JSPM

  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 4214
  • Score
    100M100P100Q93339F
  • License MIT

JavaScript cryptographic utilities for OpenSSL-WebCrypto compatibility including PEM-JWK converter.

Package Exports

  • js-crypto-utils

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (js-crypto-utils) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

JavaScript Cryptographic Utilities for Browser and Node.js Crypto-Suite Compatibility

WARNING: At this time this solution should be considered suitable for research and experimentation, further code and security review is needed before utilization in a production application.

Overview

This library is build to provide unified (and specific) APIs for browsers and Node.js. Although there exists various sophisticated cryptographic suites in JavaScript, e.g., WebCrypto API and NodeCrypto, they have different interfaces and natively implemented suites are NOT fully supported by all platforms. For instance, FireFox cannot be fed PKCS8-formatted private key in WebCrypto API but Chrome does. On the other hand, such suites have not been designed to keep compatibility to existing non-Web cryptographic suites like OpenSSL. This can be seen from the fact that WebCrypto API does not support PEM-formatted keys. Hence we (actually I!) need to write ugly codes so as to support various environments. From the observation, we aim that this library provides support functions to bridge such gaps among JS cryptographic suites and that between JS and other popular crypto suites.

Firstly, we just started to provide the following functions that works in most modern browsers (Vivaldi/Chrome/Safari/Firefox/Edge/IE) and Node.js (with and without --experimental-modules):

  • ECDSA signing, verification, key generation
  • Public/private key format conversion between ECDSA JWK and PEM (SPKI for public/PKCS8 for private)
  • Generation of random byte array
  • Generation of message digest (SHA-256/384/512)

The module is totally written in ES6 and needed to get transpiled with babel for slightly legacy environments.

Installation

Coming soon...

Usage

Coming soon...

Notes

One of the listed APIs/libraries is automatically chosen and leveraged for each implemented function, and unified interfaces are provided for browsers and Node.js.

License

Licensed under the MIT license, see LICENSE file.