'public') -> {String}

args:

  • format := String
  • selector := String

format:

Format can be any of these: 'pem', 'jwk' or 'blk'.

  • format = pem: will produce a PEM encoded string (as per OpenSSL output).
  • format = jwk: will produce a stringified JWK.
  • format = blk: will produce a hex encoded key string as used on various blockchains (limited to secp256k1 keys).

selector:

Selector can be any of these: 'public', 'private', 'public_pkcs1', 'public_pkcs8', 'private_pkcs1' or 'private_pkcs8'.

  • selector = public: will produce a public key.
  • selector = private: will produce a private key.
  • selector = public_pkcs1: will produce a public key according to the PKCS1 ASN Schema. Only relevant to DER related encodings.
  • selector = public_pkcs8: will produce a public key according to the PKCS8 ASN Schema. Only relevant to DER related encodings.
  • selector = private_pkcs1: will produce a private key according to the PKCS1 ASN Schema. Only relevant to DER related encodings.
  • selector = private_pkcs8: will produce a private key according to the PKCS8 ASN Schema. Only relevant to DER related encodings.

Maintainers

@EternalDeiwos @thelunararmy

Contribute

PRs accepted.

Small note: If editing the README, please conform to the standard-readme specification.

License

MIT © 2017-2020 Greg Linklater

Keywords

FAQs

Package last updated on 26 Feb 2020

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm

Security News

Research

Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm

The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.

By Kush Pandya  -  Dec 11, 2024
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc