Created
November 7, 2022 23:53
-
-
Save bshambaugh/7caa03e042545873b5cf055b584e8157 to your computer and use it in GitHub Desktop.
try to replicate A.3. Example JWS Using ECDSA P-256 SHA-256 in RFC7515
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import {hash} from '@stablelib/sha256' | |
import * as u8a from 'uint8arrays' | |
import elliptic from 'elliptic' | |
const secp256r1 = new elliptic.ec('p256') | |
const stringTwo = '{"alg":"ES256"}'; | |
const u8aStringTwo = u8a.fromString(stringTwo); | |
console.log(stringTwo); | |
console.log(u8aStringTwo); | |
const base64urlStringTwo = u8a.toString(u8aStringTwo,'base64url'); | |
console.log(base64urlStringTwo); | |
const stringThree = '{"iss":"joe","exp":1300819380,"http://example.com/is_root":true}'; | |
const u8aStringThree = u8a.fromString(stringThree); | |
console.log(stringThree); | |
console.log(u8aStringThree); | |
const base64urlStringThree = u8a.toString(u8aStringThree,'base64url'); | |
console.log(base64urlStringThree); | |
const stringFour = base64urlStringTwo + '.' + base64urlStringThree; | |
const u8aStringFour = u8a.fromString(stringFour); | |
const hashStringFour = hash(u8aStringFour); | |
console.log(stringFour); | |
console.log(u8aStringFour); | |
console.log(hashStringFour); /// I am not sure what this is supposed to look like, but I will try the signature on this and see what I get... | |
/* | |
{"kty":"EC", | |
"crv":"P-256", | |
"x":"f83OJ3D2xF1Bg8vub9tLe1gHMzV76e8Tus9uPHvRVEU", | |
"y":"x_FEzRu9m36HLN_tue659LNpXW6pCyStikYjKIWI5a0", | |
"d":"jpsQnnGQmL-YBIffH1136cspYG6-0iY7X1fCE9-E9LI" | |
} | |
*/ | |
// x,y,and d are base64url encoded value | |
const base64UrlprivateKey = 'jpsQnnGQmL-YBIffH1136cspYG6-0iY7X1fCE9-E9LI'; | |
const base64urlpublicKeyX = 'f83OJ3D2xF1Bg8vub9tLe1gHMzV76e8Tus9uPHvRVEU'; | |
const base64urlpublicKeyY = 'x_FEzRu9m36HLN_tue659LNpXW6pCyStikYjKIWI5a0'; | |
const u8aPrivateKey = u8a.fromString(base64UrlprivateKey,'base64url'); | |
const privateKey = secp256r1.keyFromPrivate(u8aPrivateKey); | |
const publicKey = String(privateKey.getPublic('hex')) | |
console.log(publicKey) | |
const publikcKeyXHex = u8a.toString(u8a.fromString(base64urlpublicKeyX,'base64url'),'hex') | |
const publikcKeyYHex = u8a.toString(u8a.fromString(base64urlpublicKeyY,'base64url'),'hex') | |
console.log(publikcKeyXHex); | |
console.log(publikcKeyYHex); | |
const signature = (privateKey.sign(hashStringFour)) | |
const xOctet = u8a.fromString(signature.r.toString(),'base10'); | |
const yOctet = u8a.fromString(signature.s.toString(),'base10'); | |
console.log(xOctet); | |
console.log(yOctet); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment