Reputation: 75
Cryptographic key to JSON Web Key using javascript
I am a newbie in JavaScript or GatewayScript. I have a requirement where I need to convert the content of a .pem (which is in DataPower under local:///cert or can be added into a crypto object) to JWK.
Could anyone help me with the starting point on how to develop a javascript to
- refer the crypto key object from DataPower (example crypto key object JWKCryptoCertObj)
- Decrypt the crypto key object (example JWKCryptoCertObj.pem)
- Convert the content of the key to JSON Web Key (
jwk.readCertificate())
So far I have got to know that jwk.readCertificate() can help me to convert a key object to a JWK.
I have tried the below piece of code to fetch it:
var jwk = require('jwk');
var myJWK = jwk.readCertificate('cerjwk');
console.log(myJWK);
However, I get the below error in DataPower:
3:13:17 AM mpgw error 1277869681 error 0x00d30003 mpgw (PortTest): Rejected by filter; SOAP fault sent
3:13:17 AM multistep error 1277869681 request 0x80c00009 mpgw (PortTest): request PortTest_Policy_rule_1 #2 gatewayscript: Transforming the content of INPUT. The transformation local:///jwk.js is applied. The results are stored in testop. failed: Internal Error
3:13:17 AM gatewayscript error 1277869681 request 0x85800007 mpgw (PortTest): GatewayScript processing Error 'Error: Named certificate 'cerjwk' not found In file 'gatewayscript:///modules/jwk.js' line:428, stack:Error: Named certificate 'cerjwk' not found at Object.readCertificate (gatewayscript:///modules/jwk.js:428:18) at Object. (local:///jwk.js:5:17) at Script.execute (gatewayscript:///datapower.js:155:24) at Object. (gatewayscript:///datapower.js:582:55)'
3:13:17 AM crypto error 1277869681 request 0x8580005c mpgw (PortTest): Named certificate 'cerjwk' not found
Could anyone help me with the issue here? Thanks in advance!!
Upvotes: -1
Views: 1904
Answers (3)
Reputation: 75
Here is the working code:
var ctx = session.name('INPUT')|| session.createContext('INPUT');
var hm = require('header-metadata');
//var headers = hm.current;
var sm = require('service-metadata');
var uriIn=sm.getVar("var://service/URI");
var jwk = require('jwk');
var myJWK = jwk.readCertificate('qa.developer.citigroup.net');
//headers.set('X-new-header', myJWK);
//headers.set('Content-Type','application/json');
console.log(myJWK);
ctx.setVariable('yourjwk',myJWK);
session.output.write(myJWK);
Upvotes: 0
Reputation: 75
It finally worked, the thing that was needed to be changed was the cert, instead of the key.
Upvotes: 0
Reputation: 3412
There is no need to convert the certificate. Just add it into a Crypto Key object and use the name (e.g. "crykey-my-key") of the object in the call, e.g.:
const jwk = require('jwk');
const myKeyJWK = jwk.readCertificate('crykey-my-key');
Upvotes: 0
Related Questions
- How to derive public key from private key using WebCryptoApi?
- How to generate a JSON Web Key (JWK) in C#
- How do I get data as JSON format from the IBM Cloud with a HTTP Request using JavaScript?
- Decrypting JSONWebToken Using JSONWebKey or JSONWebKeySet in C#
- How to correctly implement Web Crypto API generateKey and exportKey?
- How to convert raw representations of ECDH key pair into a JSON Web Key?
- AES Encryption Decryption in API Connect Gateway Script JSON Datapower
- how to populate a jsonwebkey from a generated ecdsa key
- Javascript - key / certificate from USB Token
- How to export Web Crypto key to jsrsasign