2015-09-03

Using WebCrypto API to generate a KeyPair

The other day, I was using my chromebook and I needed to generate a keypair to get access to a new ssh server. I googled for a solution, but surprisingly I couldn't find one. Though I was pretty sure that the WebCrypto API would allow me to do easily, it turned out it's not as easy as I thought and it took me a couple days to actually figure out how to use the webcrypto API to achieve this specific goal, though this was mostly due to my blissful ignorance of ASN.1 encoding, JWK, base64url and openssh weird public key format.

Of course the first point of reference should be the the actual W3C spec. But this document is a bit too abstract and I found it hard to actually use the API from the spec.

Then I found a WebCrypto live table that tells me if my current browser actually support the API. Since some of those use native libraries, the Chrome on ChromeOS would have different support as the Chrome on other OSes.

We also need to keep in mind that the WebCrypto api is only available from secure locations. Luckily the file url is counted as a secure location, so it makes it easy to experiment from there. And surge.sh does host under https so that will be my provider of choice to host the end result.

On an OS with support for openssh we have the nifty utility ssh-keygen which allows to generate a keypair that can be used with ssh - which is exactly what we need.

So we have to figure out which algorithm to use, then use it with the appropriate parameters, then find a way to expose the public key and the private key. Ideally save the private key to a file and copy the public key.

The WebCrypto api is based on promises for the async work, so you will need to be vaguely familiar with promises to be able to read the code.

I am forever grateful to Converting OpenSSH public Keys for explaining the format used by OpenSSH public keys.

I also had to use a lot of google-fu to find out how to ASN.1 encode the JWK produced for the private key by the WebCrypto API in format that will be accepted by openSSH. Thanks to Lapo Luchini for putting together the awesome ASN.1 online decoder that allowed me debug my code and find out that ASN.1 doesn't like integer that starts with the high bit set (you have to prefix them with 0x00 in this case).

Please note that it is usually a very bad idea to put private keys in a browser, as most thing that are displayed on a web page can be stolen and a private key is probably the worst thing you could think putting on a web page.

But now, equipped with those two string representation of my key pair, I can setup my ssh connection straight from my Chromebook without having to use another OS. I am using the ssh chrome extension.

Live demo at https://js-keygen.surge.sh
Code at https://github.com/PatrickRoumanoff/js-keygen

No comments: