packages/server/src/helpers/convertASN1toPEM.ts


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48

/**
 * Convert binary certificate or public key to an OpenSSL-compatible PEM text format.
 *
 * @param buffer - Cert or PubKey buffer
 * @return PEM
 */
export default function convertASN1toPEM(pkBuffer: Buffer) {
  let buffer = pkBuffer;

  let type;
  if (buffer.length === 65 && buffer[0] === 0x04) {
    /**
     * If needed, we encode rawpublic key to ASN structure, adding metadata:
     *
     * SEQUENCE {
     *   SEQUENCE {
     *     OBJECTIDENTIFIER 1.2.840.10045.2.1 (ecPublicKey)
     *     OBJECTIDENTIFIER 1.2.840.10045.3.1.7 (P-256)
     *   }
     *   BITSTRING <raw public key>
     * }
     *
     * Luckily, to do that, we just need to prefix it with constant 26 bytes (metadata is
     * constant).
     */
    buffer = Buffer.concat([
      Buffer.from('3059301306072a8648ce3d020106082a8648ce3d030107034200', 'hex'),
      buffer,
    ]);

    type = 'PUBLIC KEY';
  } else {
    type = 'CERTIFICATE';
  }

  const b64cert = buffer.toString('base64');

  let PEMKey = '';
  for (let i = 0; i < Math.ceil(b64cert.length / 64); i += 1) {
    const start = 64 * i;

    PEMKey += `${b64cert.substr(start, 64)}\n`;
  }

  PEMKey = `-----BEGIN ${type}-----\n${PEMKey}-----END ${type}-----\n`;

  return PEMKey;
}