-
-
Save jminz/284c131a62e7f1a26964c845443bd032 to your computer and use it in GitHub Desktop.
generate ES512 and RS256 elliptic curve keypairs for JWT JWK (JSON Web Token JSON Web Key) using openssl
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # RS256 | |
| # private key | |
| openssl genrsa -out rs256-4096-private.rsa 4096 | |
| # public key | |
| openssl rsa -in rs256-4096-private.rsa -pubout > rs256-4096-public.pem | |
| # ES512 | |
| # private key | |
| openssl ecparam -genkey -name secp521r1 -noout -out ecdsa-p521-private.pem | |
| # public key | |
| openssl ec -in ecdsa-p521-private.pem -pubout -out ecdsa-p521-public.pem | |
| # cert | |
| openssl req -new -x509 -key ecdsa-p521-private.pem -out ecdsa-p521-cert.crt -days 24854 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // from npmjs.org/jwa. shout out to brianloveswords | |
| const fs = require('fs'); | |
| const jwa = require('jwa'); | |
| const privateKey = fs.readFileSync(__dirname + '/ecdsa-p521-private.pem'); | |
| const publicKey = fs.readFileSync(__dirname + '/ecdsa-p521-public.pem'); | |
| const ecdsa = jwa('ES512'); | |
| const input = 'very important stuff'; | |
| const signature = ecdsa.sign(input, privateKey); | |
| console.log('signature', signature) | |
| console.log('verify', ecdsa.verify(input, signature, publicKey)) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment