Generate ECDSA JWKs in JWKS keystore using ES384

ECDSA-keystore.js

// Generates an elliptic curve keypair for the purpose of signing JWTs with ECDSA.
const jose = require('node-jose');
const fs = require('fs');

const keystore = jose.JWK.createKeyStore();

async function addNewECDSAKey(kid, keystore) {
  const kty = "EC";
  const crv = "P-384";

  // https://tools.ietf.org/html/rfc7517#section-4
  const options = {
    kid,
    alg: 'ES384',
    use: 'sig'
  };

  await keystore.generate(kty, crv, options);
}

function writeKeysToFile(keystore) {
  fs.existsSync('output/') || fs.mkdirSync('output/');
  
  const pub = 'output/jwks.json'; // host this file at https://my-website.com/.well-known/jwks.json
  fs.writeFileSync(pub, JSON.stringify(keystore.toJSON()));
  const priv = 'output/jwks-secret.json';
  fs.writeFileSync(priv, JSON.stringify(keystore.toJSON(true)));
}

(async function generateABunchOfKeys() {
  await addNewECDSAKey('my-first-key', keystore);
  await addNewECDSAKey('my-second-key', keystore);
  await addNewECDSAKey('my-third-key', keystore);
  writeKeysToFile(keystore);
})();