Class KEYUTIL
class for RSA/ECC/DSA key utility
Defined in: keyutil-1.0.js.
Constructor Attributes | Constructor Name and Description |
---|---|
KEYUTIL()
|
Field Attributes | Field Name and Description |
---|---|
<static> |
KEYUTIL.version
decrypt private key by shared key
version string of KEYUTIL class
|
Method Attributes | Method Name and Description |
---|---|
<static> |
KEYUTIL.generateKeypair(alg, keylenOrCurve)
This method generates a key pair of public key algorithm.
|
<static> |
KEYUTIL.getDecryptedKeyHex(sEncryptedPEM, passcode)
decrypt PEM formatted protected PKCS#5 private key with passcode
|
<static> |
KEYUTIL.getDecryptedKeyHexByKeyIV(encryptedKeyHex, algName, sharedKeyHex, ivHex)
decrypt private key by shared key
|
<static> |
KEYUTIL.getEncryptedPKCS5PEMFromRSAKey(pKey, passcode, alg, ivsaltHex)
(DEPRECATED) get PEM formatted encrypted PKCS#5 private key from RSAKey object of private key
generate PEM formatted encrypted PKCS#5 private key by RSAKey object of RSA private key and passcode. |
<static> |
KEYUTIL.getHexFromPEM(sPEM, sHead)
get hexacedimal string of PEM format
|
<static> |
KEYUTIL.getKey(param, passcode, hextype)
get private or public key object from any arguments
This method gets private or public key object(RSAKey, KJUR.crypto.DSA or KJUR.crypto.ECDSA)
for RSA, DSA and ECC.
|
<static> |
KEYUTIL.getKeyAndUnusedIvByPasscodeAndIvsalt(algName, passcode, hexadecimal)
the same function as OpenSSL EVP_BytsToKey to generate shared key and IV
|
<static> |
KEYUTIL.getKeyFromCSRHex(csrHex)
get RSAKey/DSA/ECDSA public key object from hexadecimal string of PKCS#10 CSR
|
<static> |
KEYUTIL.getKeyFromCSRPEM(csrPEM)
get RSAKey/DSA/ECDSA public key object from PEM formatted PKCS#10 CSR string
|
<static> |
KEYUTIL.getKeyFromEncryptedPKCS8PEM(pkcs8PEM, passcode)
get RSAKey/ECDSA private key object from encrypted PEM PKCS#8 private key
|
<static> |
KEYUTIL.getKeyFromPlainPrivatePKCS8Hex(prvKeyHex)
get RSAKey/ECDSA private key object from HEX plain PEM PKCS#8 private key
|
<static> |
KEYUTIL.getKeyFromPlainPrivatePKCS8PEM(pkcs8PEM)
get RSAKey/ECDSA private key object from PEM plain PEM PKCS#8 private key
|
<static> |
KEYUTIL.getKeyFromPublicPKCS8Hex(pkcsPub8Hex)
(DEPRECATED) get RSAKey/DSA/ECDSA public key object from hexadecimal string of PKCS#8 public key
|
<static> |
KEYUTIL.getKeyFromPublicPKCS8PEM(pkcsPub8PEM)
(DEPRECATED) get RSAKey/ECDSA public key object from PEM PKCS#8 public key
|
<static> |
KEYUTIL.getPBKDF2KeyHexFromParam(info, passcode)
generate PBKDF2 key hexstring with specified passcode and information
As for info, this uses following properties:
|
<static> |
KEYUTIL.getPEM(keyObjOrHex, formatType, passwd, encAlg)
get PEM formatted private or public key file from a RSA/ECDSA/DSA key object
|
<static> |
KEYUTIL.getPlainPKCS8HexFromEncryptedPKCS8PEM(pkcs8PEM, passcode)
read PEM formatted encrypted PKCS#8 private key and returns hexadecimal string of plain PKCS#8 private key
Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES.
|
<static> |
KEYUTIL.getRSAKeyFromEncryptedPKCS5PEM(sEncryptedP5PEM, passcode)
(DEPRECATED) read PEM formatted encrypted PKCS#5 private key and returns RSAKey object
|
<static> |
KEYUTIL.getRSAKeyFromEncryptedPKCS8PEM(pkcs8PEM, passcode)
(DEPRECATED) read PEM formatted encrypted PKCS#8 private key and returns RSAKey object
Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES.
|
<static> |
KEYUTIL.getRSAKeyFromPlainPKCS8Hex(prvKeyHex)
(DEPRECATED) provide hexadecimal string of unencrypted PKCS#8 private key and returns RSAKey object
|
<static> |
KEYUTIL.getRSAKeyFromPlainPKCS8PEM(pkcs8PEM)
(DEPRECATED) read PEM formatted unencrypted PKCS#8 private key and returns RSAKey object
|
<static> |
KEYUTIL.getRSAKeyFromPublicPKCS8Hex(pkcs8PubHex)
(DEPRECATED) provide hexadecimal string of unencrypted PKCS#8 private key and returns RSAKey object
|
<static> |
KEYUTIL.getRSAKeyFromPublicPKCS8PEM(pkcs8PubPEM)
(DEPRECATED) read PEM formatted PKCS#8 public key and returns RSAKey object
|
<static> |
KEYUTIL.newEncryptedPKCS5PEM(passcode, keyLen, hPublicExponent, alg)
generate RSAKey and PEM formatted encrypted PKCS#5 private key
|
<static> |
KEYUTIL.parseCSRHex(csrHex)
parse hexadecimal string of PKCS#10 CSR (certificate signing request)
Resulted associative array has following properties:
|
<static> |
KEYUTIL.parseHexOfEncryptedPKCS8(passcode)
generate PBKDF2 key hexstring with specified passcode and information
The associative array which is returned by this method has following properties:
|
<static> |
KEYUTIL.parsePKCS5PEM(sEncryptedPEM)
parse PEM formatted passcode protected PKCS#5 private key
Resulted hash has following attributes.
|
<static> |
KEYUTIL.parsePlainPrivatePKCS8Hex(pkcs8PrvHex)
parse hexadecimal string of plain PKCS#8 private key
Resulted associative array has following properties:
|
<static> |
KEYUTIL.parsePrivateRawECKeyHexAtObj(pkcs8PrvHex)
parse hexadecimal string of ECC private key
Following properties are added to associative array 'info'
|
<static> |
KEYUTIL.parsePrivateRawRSAKeyHexAtObj(pkcs8PrvHex)
parse hexadecimal string of RSA private key
Following properties are added to associative array 'info'
|
<static> |
KEYUTIL.parsePublicPKCS8Hex(pkcs8PubHex)
parse hexadecimal string of PKCS#8 RSA/EC/DSA public key
Resulted hash has following attributes.
|
<static> |
KEYUTIL.parsePublicRawRSAKeyHex(pubRawRSAHex)
parse hexadecimal string of plain PKCS#8 private key
Resulted associative array has following properties:
|
Class Detail
KEYUTIL()
KEYUTIL class is an update of former PKCS5PKEY class. So for now, PKCS5PKEY is deprecated class. KEYUTIL class has following features:
- key loading - KEYUTIL.getKey
-
- supports RSAKey and KJUR.crypto.{ECDSA,DSA} key object
- supports private key and public key
- supports encrypted and plain private key
- supports PKCS#1, PKCS#5 and PKCS#8 key
- supports public key in X.509 certificate
- key represented by JSON object
NOTE2: Encrypted PKCS#5 supports DES-CBC, DES-EDE3-CBC, AES-{128,192.256}-CBC
- exporting key - KEYUTIL.getPEM
-
KEYUTIL.getPEM method supports following formats:
- supports RSA/EC/DSA keys
- PKCS#1 plain RSA/EC/DSA private key
- PKCS#5 encrypted RSA/EC/DSA private key with DES-CBC, DES-EDE3-CBC, AES-{128,192.256}-CBC
- PKCS#8 plain RSA/EC/DSA private key
- PKCS#8 encrypted RSA/EC/DSA private key with PBKDF2_HmacSHA1_3DES
- keypair generation - KEYUTIL.generateKeypair
- generate key pair of RSAKey or KJUR.crypto.ECDSA.
- generate private key and convert it to PKCS#5 encrypted private key.
// 1. loading PEM private key var key = KEYUTIL.getKey(pemPKCS1PrivateKey); var key = KEYUTIL.getKey(pemPKCS5EncryptedPrivateKey, "passcode"); var key = KEYUTIL.getKey(pemPKC85PlainPrivateKey); var key = KEYUTIL.getKey(pemPKC85EncryptedPrivateKey, "passcode"); // 2. loading PEM public key var key = KEYUTIL.getKey(pemPKCS8PublicKey); var key = KEYUTIL.getKey(pemX509Certificate); // 3. exporting private key var pem = KEYUTIL.getPEM(privateKeyObj, "PKCS1PRV"); var pem = KEYUTIL.getPEM(privateKeyObj, "PKCS5PRV", "passcode"); // DES-EDE3-CBC by default var pem = KEYUTIL.getPEM(privateKeyObj, "PKCS5PRV", "passcode", "DES-CBC"); var pem = KEYUTIL.getPEM(privateKeyObj, "PKCS8PRV"); var pem = KEYUTIL.getPEM(privateKeyObj, "PKCS8PRV", "passcode"); // 4. exporting public key var pem = KEYUTIL.getPEM(publicKeyObj);
Field Detail
<static>
KEYUTIL.version
decrypt private key by shared key
version string of KEYUTIL class
Method Detail
<static>
{Array}
KEYUTIL.generateKeypair(alg, keylenOrCurve)
This method generates a key pair of public key algorithm.
The result will be an associative array which has following
parameters:
- prvKeyObj - RSAKey or ECDSA object of private key
- pubKeyObj - RSAKey or ECDSA object of public key
var rsaKeypair = KEYUTIL.generateKeypair("RSA", 1024); var ecKeypair = KEYUTIL.generateKeypair("EC", "secp256r1");
- Parameters:
- {String} alg
- 'RSA' or 'EC'
- {Object} keylenOrCurve
- key length for RSA or curve name for EC
- Since:
- keyutil 1.0.1
- Returns:
- {Array} associative array of keypair which has prvKeyObj and pubKeyObj parameters
<static>
{String}
KEYUTIL.getDecryptedKeyHex(sEncryptedPEM, passcode)
decrypt PEM formatted protected PKCS#5 private key with passcode
- Parameters:
- {String} sEncryptedPEM
- PEM formatted protected passcode protected PKCS#5 private key
- {String} passcode
- passcode to decrypt private key (ex. 'password')
- Returns:
- {String} hexadecimal string of decrypted RSA priavte key
<static>
{String}
KEYUTIL.getDecryptedKeyHexByKeyIV(encryptedKeyHex, algName, sharedKeyHex, ivHex)
decrypt private key by shared key
- Parameters:
- {String} encryptedKeyHex
- hexadecimal string of encrypted private key
- {String} algName
- name of symmetric key algorithm (ex. 'DES-EBE3-CBC')
- {String} sharedKeyHex
- hexadecimal string of symmetric key
- {String} ivHex
- hexadecimal string of initial vector(IV).
- Returns:
- {String} hexadecimal string of decrypted privated key
<static>
{String}
KEYUTIL.getEncryptedPKCS5PEMFromRSAKey(pKey, passcode, alg, ivsaltHex)
(DEPRECATED) get PEM formatted encrypted PKCS#5 private key from RSAKey object of private key
generate PEM formatted encrypted PKCS#5 private key by RSAKey object of RSA private key and passcode. Following argument can be omitted.
generate PEM formatted encrypted PKCS#5 private key by RSAKey object of RSA private key and passcode. Following argument can be omitted.
- alg - AES-256-CBC will be used if omitted.
- ivsaltHex - automatically generate IV and salt which length depends on algorithm
var pkey = new RSAKey(); pkey.generate(1024, '10001'); // generate 1024bit RSA private key with public exponent 'x010001' var pem = KEYUTIL.getEncryptedPKCS5PEMFromRSAKey(pkey, "password");
- Parameters:
- {RSAKey} pKey
- RSAKey object of private key
- {String} passcode
- pass code to protect private key (ex. password)
- {String} alg
- algorithm name to protect private key (default AES-256-CBC)
- {String} ivsaltHex
- hexadecimal string of IV and salt (default generated random IV)
- Deprecated:
- From jsrsasign 4.2.1 please use KEYUTIL.getPEM#.
- Since:
- pkcs5pkey 1.0.2
- Returns:
- {String} string of PEM formatted encrypted PKCS#5 private key
<static>
{String}
KEYUTIL.getHexFromPEM(sPEM, sHead)
get hexacedimal string of PEM format
- Parameters:
- {String} sPEM
- PEM formatted string
- {String} sHead
- PEM header string without BEGIN/END
- Since:
- pkcs5pkey 1.0.5
- Returns:
- {String} hexadecimal string data of PEM contents
<static>
{Object}
KEYUTIL.getKey(param, passcode, hextype)
get private or public key object from any arguments
This method gets private or public key object(RSAKey, KJUR.crypto.DSA or KJUR.crypto.ECDSA)
for RSA, DSA and ECC.
Arguments for this methods depends on a key format you specify.
Following key representations are supported.
NOTE2: X509v1 support is added since jsrsasign 5.0.11.
- ECC private/public key object(as is): param=KJUR.crypto.ECDSA
- DSA private/public key object(as is): param=KJUR.crypto.DSA
- RSA private/public key object(as is): param=RSAKey
- ECC private key parameters: param={d: d, curve: curveName}
- RSA private key parameters: param={n: n, e: e, d: d, p: p, q: q, dp: dp, dq: dq, co: co}
NOTE: Each value shall be hexadecimal string of key spec. - DSA private key parameters: param={p: p, q: q, g: g, y: y, x: x}
NOTE: Each value shall be hexadecimal string of key spec. - ECC public key parameters: param={xy: xy, curve: curveName}
NOTE: ECC public key 'xy' shall be concatination of "04", x-bytes-hex and y-bytes-hex. - DSA public key parameters: param={p: p, q: q, g: g, y: y}
NOTE: Each value shall be hexadecimal string of key spec. - RSA public key parameters: param={n: n, e: e}
- X.509v1/v3 PEM certificate (RSA/DSA/ECC): param=pemString
- PKCS#8 hexadecimal RSA/ECC public key: param=pemString, null, "pkcs8pub"
- PKCS#8 PEM RSA/DSA/ECC public key: param=pemString
- PKCS#5 plain hexadecimal RSA private key: param=hexString, null, "pkcs5prv"
- PKCS#5 plain PEM DSA/RSA private key: param=pemString
- PKCS#8 plain PEM RSA/ECDSA private key: param=pemString
- PKCS#5 encrypted PEM RSA/DSA private key: param=pemString, passcode
- PKCS#8 encrypted PEM RSA/ECDSA private key: param=pemString, passcode
- Encrypted PKCS#8 only supports PBKDF2/HmacSHA1/3DES
- Encrypted PKCS#5 supports DES-CBC, DES-EDE3-CBC, AES-{128,192.256}-CBC
- JWT plain ECC private/public key
- JWT plain RSA public key
- JWT plain RSA private key with P/Q/DP/DQ/COEFF
- JWT plain RSA private key without P/Q/DP/DQ/COEFF (since jsrsasign 5.0.0)
NOTE2: X509v1 support is added since jsrsasign 5.0.11.
EXAMPLE
// 1. loading private key from PEM string keyObj = KEYUTIL.getKey("-----BEGIN RSA PRIVATE KEY..."); keyObj = KEYUTIL.getKey("-----BEGIN RSA PRIVATE KEY..., "passcode"); keyObj = KEYUTIL.getKey("-----BEGIN PRIVATE KEY..."); keyObj = KEYUTIL.getKey("-----BEGIN PRIVATE KEY...", "passcode"); // 2. loading public key from PEM string keyObj = KEYUTIL.getKey("-----BEGIN PUBLIC KEY..."); keyObj = KEYUTIL.getKey("-----BEGIN X509 CERTIFICATE..."); // 3. loading hexadecimal PKCS#5/PKCS#8 key keyObj = KEYUTIL.getKey("308205c1...", null, "pkcs8pub"); keyObj = KEYUTIL.getKey("3082048b...", null, "pkcs5prv"); // 4. loading JSON Web Key(JWK) keyObj = KEYUTIL.getKey({kty: "RSA", n: "0vx7...", e: "AQAB"}); keyObj = KEYUTIL.getKey({kty: "EC", crv: "P-256", x: "MKBC...", y: "4Etl6...", d: "870Mb..."}); // 5. bare hexadecimal key keyObj = KEYUTIL.getKey({n: "75ab..", e: "010001"});
- Parameters:
- {Object} param
- parameter to get key object. see description in detail.
- {String} passcode
- (OPTION) parameter to get key object. see description in detail.
- {String} hextype
- (OPTOIN) parameter to get key object. see description in detail.
- Since:
- keyutil 1.0.0
- Returns:
- {Object} RSAKey, KJUR.crypto.ECDSA or KJUR.crypto.ECDSA object
<static>
{Hash}
KEYUTIL.getKeyAndUnusedIvByPasscodeAndIvsalt(algName, passcode, hexadecimal)
the same function as OpenSSL EVP_BytsToKey to generate shared key and IV
- Parameters:
- {String} algName
- name of symmetric key algorithm (ex. 'DES-EBE3-CBC')
- {String} passcode
- passcode to decrypt private key (ex. 'password')
- {String} hexadecimal
- string of IV. heading 8 bytes will be used for passcode salt
- Returns:
- {Hash} hash of key and unused IV (ex. {keyhex:2fe3..., ivhex:3fad..})
<static>
{Object}
KEYUTIL.getKeyFromCSRHex(csrHex)
get RSAKey/DSA/ECDSA public key object from hexadecimal string of PKCS#10 CSR
- Parameters:
- {String} csrHex
- hexadecimal string of PKCS#10 CSR
- Since:
- keyutil 1.0.5
- Returns:
- {Object} RSAKey/DSA/ECDSA public key object
<static>
{Object}
KEYUTIL.getKeyFromCSRPEM(csrPEM)
get RSAKey/DSA/ECDSA public key object from PEM formatted PKCS#10 CSR string
- Parameters:
- {String} csrPEM
- PEM formatted PKCS#10 CSR string
- Since:
- keyutil 1.0.5
- Returns:
- {Object} RSAKey/DSA/ECDSA public key object
<static>
{Object}
KEYUTIL.getKeyFromEncryptedPKCS8PEM(pkcs8PEM, passcode)
get RSAKey/ECDSA private key object from encrypted PEM PKCS#8 private key
- Parameters:
- {String} pkcs8PEM
- string of PEM formatted PKCS#8 private key
- {String} passcode
- passcode string to decrypt key
- Since:
- pkcs5pkey 1.0.5
- Returns:
- {Object} RSAKey or KJUR.crypto.ECDSA private key object
<static>
{Object}
KEYUTIL.getKeyFromPlainPrivatePKCS8Hex(prvKeyHex)
get RSAKey/ECDSA private key object from HEX plain PEM PKCS#8 private key
- Parameters:
- {String} prvKeyHex
- hexadecimal string of plain PKCS#8 private key
- Since:
- pkcs5pkey 1.0.5
- Returns:
- {Object} RSAKey or KJUR.crypto.ECDSA private key object
<static>
{Object}
KEYUTIL.getKeyFromPlainPrivatePKCS8PEM(pkcs8PEM)
get RSAKey/ECDSA private key object from PEM plain PEM PKCS#8 private key
- Parameters:
- {String} pkcs8PEM
- string of plain PEM formatted PKCS#8 private key
- Since:
- pkcs5pkey 1.0.5
- Returns:
- {Object} RSAKey or KJUR.crypto.ECDSA private key object
<static>
{Object}
KEYUTIL.getKeyFromPublicPKCS8Hex(pkcsPub8Hex)
(DEPRECATED) get RSAKey/DSA/ECDSA public key object from hexadecimal string of PKCS#8 public key
- Parameters:
- {String} pkcsPub8Hex
- hexadecimal string of PKCS#8 public key
- Deprecated:
- From jsrsasign 4.2.1 please use KEYUTIL.getKey#.
- Since:
- pkcs5pkey 1.0.5
- Returns:
- {Object} RSAKey or KJUR.crypto.{ECDSA,DSA} private key object
<static>
{Object}
KEYUTIL.getKeyFromPublicPKCS8PEM(pkcsPub8PEM)
(DEPRECATED) get RSAKey/ECDSA public key object from PEM PKCS#8 public key
- Parameters:
- {String} pkcsPub8PEM
- string of PEM formatted PKCS#8 public key
- Deprecated:
- From jsrsasign 4.2.1 please use KEYUTIL.getKey#.
- Since:
- pkcs5pkey 1.0.5
- Returns:
- {Object} RSAKey or KJUR.crypto.ECDSA private key object
<static>
{String}
KEYUTIL.getPBKDF2KeyHexFromParam(info, passcode)
generate PBKDF2 key hexstring with specified passcode and information
As for info, this uses following properties:
- info.pbkdf2Salt - hexadecimal string of PBKDF2 salt
- info.pkbdf2Iter - iteration count
- keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1
- encryptionScheme = des-EDE3-CBC(i.e. TripleDES
// to convert plain PKCS#5 private key to encrypted PKCS#8 private // key with PBKDF2 with TripleDES % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem
- Parameters:
- {Array} info
- result of parseHexOfEncryptedPKCS8 which has preference of PKCS#8 file
- {String} passcode
- passcode to decrypto private key
- Since:
- pkcs5pkey 1.0.3
- Returns:
- {String} hexadecimal string of PBKDF2 key
<static>
KEYUTIL.getPEM(keyObjOrHex, formatType, passwd, encAlg)
get PEM formatted private or public key file from a RSA/ECDSA/DSA key object
- NOTE1:
- PKCS#5 encrypted private key protection algorithm supports DES-CBC, DES-EDE3-CBC and AES-{128,192,256}-CBC
- NOTE2:
- OpenSSL supports
KEUUTIL.getPEM(publicKey) => generates PEM PKCS#8 public key KEUUTIL.getPEM(privateKey, "PKCS1PRV") => generates PEM PKCS#1 plain private key KEUUTIL.getPEM(privateKey, "PKCS5PRV", "pass") => generates PEM PKCS#5 encrypted private key with DES-EDE3-CBC (DEFAULT) KEUUTIL.getPEM(privateKey, "PKCS5PRV", "pass", "DES-CBC") => generates PEM PKCS#5 encrypted private key with DES-CBC KEUUTIL.getPEM(privateKey, "PKCS8PRV") => generates PEM PKCS#8 plain private key KEUUTIL.getPEM(privateKey, "PKCS8PRV", "pass") => generates PEM PKCS#8 encrypted private key with PBKDF2_HmacSHA1_3DES
- Parameters:
- {Object} keyObjOrHex
- key object RSAKey, KJUR.crypto.ECDSA or KJUR.crypto.DSA to encode to
- {String} formatType
- (OPTION) output format type of "PKCS1PRV", "PKCS5PRV" or "PKCS8PRV" for private key
- {String} passwd
- (OPTION) password to protect private key
- {String} encAlg
- (OPTION) encryption algorithm for PKCS#5. currently supports DES-CBC, DES-EDE3-CBC and AES-{128,192,256}-CBC
- Since:
- keyutil 1.0.4
<static>
{String}
KEYUTIL.getPlainPKCS8HexFromEncryptedPKCS8PEM(pkcs8PEM, passcode)
read PEM formatted encrypted PKCS#8 private key and returns hexadecimal string of plain PKCS#8 private key
Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES.
- keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1
- encryptionScheme = des-EDE3-CBC(i.e. TripleDES
// to convert plain PKCS#5 private key to encrypted PKCS#8 private // key with PBKDF2 with TripleDES % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem
- Parameters:
- {String} pkcs8PEM
- PEM formatted encrypted PKCS#8 private key
- {String} passcode
- passcode to decrypto private key
- Since:
- pkcs5pkey 1.0.3
- Returns:
- {String} hexadecimal string of plain PKCS#8 private key
<static>
{RSAKey}
KEYUTIL.getRSAKeyFromEncryptedPKCS5PEM(sEncryptedP5PEM, passcode)
(DEPRECATED) read PEM formatted encrypted PKCS#5 private key and returns RSAKey object
- Parameters:
- {String} sEncryptedP5PEM
- PEM formatted encrypted PKCS#5 private key
- {String} passcode
- passcode to decrypt private key
- Deprecated:
- From jsrsasign 4.2.1 please use KEYUTIL.getKey#.
- Since:
- pkcs5pkey 1.0.2
- Returns:
- {RSAKey} loaded RSAKey object of RSA private key
<static>
{RSAKey}
KEYUTIL.getRSAKeyFromEncryptedPKCS8PEM(pkcs8PEM, passcode)
(DEPRECATED) read PEM formatted encrypted PKCS#8 private key and returns RSAKey object
Currently, this method only supports PKCS#5v2.0 with PBES2/PBDKF2 of HmacSHA1 and TripleDES.
- keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1
- encryptionScheme = des-EDE3-CBC(i.e. TripleDES
// to convert plain PKCS#5 private key to encrypted PKCS#8 private // key with PBKDF2 with TripleDES % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem
- Parameters:
- {String} pkcs8PEM
- PEM formatted encrypted PKCS#8 private key
- {String} passcode
- passcode to decrypto private key
- Deprecated:
- From jsrsasign 4.2.1 please use KEYUTIL.getKey#.
- Since:
- pkcs5pkey 1.0.3
- Returns:
- {RSAKey} loaded RSAKey object of RSA private key
<static>
{RSAKey}
KEYUTIL.getRSAKeyFromPlainPKCS8Hex(prvKeyHex)
(DEPRECATED) provide hexadecimal string of unencrypted PKCS#8 private key and returns RSAKey object
- Parameters:
- {String} prvKeyHex
- hexadecimal string of unencrypted PKCS#8 private key
- Deprecated:
- From jsrsasign 4.2.1 please use KEYUTIL.getKey#.
- Since:
- pkcs5pkey 1.0.3
- Returns:
- {RSAKey} loaded RSAKey object of RSA private key
<static>
{RSAKey}
KEYUTIL.getRSAKeyFromPlainPKCS8PEM(pkcs8PEM)
(DEPRECATED) read PEM formatted unencrypted PKCS#8 private key and returns RSAKey object
- Parameters:
- {String} pkcs8PEM
- PEM formatted unencrypted PKCS#8 private key
- Deprecated:
- From jsrsasign 4.2.1 please use KEYUTIL.getKey#.
- Since:
- pkcs5pkey 1.0.1
- Returns:
- {RSAKey} loaded RSAKey object of RSA private key
<static>
{RSAKey}
KEYUTIL.getRSAKeyFromPublicPKCS8Hex(pkcs8PubHex)
(DEPRECATED) provide hexadecimal string of unencrypted PKCS#8 private key and returns RSAKey object
- Parameters:
- {String} pkcs8PubHex
- hexadecimal string of unencrypted PKCS#8 public key
- Deprecated:
- From jsrsasign 4.2.1 please use KEYUTIL.getKey#.
- Since:
- pkcs5pkey 1.0.4
- Returns:
- {RSAKey} loaded RSAKey object of RSA public key
<static>
{RSAKey}
KEYUTIL.getRSAKeyFromPublicPKCS8PEM(pkcs8PubPEM)
(DEPRECATED) read PEM formatted PKCS#8 public key and returns RSAKey object
- Parameters:
- {String} pkcs8PubPEM
- PEM formatted PKCS#8 public key
- Deprecated:
- From jsrsasign 4.2.1 please use KEYUTIL.getKey#.
- Since:
- pkcs5pkey 1.0.4
- Returns:
- {RSAKey} loaded RSAKey object of RSA public key
<static>
{String}
KEYUTIL.newEncryptedPKCS5PEM(passcode, keyLen, hPublicExponent, alg)
generate RSAKey and PEM formatted encrypted PKCS#5 private key
var pem1 = KEYUTIL.newEncryptedPKCS5PEM("password"); // RSA1024bit/10001/AES-256-CBC var pem2 = KEYUTIL.newEncryptedPKCS5PEM("password", 512); // RSA 512bit/10001/AES-256-CBC var pem3 = KEYUTIL.newEncryptedPKCS5PEM("password", 512, '3'); // RSA 512bit/ 3/AES-256-CBC
- Parameters:
- {String} passcode
- pass code to protect private key (ex. password)
- {Integer} keyLen
- key bit length of RSA key to be generated. (default 1024)
- {String} hPublicExponent
- hexadecimal string of public exponent (default 10001)
- {String} alg
- shared key algorithm to encrypt private key (default AES-258-CBC)
- Since:
- pkcs5pkey 1.0.2
- Returns:
- {String} string of PEM formatted encrypted PKCS#5 private key
<static>
{Array}
KEYUTIL.parseCSRHex(csrHex)
parse hexadecimal string of PKCS#10 CSR (certificate signing request)
Resulted associative array has following properties:
- p8pubkeyhex - hexadecimal string of subject public key in PKCS#8
- Parameters:
- {String} csrHex
- hexadecimal string of PKCS#10 CSR
- Since:
- keyutil 1.0.5
- Returns:
- {Array} associative array of parsed CSR
<static>
{Array}
KEYUTIL.parseHexOfEncryptedPKCS8(passcode)
generate PBKDF2 key hexstring with specified passcode and information
The associative array which is returned by this method has following properties:
- info.pbkdf2Salt - hexadecimal string of PBKDF2 salt
- info.pkbdf2Iter - iteration count
- info.ciphertext - hexadecimal string of encrypted private key
- info.encryptionSchemeAlg - encryption algorithm name (currently TripleDES only)
- info.encryptionSchemeIV - initial vector for encryption algorithm
- keyDerivationFunc = pkcs5PBKDF2 with HmacSHA1
- encryptionScheme = des-EDE3-CBC(i.e. TripleDES
// to convert plain PKCS#5 private key to encrypted PKCS#8 private // key with PBKDF2 with TripleDES % openssl pkcs8 -in plain_p5.pem -topk8 -v2 -des3 -out encrypted_p8.pem
- Parameters:
- {String} passcode
- passcode to decrypto private key
- Since:
- pkcs5pkey 1.0.3
- Returns:
- {Array} info associative array of PKCS#8 parameters
<static>
{Hash}
KEYUTIL.parsePKCS5PEM(sEncryptedPEM)
parse PEM formatted passcode protected PKCS#5 private key
Resulted hash has following attributes.
- cipher - symmetric key algorithm name (ex. 'DES-EBE3-CBC', 'AES-256-CBC')
- ivsalt - IV used for decrypt. Its heading 8 bytes will be used for passcode salt.
- type - asymmetric key algorithm name of private key described in PEM header.
- data - base64 encoded encrypted private key.
- Parameters:
- {String} sEncryptedPEM
- PEM formatted protected passcode protected PKCS#5 private key
- Returns:
- {Hash} hash of key information
<static>
{Array}
KEYUTIL.parsePlainPrivatePKCS8Hex(pkcs8PrvHex)
parse hexadecimal string of plain PKCS#8 private key
Resulted associative array has following properties:
- algoid - hexadecimal string of OID of asymmetric key algorithm
- algparam - hexadecimal string of OID of ECC curve name or null
- keyidx - string starting index of key in pkcs8PrvHex
- Parameters:
- {String} pkcs8PrvHex
- hexadecimal string of PKCS#8 plain private key
- Since:
- pkcs5pkey 1.0.5
- Returns:
- {Array} associative array of parsed key
<static>
{Array}
KEYUTIL.parsePrivateRawECKeyHexAtObj(pkcs8PrvHex)
parse hexadecimal string of ECC private key
Following properties are added to associative array 'info'
- key - hexadecimal string of ECC private key
- Parameters:
- {String} pkcs8PrvHex
- hexadecimal string of PKCS#8 private key concluding EC private key
- Since:
- pkcs5pkey 1.0.5
- Returns:
- {Array} info associative array to add parsed ECC private key information
<static>
{Array}
KEYUTIL.parsePrivateRawRSAKeyHexAtObj(pkcs8PrvHex)
parse hexadecimal string of RSA private key
Following properties are added to associative array 'info'
- n - hexadecimal string of public key
- e - hexadecimal string of public exponent
- d - hexadecimal string of private key
- p - hexadecimal string
- q - hexadecimal string
- dp - hexadecimal string
- dq - hexadecimal string
- co - hexadecimal string
- Parameters:
- {String} pkcs8PrvHex
- hexadecimal string of PKCS#8 private key concluding RSA private key
- Since:
- pkcs5pkey 1.0.5
- Returns:
- {Array} info associative array to add parsed RSA private key information
<static>
{Hash}
KEYUTIL.parsePublicPKCS8Hex(pkcs8PubHex)
parse hexadecimal string of PKCS#8 RSA/EC/DSA public key
Resulted hash has following attributes.
- algoid - hexadecimal string of OID of asymmetric key algorithm
- algparam - hexadecimal string of OID of ECC curve name, parameter SEQUENCE of DSA or null
- key - hexadecimal string of public key
- Parameters:
- {String} pkcs8PubHex
- hexadecimal string of PKCS#8 public key
- Returns:
- {Hash} hash of key information
<static>
{Array}
KEYUTIL.parsePublicRawRSAKeyHex(pubRawRSAHex)
parse hexadecimal string of plain PKCS#8 private key
Resulted associative array has following properties:
- n - hexadecimal string of public key
- e - hexadecimal string of public exponent
- Parameters:
- {String} pubRawRSAHex
- hexadecimal string of ASN.1 encoded PKCS#8 public key
- Since:
- pkcs5pkey 1.0.5
- Returns:
- {Array} associative array of parsed key