Last active
November 2, 2023 10:13
-
-
Save max-mapper/62b7119909a93204c747633308a4d769 to your computer and use it in GitHub Desktop.
generate ES512 and RS256 elliptic curve keypairs for JWT JWK (JSON Web Token JSON Web Key) using openssl
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# RS256 | |
# private key | |
openssl genrsa -out rs256-4096-private.rsa 4096 | |
# public key | |
openssl rsa -in rs256-4096-private.rsa -pubout > rs256-4096-public.pem | |
# ES512 | |
# private key | |
openssl ecparam -genkey -name secp521r1 -noout -out ecdsa-p521-private.pem | |
# public key | |
openssl ec -in ecdsa-p521-private.pem -pubout -out ecdsa-p521-public.pem |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// from npmjs.org/jwa. shout out to brianloveswords | |
const fs = require('fs'); | |
const jwa = require('jwa'); | |
const privateKey = fs.readFileSync(__dirname + '/ecdsa-p521-private.pem'); | |
const publicKey = fs.readFileSync(__dirname + '/ecdsa-p521-public.pem'); | |
const ecdsa = jwa('ES512'); | |
const input = 'very important stuff'; | |
const signature = ecdsa.sign(input, privateKey); | |
console.log('signature', signature) | |
console.log('verify', ecdsa.verify(input, signature, publicKey)) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
hmm, ES512 does not work with browserify :(