Support EC private key PEM export

Author: Frank Schmid

lib/keytypes/ECKey.js

@@ -27,7 +27,7 @@ const ECPublicKeyHeader = asn.define('ECPublicKeyHeader', function() {
 		this.key('keyType').objid({
 			'1.2.840.10045.2.1': 'EC'
 		}),
-		this.key('curve').objid(CURVE_OIDS)
+		this.key('crv').objid(CURVE_OIDS)
 	);
 });
 
@@ -38,6 +38,15 @@ const ECPublicKey = asn.define('ECPublicKey', function() {
 	);
 });
 
+const ECPrivateKey = asn.define('ECPrivateKey', function() {
+	this.seq().obj(
+		this.key('id').int(),
+		this.key('d').octstr(),
+		this.key('crv').explicit(0).objid(CURVE_OIDS),
+		this.key('coord').explicit(1).bitstr()
+	);
+});
+
 class ECKey {
 
 	constructor(crv, x, y, d) {
@@ -58,7 +67,7 @@ class ECKey {
 		const params = {
 			header: {
 				keyType: 'EC',
-				curve: this._crv
+				crv: this._crv
 			},
 			content: {
 				data: coordinate
@@ -67,6 +76,23 @@ class ECKey {
 		return ECPublicKey.encode(params, 'pem', { label: 'PUBLIC KEY' });
 	}
 
+	toPrivateKeyPEM() {
+		if (!this.hasPrivateKey) {
+			return null;
+		}
+
+		// Construct x/y coordinate
+		const coordinate = Buffer.concat([COORD_PREFIX_UNCOMPRESSED, this._x, this._y]);
+
+		const params = {
+			id: 1,
+			d: this._d,
+			crv: this._crv,
+			coord: { data: coordinate }
+		};
+		return ECPrivateKey.encode(params, 'pem', { label: 'EC PRIVATE KEY' });
+	}
+
 	static validate(key) {
 		// y must only be defined for the three curves defined in RFC-7517 par. 6.2.1
 		// FIXME: Currently y is treated as mandatory here.

lib/util.js

@@ -19,4 +19,3 @@ function unsigned(bignum) {
 }
 
 module.exports.unsigned = unsigned;
-module.exports.zeroBuffer = zeroBuffer;

test/tests/ec.test.js

@@ -10,9 +10,16 @@ describe('EC key', () => {
 	it('should be initialized from public key objects', () => {
 
 		const keySet = JWKSet.fromObject(publicKS);
-		const jwk = keySet.findKeyById('2011-04-29');
+		const jwk = keySet.findKeyById('k1');
 
-		expect(keySet.keys).to.satisfy(k => /(?!.*_invalid)$/.test(k.kid));
+		expect(jwk.kid).to.be.equal('k1');
+		expect(jwk.key.hasPrivateKey).to.be.false;
+
+		const pubKey = jwk.key.toPublicKeyPEM();
+		expect(pubKey).to.be.equal(`-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEJ41kktcqHeQYVdFMlv6AorbqOlmQ
+ESJqR4ZKiozpw0Lte4nZ4bm5uzeImkKvHADS+iBxSoBJGXyR7OOkh8dFvg==
+-----END PUBLIC KEY-----`);
 
 	});
 
@@ -25,35 +32,17 @@ describe('EC key', () => {
 		expect(jwk.key.hasPrivateKey).to.be.true;
 
 		const pubKey = jwk.key.toPublicKeyPEM();
-		console.log(pubKey);
-		exit();
 		expect(pubKey).to.be.equal(`-----BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vx7agoebGcQSuuPiLJX
-ZptN9nndrQmbXEps2aiAFbWhM78LhWx4cbbfAAtVT86zwu1RK7aPFFxuhDR1L6tS
-oc/BJECPebWKRXjBZCiFV4n3oknjhMstn64tZ/2W+5JsGY4Hc5n9yBXArwl93lqt
-7/RN5w6Cf0h4QyQ5v+65YGjQR0/FDW2QvzqY368QQMicAtaSqzs8KJZgnYb9c7d0
-zgdAZHzu6qMQvRL5hajrn1n91CbOpbISD08qNLyrdkt+bFTWhAI4vMQFh6WeZu0f
-M4lFd2NcRwr3XPksINHaQ+G/xBniIqbw0Ls1jF44+csFCur+kEgU8awapJzKnqDK
-gwIDAQAB
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEMKBCTNIcKUSDii11ySs3526iDZ8A
+iTo7Tu6KPAqv7D7gS2XpJFbZiItSs3m9+9Ue6GnvHw/GW2ZZaVtszggXIw==
 -----END PUBLIC KEY-----`);
 
-	});
-
-	it('should be initialized from private key objects', () => {
-
-		const keySet = JWKSet.fromObject(privateKS);
-		const jwk = keySet.findKeyById('2011-04-29');
-
-		const pubKey = jwk.key.toPublicKeyPEM();
-		expect(pubKey).to.be.equal(`-----BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vx7agoebGcQSuuPiLJX
-ZptN9nndrQmbXEps2aiAFbWhM78LhWx4cbbfAAtVT86zwu1RK7aPFFxuhDR1L6tS
-oc/BJECPebWKRXjBZCiFV4n3oknjhMstn64tZ/2W+5JsGY4Hc5n9yBXArwl93lqt
-7/RN5w6Cf0h4QyQ5v+65YGjQR0/FDW2QvzqY368QQMicAtaSqzs8KJZgnYb9c7d0
-zgdAZHzu6qMQvRL5hajrn1n91CbOpbISD08qNLyrdkt+bFTWhAI4vMQFh6WeZu0f
-M4lFd2NcRwr3XPksINHaQ+G/xBniIqbw0Ls1jF44+csFCur+kEgU8awapJzKnqDK
-gwIDAQAB
------END PUBLIC KEY-----`);
+	const privKey = jwk.key.toPrivateKeyPEM();
+	expect(privKey).to.be.equal(`-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIPO9DAeoH7kyeB7VJ1L2DMiaa+XlGTT+AZON21XY93gBoAoGCCqGSM49
+AwEHoUQDQgAEMKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D7gS2XpJFbZ
+iItSs3m9+9Ue6GnvHw/GW2ZZaVtszggXIw==
+-----END EC PRIVATE KEY-----`);
 
 	});