Skip to content

Instantly share code, notes, and snippets.



Last active Oct 31, 2020
What would you like to do?
generate ES512 and RS256 elliptic curve keypairs for JWT JWK (JSON Web Token JSON Web Key) using openssl
# RS256
# private key
openssl genrsa -out rs256-4096-private.rsa 4096
# public key
openssl rsa -in rs256-4096-private.rsa -pubout > rs256-4096-public.pem
# ES512
# private key
openssl ecparam -genkey -name secp521r1 -noout -out ecdsa-p521-private.pem
# public key
openssl ec -in ecdsa-p521-private.pem -pubout -out ecdsa-p521-public.pem
// from shout out to brianloveswords
const fs = require('fs');
const jwa = require('jwa');
const privateKey = fs.readFileSync(__dirname + '/ecdsa-p521-private.pem');
const publicKey = fs.readFileSync(__dirname + '/ecdsa-p521-public.pem');
const ecdsa = jwa('ES512');
const input = 'very important stuff';
const signature = ecdsa.sign(input, privateKey);
console.log('signature', signature)
console.log('verify', ecdsa.verify(input, signature, publicKey))

This comment has been minimized.

Copy link
Owner Author

@maxogden maxogden commented Nov 23, 2016

hmm, ES512 does not work with browserify :(

Error: wrong private key type
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.