/jks-js-browser

Extracts PEM certificates from Java Keystore in order to securely connect to Java based servers using node js

Primary LanguageJavaScriptMIT LicenseMIT

JKS-JS

Description

jks-js is a converter of Java Keystore to PEM certificates in order to securely connect to Java-based servers using Node.js.

Installation

npm install jks-js

Usage

...
const jks = require('jks-js');

const keystore = jks.toPem(
	fs.readFileSync('keystore.jks'),
	'password'
);

const { cert, key } = keystore['alias'];

after extraction you may use cert and key in your connection settings:

tls.connect('<port>', '<host>', {
	key: key,
	cert: cert,
});

more details

API

const {
	/**
	 * Extracts certificates from java keystore or truststore
	 * and decrypts private key 
	 * 
	 * @param keystore content of java keystore or truststore file
	 * @param password password for verification and decryption
	 * @return {
	 *     <alias name>: {
	 *         cert: string // compound certificates chain
	 *         key: string // decrypted private key 
	 *     } | {
	 *         ca: string // trusted certificate
	 *     }
	 * }
	 */
	toPem,

	/**
	 *  Only extracts certificates
	 *  @param keystore
	 *  @param password
	 *  @return { <alias name>: KeyEntry | TrustedKeyEntry }
	 */
	parseJks,

	/**
	 * Decrypts private key from DER to PEM
	 *
	 * @param protectedPrivateKey DER encoded private key
	 * @param password password for PKCS8 decryption
	 * @return decoded private key 
	 */
	decrypt
} = require('jks-js');

How it works

The implementaion is based on JavaKeystore.java logic, which is internally used for creation of java keystore, including keytool.

It is supposed the keystore contains X.509 certificates.

But you may use the library to extract any of certificates.

The decryption constrained by alghorithms that implemented in the crypto module of Node.js.

Issues

If you find any troubles feel free to create an issue.

License

MIT License

Copyright (c) 2020 Volodymyr Liench