Class Index | File Index

Classes


Class PKCS5PKEY

class for PKCS#5 and PKCS#8 private key
Defined in: pkcs5pkey-1.0.js.

Class Summary
Constructor Attributes Constructor Name and Description
 

PKCS5PKEY class has following features:
  • read and parse PEM formatted encrypted PKCS#5 private key
  • generate PEM formatted encrypted PKCS#5 private key
  • read and parse PEM formatted plain PKCS#8 private key
  • read and parse PEM formatted encrypted PKCS#8 private key by PBKDF2/HmacSHA1/3DES
Currently supports only RSA private key and following symmetric key algorithms to protect private key.
Field Summary
Field Attributes Field Name and Description
<static>  
PKCS5PKEY.version
decrypt private key by shared key version string of PKCS5PKEY class
Method Summary
Method Attributes Method Name and Description
<static>  
PKCS5PKEY.getDecryptedKeyHex(sEncryptedPEM, passcode)
decrypt PEM formatted protected PKCS#5 private key with passcode
<static>  
PKCS5PKEY.getDecryptedKeyHexByKeyIV(encryptedKeyHex, algName, sharedKeyHex, ivHex)
decrypt private key by shared key
<static>  
PKCS5PKEY.getEryptedPKCS5PEMFromPrvKeyHex(hPrvKey, passcode, sharedKeyAlgName, ivsaltHex)
get PEM formatted encrypted PKCS#5 private key from hexadecimal string of plain private key
generate PEM formatted encrypted PKCS#5 private key by hexadecimal string encoded ASN.1 object of plain RSA private key.
<static>  
PKCS5PKEY.getEryptedPKCS5PEMFromRSAKey(pKey, passcode, alg, ivsaltHex)
get PEM formatted encrypted PKCS#5 private key from RSAKey object of private key
generate PEM formatted encrypted PKCS#5 private key by RSAKey object of RSA private key and passcode.
<static>  
PKCS5PKEY.getHexFromPEM(sPEM, sHead)
get hexacedimal string of PEM format
<static>  
PKCS5PKEY.getKeyAndUnusedIvByPasscodeAndIvsalt(algName, passcode, hexadecimal)
the same function as OpenSSL EVP_BytsToKey to generate shared key and IV
<static>  
PKCS5PKEY.getKeyFromEncryptedPKCS8PEM(pkcs8PEM, passcode)
get RSAKey/ECDSA private key object from encrypted PEM PKCS#8 private key
<static>  
PKCS5PKEY.getKeyFromPlainPrivatePKCS8Hex(prvKeyHex)
get RSAKey/ECDSA private key object from HEX plain PEM PKCS#8 private key
<static>  
PKCS5PKEY.getKeyFromPlainPrivatePKCS8PEM(pkcs8PEM)
get RSAKey/ECDSA private key object from PEM plain PEM PKCS#8 private key
<static>  
PKCS5PKEY.getKeyFromPublicPKCS8Hex(pkcsPub8Hex)
get RSAKey/ECDSA public key object from hexadecimal string of PKCS#8 public key
<static>  
PKCS5PKEY.getKeyFromPublicPKCS8PEM(pkcsPub8PEM)
get RSAKey/ECDSA public key object from PEM PKCS#8 public key
<static>  
PKCS5PKEY.getPBKDF2KeyHexFromParam(info, passcode)
generate PBKDF2 key hexstring with specified passcode and information As for info, this uses following properties:
  • info.pbkdf2Salt - hexadecimal string of PBKDF2 salt
  • info.pkbdf2Iter - iteration count
Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES.
<static>  
PKCS5PKEY.getPlainPKCS8HexFromEncryptedPKCS8PEM(pkcs8PEM, passcode)
read PEM formatted encrypted PKCS#8 private key and returns hexadecimal string of plain PKCS#8 private key Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES.
<static>  
PKCS5PKEY.getRSAKeyFromEncryptedPKCS5PEM(sEncryptedP5PEM, passcode)
read PEM formatted encrypted PKCS#5 private key and returns RSAKey object
<static>  
PKCS5PKEY.getRSAKeyFromEncryptedPKCS8PEM(pkcs8PEM, passcode)
read PEM formatted encrypted PKCS#8 private key and returns RSAKey object Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES.
<static>  
PKCS5PKEY.getRSAKeyFromPlainPKCS8Hex(prvKeyHex)
provide hexadecimal string of unencrypted PKCS#8 private key and returns RSAKey object
<static>  
PKCS5PKEY.getRSAKeyFromPlainPKCS8PEM(pkcs8PEM)
read PEM formatted unencrypted PKCS#8 private key and returns RSAKey object
<static>  
PKCS5PKEY.getRSAKeyFromPublicPKCS8Hex(pkcs8PubHex)
provide hexadecimal string of unencrypted PKCS#8 private key and returns RSAKey object
<static>  
PKCS5PKEY.getRSAKeyFromPublicPKCS8PEM(pkcs8PubPEM)
read PEM formatted PKCS#8 public key and returns RSAKey object
<static>  
PKCS5PKEY.newEncryptedPKCS5PEM(passcode, keyLen, hPublicExponent, alg)
generate RSAKey and PEM formatted encrypted PKCS#5 private key
<static>  
PKCS5PKEY.parseHexOfEncryptedPKCS8(passcode)
generate PBKDF2 key hexstring with specified passcode and information The associative array which is returned by this method has following properties:
  • info.pbkdf2Salt - hexadecimal string of PBKDF2 salt
  • info.pkbdf2Iter - iteration count
  • info.ciphertext - hexadecimal string of encrypted private key
  • info.encryptionSchemeAlg - encryption algorithm name (currently TripleDES only)
  • info.encryptionSchemeIV - initial vector for encryption algorithm
Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES.
<static>  
PKCS5PKEY.parsePKCS5PEM(sEncryptedPEM)
parse PEM formatted passcode protected PKCS#5 private key Resulted hash has following attributes.
<static>  
PKCS5PKEY.parsePlainPrivatePKCS8Hex(pkcs8PrvHex)
parse hexadecimal string of plain PKCS#8 private key Resulted associative array has following properties:
  • algoid - hexadecimal string of OID of asymmetric key algorithm
  • algparam - hexadecimal string of OID of ECC curve name or null
  • keyidx - string starting index of key in pkcs8PrvHex
<static>  
PKCS5PKEY.parsePrivateRawECKeyHexAtObj(pkcs8PrvHex)
parse hexadecimal string of ECC private key Following properties are added to associative array 'info'
  • key - hexadecimal string of ECC private key
<static>  
PKCS5PKEY.parsePrivateRawRSAKeyHexAtObj(pkcs8PrvHex)
parse hexadecimal string of RSA private key Following properties are added to associative array 'info'
  • n - hexadecimal string of public key
  • e - hexadecimal string of public exponent
  • d - hexadecimal string of private key
  • p - hexadecimal string
  • q - hexadecimal string
  • dp - hexadecimal string
  • dq - hexadecimal string
  • co - hexadecimal string
<static>  
PKCS5PKEY.parsePublicPKCS8Hex(pkcs8PubHex)
parse hexadecimal string of PKCS#8 public key Resulted hash has following attributes.
<static>  
PKCS5PKEY.parsePublicRawRSAKeyHex(pubRawRSAHex)
parse hexadecimal string of plain PKCS#8 private key Resulted associative array has following properties:
  • n - hexadecimal string of public key
  • e - hexadecimal string of public exponent
Class Detail
PKCS5PKEY()

PKCS5PKEY class has following features:
  • read and parse PEM formatted encrypted PKCS#5 private key
  • generate PEM formatted encrypted PKCS#5 private key
  • read and parse PEM formatted plain PKCS#8 private key
  • read and parse PEM formatted encrypted PKCS#8 private key by PBKDF2/HmacSHA1/3DES
Currently supports only RSA private key and following symmetric key algorithms to protect private key.
  • DES-EDE3-CBC
  • AES-256-CBC
  • AES-192-CBC
  • AES-128-CBC
METHOD SUMMARY
PKCS8 PRIVATE KEY METHODS
PKCS5 PRIVATE KEY METHODS
PKCS8 PUBLIC KEY METHODS
UTITILIY METHODS
Here is an example of PEM formatted encrypted PKCS#5 private key.
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-256-CBC,40555967F759530864FE022E257DE34E

jV7uXajRw4cccDaliagcqiLOiQEUCe19l761pXRxzgQP+DH4rCi12T4puTdZyy6l
         ...(snip)...
qxLS+BASmyGm4DME6m+kltZ12LXwPgNU6+d+XQ4NXSA=
-----END RSA PRIVATE KEY-----
Deprecated:
Since jsrsasign 4.1.3. Please use KEYUTIL class.
Field Detail
<static> PKCS5PKEY.version
decrypt private key by shared key version string of PKCS5PKEY class
Method Detail
<static> {String} PKCS5PKEY.getDecryptedKeyHex(sEncryptedPEM, passcode)
decrypt PEM formatted protected PKCS#5 private key with passcode
Parameters:
{String} sEncryptedPEM
PEM formatted protected passcode protected PKCS#5 private key
{String} passcode
passcode to decrypt private key (ex. 'password')
Returns:
{String} hexadecimal string of decrypted RSA priavte key

<static> {String} PKCS5PKEY.getDecryptedKeyHexByKeyIV(encryptedKeyHex, algName, sharedKeyHex, ivHex)
decrypt private key by shared key
Parameters:
{String} encryptedKeyHex
hexadecimal string of encrypted private key
{String} algName
name of symmetric key algorithm (ex. 'DES-EBE3-CBC')
{String} sharedKeyHex
hexadecimal string of symmetric key
{String} ivHex
hexadecimal string of initial vector(IV).
Returns:
{String} hexadecimal string of decrypted privated key

<static> {String} PKCS5PKEY.getEryptedPKCS5PEMFromPrvKeyHex(hPrvKey, passcode, sharedKeyAlgName, ivsaltHex)
get PEM formatted encrypted PKCS#5 private key from hexadecimal string of plain private key
generate PEM formatted encrypted PKCS#5 private key by hexadecimal string encoded ASN.1 object of plain RSA private key. Following arguments can be omitted.
var pem = 
  PKCS5PKEY.getEryptedPKCS5PEMFromPrvKeyHex(plainKeyHex, "password");
var pem2 = 
  PKCS5PKEY.getEryptedPKCS5PEMFromPrvKeyHex(plainKeyHex, "password", "AES-128-CBC");
var pem3 = 
  PKCS5PKEY.getEryptedPKCS5PEMFromPrvKeyHex(plainKeyHex, "password", "AES-128-CBC", "1f3d02...");
Parameters:
{String} hPrvKey
hexadecimal string of plain private key
{String} passcode
pass code to protect private key (ex. password)
{String} sharedKeyAlgName
algorithm name to protect private key (ex. AES-256-CBC)
{String} ivsaltHex
hexadecimal string of IV and salt
Since:
pkcs5pkey 1.0.2
Returns:
{String} string of PEM formatted encrypted PKCS#5 private key

<static> {String} PKCS5PKEY.getEryptedPKCS5PEMFromRSAKey(pKey, passcode, alg, ivsaltHex)
get PEM formatted encrypted PKCS#5 private key from RSAKey object of private key
generate PEM formatted encrypted PKCS#5 private key by RSAKey object of RSA private key and passcode. Following argument can be omitted.
var pkey = new RSAKey();
pkey.generate(1024, '10001'); // generate 1024bit RSA private key with public exponent 'x010001'
var pem = PKCS5PKEY.getEryptedPKCS5PEMFromRSAKey(pkey, "password");
Parameters:
{RSAKey} pKey
RSAKey object of private key
{String} passcode
pass code to protect private key (ex. password)
{String} alg
algorithm name to protect private key (default AES-256-CBC)
{String} ivsaltHex
hexadecimal string of IV and salt (default generated random IV)
Since:
pkcs5pkey 1.0.2
Returns:
{String} string of PEM formatted encrypted PKCS#5 private key

<static> {String} PKCS5PKEY.getHexFromPEM(sPEM, sHead)
get hexacedimal string of PEM format
Parameters:
{String} sPEM
PEM formatted string
{String} sHead
PEM header string without BEGIN/END
Since:
pkcs5pkey 1.0.5
Returns:
{String} hexadecimal string data of PEM contents

<static> {Hash} PKCS5PKEY.getKeyAndUnusedIvByPasscodeAndIvsalt(algName, passcode, hexadecimal)
the same function as OpenSSL EVP_BytsToKey to generate shared key and IV
Parameters:
{String} algName
name of symmetric key algorithm (ex. 'DES-EBE3-CBC')
{String} passcode
passcode to decrypt private key (ex. 'password')
{String} hexadecimal
string of IV. heading 8 bytes will be used for passcode salt
Returns:
{Hash} hash of key and unused IV (ex. {keyhex:2fe3..., ivhex:3fad..})

<static> {Object} PKCS5PKEY.getKeyFromEncryptedPKCS8PEM(pkcs8PEM, passcode)
get RSAKey/ECDSA private key object from encrypted PEM PKCS#8 private key
Parameters:
{String} pkcs8PEM
string of PEM formatted PKCS#8 private key
{String} passcode
passcode string to decrypt key
Since:
pkcs5pkey 1.0.5
Returns:
{Object} RSAKey or KJUR.crypto.ECDSA private key object

<static> {Object} PKCS5PKEY.getKeyFromPlainPrivatePKCS8Hex(prvKeyHex)
get RSAKey/ECDSA private key object from HEX plain PEM PKCS#8 private key
Parameters:
{String} prvKeyHex
hexadecimal string of plain PKCS#8 private key
Since:
pkcs5pkey 1.0.5
Returns:
{Object} RSAKey or KJUR.crypto.ECDSA private key object

<static> {Object} PKCS5PKEY.getKeyFromPlainPrivatePKCS8PEM(pkcs8PEM)
get RSAKey/ECDSA private key object from PEM plain PEM PKCS#8 private key
Parameters:
{String} pkcs8PEM
string of plain PEM formatted PKCS#8 private key
Since:
pkcs5pkey 1.0.5
Returns:
{Object} RSAKey or KJUR.crypto.ECDSA private key object

<static> {Object} PKCS5PKEY.getKeyFromPublicPKCS8Hex(pkcsPub8Hex)
get RSAKey/ECDSA public key object from hexadecimal string of PKCS#8 public key
Parameters:
{String} pkcsPub8Hex
hexadecimal string of PKCS#8 public key
Since:
pkcs5pkey 1.0.5
Returns:
{Object} RSAKey or KJUR.crypto.ECDSA private key object

<static> {Object} PKCS5PKEY.getKeyFromPublicPKCS8PEM(pkcsPub8PEM)
get RSAKey/ECDSA public key object from PEM PKCS#8 public key
Parameters:
{String} pkcsPub8PEM
string of PEM formatted PKCS#8 public key
Since:
pkcs5pkey 1.0.5
Returns:
{Object} RSAKey or KJUR.crypto.ECDSA private key object

<static> {String} PKCS5PKEY.getPBKDF2KeyHexFromParam(info, passcode)
generate PBKDF2 key hexstring with specified passcode and information As for info, this uses following properties: Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES.
// to convert plain PKCS#5 private key to encrypted PKCS#8 private
// key with PBKDF2 with TripleDES
% openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem
Parameters:
{Array} info
result of parseHexOfEncryptedPKCS8 which has preference of PKCS#8 file
{String} passcode
passcode to decrypto private key
Since:
pkcs5pkey 1.0.3
Returns:
{String} hexadecimal string of PBKDF2 key

<static> {String} PKCS5PKEY.getPlainPKCS8HexFromEncryptedPKCS8PEM(pkcs8PEM, passcode)
read PEM formatted encrypted PKCS#8 private key and returns hexadecimal string of plain PKCS#8 private key Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES.
// to convert plain PKCS#5 private key to encrypted PKCS#8 private
// key with PBKDF2 with TripleDES
% openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem
Parameters:
{String} pkcs8PEM
PEM formatted encrypted PKCS#8 private key
{String} passcode
passcode to decrypto private key
Since:
pkcs5pkey 1.0.3
Returns:
{String} hexadecimal string of plain PKCS#8 private key

<static> {RSAKey} PKCS5PKEY.getRSAKeyFromEncryptedPKCS5PEM(sEncryptedP5PEM, passcode)
read PEM formatted encrypted PKCS#5 private key and returns RSAKey object
Parameters:
{String} sEncryptedP5PEM
PEM formatted encrypted PKCS#5 private key
{String} passcode
passcode to decrypt private key
Since:
pkcs5pkey 1.0.2
Returns:
{RSAKey} loaded RSAKey object of RSA private key

<static> {RSAKey} PKCS5PKEY.getRSAKeyFromEncryptedPKCS8PEM(pkcs8PEM, passcode)
read PEM formatted encrypted PKCS#8 private key and returns RSAKey object Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES.
// to convert plain PKCS#5 private key to encrypted PKCS#8 private
// key with PBKDF2 with TripleDES
% openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem
Parameters:
{String} pkcs8PEM
PEM formatted encrypted PKCS#8 private key
{String} passcode
passcode to decrypto private key
Since:
pkcs5pkey 1.0.3
Returns:
{RSAKey} loaded RSAKey object of RSA private key

<static> {RSAKey} PKCS5PKEY.getRSAKeyFromPlainPKCS8Hex(prvKeyHex)
provide hexadecimal string of unencrypted PKCS#8 private key and returns RSAKey object
Parameters:
{String} prvKeyHex
hexadecimal string of unencrypted PKCS#8 private key
Since:
pkcs5pkey 1.0.3
Returns:
{RSAKey} loaded RSAKey object of RSA private key

<static> {RSAKey} PKCS5PKEY.getRSAKeyFromPlainPKCS8PEM(pkcs8PEM)
read PEM formatted unencrypted PKCS#8 private key and returns RSAKey object
Parameters:
{String} pkcs8PEM
PEM formatted unencrypted PKCS#8 private key
Since:
pkcs5pkey 1.0.1
Returns:
{RSAKey} loaded RSAKey object of RSA private key

<static> {RSAKey} PKCS5PKEY.getRSAKeyFromPublicPKCS8Hex(pkcs8PubHex)
provide hexadecimal string of unencrypted PKCS#8 private key and returns RSAKey object
Parameters:
{String} pkcs8PubHex
hexadecimal string of unencrypted PKCS#8 public key
Since:
pkcs5pkey 1.0.4
Returns:
{RSAKey} loaded RSAKey object of RSA public key

<static> {RSAKey} PKCS5PKEY.getRSAKeyFromPublicPKCS8PEM(pkcs8PubPEM)
read PEM formatted PKCS#8 public key and returns RSAKey object
Parameters:
{String} pkcs8PubPEM
PEM formatted PKCS#8 public key
Since:
pkcs5pkey 1.0.4
Returns:
{RSAKey} loaded RSAKey object of RSA public key

<static> {String} PKCS5PKEY.newEncryptedPKCS5PEM(passcode, keyLen, hPublicExponent, alg)
generate RSAKey and PEM formatted encrypted PKCS#5 private key
var pem1 = PKCS5PKEY.newEncryptedPKCS5PEM("password");           // RSA1024bit/10001/AES-256-CBC
var pem2 = PKCS5PKEY.newEncryptedPKCS5PEM("password", 512);      // RSA 512bit/10001/AES-256-CBC
var pem3 = PKCS5PKEY.newEncryptedPKCS5PEM("password", 512, '3'); // RSA 512bit/    3/AES-256-CBC
Parameters:
{String} passcode
pass code to protect private key (ex. password)
{Integer} keyLen
key bit length of RSA key to be generated. (default 1024)
{String} hPublicExponent
hexadecimal string of public exponent (default 10001)
{String} alg
shared key algorithm to encrypt private key (default AES-258-CBC)
Since:
pkcs5pkey 1.0.2
Returns:
{String} string of PEM formatted encrypted PKCS#5 private key

<static> {Array} PKCS5PKEY.parseHexOfEncryptedPKCS8(passcode)
generate PBKDF2 key hexstring with specified passcode and information The associative array which is returned by this method has following properties: Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES.
// to convert plain PKCS#5 private key to encrypted PKCS#8 private
// key with PBKDF2 with TripleDES
% openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem
Parameters:
{String} passcode
passcode to decrypto private key
Since:
pkcs5pkey 1.0.3
Returns:
{Array} info associative array of PKCS#8 parameters

<static> {Hash} PKCS5PKEY.parsePKCS5PEM(sEncryptedPEM)
parse PEM formatted passcode protected PKCS#5 private key Resulted hash has following attributes.
Parameters:
{String} sEncryptedPEM
PEM formatted protected passcode protected PKCS#5 private key
Returns:
{Hash} hash of key information

<static> {Array} PKCS5PKEY.parsePlainPrivatePKCS8Hex(pkcs8PrvHex)
parse hexadecimal string of plain PKCS#8 private key Resulted associative array has following properties:
Parameters:
{String} pkcs8PrvHex
hexadecimal string of PKCS#8 plain private key
Since:
pkcs5pkey 1.0.5
Returns:
{Array} associative array of parsed key

<static> {Array} PKCS5PKEY.parsePrivateRawECKeyHexAtObj(pkcs8PrvHex)
parse hexadecimal string of ECC private key Following properties are added to associative array 'info'
Parameters:
{String} pkcs8PrvHex
hexadecimal string of PKCS#8 private key concluding EC private key
Since:
pkcs5pkey 1.0.5
Returns:
{Array} info associative array to add parsed ECC private key information

<static> {Array} PKCS5PKEY.parsePrivateRawRSAKeyHexAtObj(pkcs8PrvHex)
parse hexadecimal string of RSA private key Following properties are added to associative array 'info'
Parameters:
{String} pkcs8PrvHex
hexadecimal string of PKCS#8 private key concluding RSA private key
Since:
pkcs5pkey 1.0.5
Returns:
{Array} info associative array to add parsed RSA private key information

<static> {Hash} PKCS5PKEY.parsePublicPKCS8Hex(pkcs8PubHex)
parse hexadecimal string of PKCS#8 public key Resulted hash has following attributes.
Parameters:
{String} pkcs8PubHex
hexadecimal string of PKCS#8 public key
Returns:
{Hash} hash of key information

<static> {Array} PKCS5PKEY.parsePublicRawRSAKeyHex(pubRawRSAHex)
parse hexadecimal string of plain PKCS#8 private key Resulted associative array has following properties:
Parameters:
{String} pubRawRSAHex
hexadecimal string of ASN.1 encoded PKCS#8 public key
Since:
pkcs5pkey 1.0.5
Returns:
{Array} associative array of parsed key

© 2012-2015 Kenji Urushima, All rights reserved
Documentation generated by JsDoc Toolkit 2.4.0