Negating Past Mistakes

    @root/x509

    0.7.2 • Public • Published

    @root/x509

    Built by The Root Company for Greenlock, ACME.js, and Keypairs.js

    Lightweight, Zero-Dependency, x509 encoder and decoder for Node.js and Browsers

    | 1.6k gzipped | 6.8k minified | 9.7k pretty |

    This provides a set ASN.1 / x509 schemas for DER encoding and decoding Public / Private Keypairs and CSRs.

    • [x] Zero External Dependencies
    • [x] x509 schemas for common crypto
      • [x] RSA & ECDSA Public/Private Keypairs
        • PKCS1
        • PKCS8
        • SEC1
        • SPKI
        • PKIX
      • [x] Certificate Signing Requests (CSR)
        • PKCS10
    • [x] Universal Support
      • [x] Node.js
      • [x] Browsers
    • [x] Vanilla JS

    Looking for easy?

    You probably just want to use one of these:

    Looking for a deep dive? Well, in addition to x509.js, you'll probably also want one of more of these:

    Want to contribute? Need commercial support?

    Install

    This package contains both node-specific and browser-specific code, and the package.json#browser field ensures that your package manager will automatically choose the correct code for your environment.

    Node (and Webpack)

    npm install --save @root/x509
    var X509 = require('@root/x509');
    // just the encoders
    var X509 = require('@root/x509/packers');
    // just the decoders
    var X509 = require('@root/x509/parsers');

    Browsers (Vanilla JS)

    <script src="https://unpkg.com/@root/x509/dist/x509.all.js"></script>
    <script src="https://unpkg.com/@root/x509/dist/x509.all.min.js"></script>
    var X509 = window.X509;

    Usage

    This is a very tiny, very efficient x509 package.

    Rather than implementing full schemas as defined by the RFCs, it only implements the parts that are actually used in the wild by programs like openssl, Let's Encrypt, ssh-keygen, etc.

    Additionally, rather than always using a full parser, it uses happy-path heuristics to quickly and efficiently extract the necessary information. It likewise packs very quickly.

    Encoders

    The packers encoder JWK as DER.

    X509.packPkcs1(jwk);
    X509.packSec1(jwk);
    X509.packPkcs8(jwk);
    X509.packSpki(jwk);
    X509.packPkix(jwk); // alias of X509.packSpki

    There are two special functions specifically for embeding keys in CSRs.

    X509.packCsrRsaPublicKey(jwk);
    X509.packCsrEcPublicKey(jwk);

    The rest of the CSR code is in csr.js.

    Decoders

    The keypair format parsers each return a JWK, for convenience. To conserve memory, they expect taht you give an empty object as the jwk parameter.

    If you are using crv: 'P-384', you should pass that in as part of the otherwise empty JWK.

    X509.parsePkcs1(buf, jwk);
    X509.parseSec1(buf, jwk);
    X509.parsePkcs8(buf, jwk);
    X509.parseSpki(buf, jwk);
    X509.parsePkix(buf, jwk); // aliase of parseSpki

    Contributions

    Did this project save you some time? Maybe make your day? Even save the day?

    Please say "thanks" via Paypal or Patreon:

    Where does your contribution go?

    Root is a collection of experts who trust each other and enjoy working together on deep-tech, Indie Web projects.

    Our goal is to operate as a sustainable community.

    Your contributions - both in code and especially monetarily - help to not just this project, but also our broader work of projects that fuel the Indie Web.

    Also, we chat on Keybase in #rootprojects

    Commercial Support

    Do you need...

    • more features?
    • bugfixes, on your timeline?
    • custom code, built by experts?
    • commercial support and licensing?

    Contact aj@therootcompany.com for support options.

    Legal

    Copyright AJ ONeal, Root 2018-2019

    MPL-2.0 | Terms of Use | Privacy Policy

    Install

    npm i @root/x509

    DownloadsWeekly Downloads

    11,929

    Version

    0.7.2

    License

    MPL-2.0

    Unpacked Size

    93.4 kB

    Total Files

    12

    Last publish

    Collaborators

    • coolaj86