Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

API for public PKCS PEM string #84

Open
NN--- opened this issue Mar 19, 2018 · 7 comments · May be fixed by #85
Open

API for public PKCS PEM string #84

NN--- opened this issue Mar 19, 2018 · 7 comments · May be fixed by #85
Labels
feature

Comments

@NN---
Copy link
Contributor

NN--- commented Mar 19, 2018

I had to do it manually instead of using crx object.

var pem = fse.readFileSync(pemFile);
var key = new RSA(pem);
var publicKeyPem = key.exportKey("pkcs8-public-pem");

This key in PKCS format without line ending and header, footer is used in 'key' property in the manifest.
https://developer.chrome.com/apps/manifest/key

This allows to have consistent extension id for unpacked extension placed in any folder.
@thom4parisot
Copy link
Owner

So if I understand well, you are asking to generate a privateKey with crx?

Does the command crx keygen work for you? Or it's not what you are looking for?

@NN---
Copy link
Contributor Author

NN--- commented Mar 20, 2018

Not exactly.
When you install extension, Chrome saves it unpacked inside profile foler\extensions
https://chromium.googlesource.com/chromium/src/+/lkcr/docs/user_data_dir.md

For each extension there is a manifest.json with "key" property.
This key is a public key in PKCS-8 format.
If you take any unpacked extension and copy the key property value, you get the same id.

@thom4parisot
Copy link
Owner

Hm I see.

There is a method to generate a public key:

https://github.com/oncletom/crx/blob/120c3611f07e907159580974f85dfcb1b4b8b0dc/src/crx.js#L142-L154

crx.generateAppId can give you the extension ID based on the generated public key.

Would that work?

@NN---
Copy link
Contributor Author

NN--- commented Mar 20, 2018

It is not the same.
I need pem format, and this makes der format.

@thom4parisot
Copy link
Owner

I see, that's something I never looked out (their difference of use of the various formats).

As far as I can see, it's just a matter of passing a different parameter to the exportKey method.

There is maybe a way to derive a PEM key from a DER key but it looks fine to change the signature of the generatePublicKey method to accept a public key format ('pem' or 'der'; the latter being the default one).

What do you think?

The geneneratePrivateKey contained in the bin/cli.js file could also be relocated to make it more convenient to manipulate public/private key operations.

@NN---
Copy link
Contributor Author

NN--- commented Mar 20, 2018

Yeah, possible solution with default to der.
Personally I use both, I need to know extension id and the public key pkcs to make local builds with the same id.

@thom4parisot thom4parisot linked a pull request Mar 20, 2018 that will close this issue
Open
@insanehong
Copy link

insanehong commented May 15, 2019
edited
Loading

I think not bad.

I use this code.

private async getPublicPem(der: Buffer): Promise<string> {
    try {
      const pkcs: RSA.FormatPem = 'pkcs8-public-pem';
      const key: RSA = new RSA();
      key.importKey(der, 'pkcs8-public-der');
      return key.exportKey(pkcs);
    } catch (e) {
      throw new Error(e);
    }
  }
```

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Refactor code into a crypto module thom4parisot/crx
3 participants
@thom4parisot @NN--- @insanehong