Object built-in object
  1. front page
  2. built-in objects
  3. ObjectBlsKey

ObjectBlsKey

Elliptic curve encryption algorithm object

The BlsKey object is an object used in fibjs to represent a BLS key. It can be used to build, import, export, and manipulate BLS keys. The BLS key is a public key encryption method that is commonly used for authentication and data signing, and has the characteristics of providing high execution speed while ensuring security.

The BlsKey object provides various constructor methods to load keys from different key formats. It also provides some public properties and methods like toString(), clone(), name, publicKey(), etc., as well as some static methods, such as from(), etc. You can use these methods to manipulate BlsKey objects.

In addition, the BlsKey object has member attributes such as isPrivate() and toJSON(key = ""), which can be used to query whether the key is a private key and export the JSON format representation of the object.

The BlsKey object provides a set of flexible and powerful APIs to easily manage BLS keys and implement security requirements such as authentication and data signing.

Below we use a simple example to demonstrate how to use the BlsKey object for signing and verification:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
var crypto = require('crypto');

// create a private key
var privateKey = new crypto.BlsKey({
    'kty': 'EC',
    'crv': 'BLS12-381-G1',
    'x': 'TPk62yDxSISkoSBRPYkpO%tJmm0tZd4tJeLuCKVFv4UmBPfOQ2aDWrCifANam2wj',
    'd': 'zE-pf24p-l0IT_lMcrX0gStTcsx_k1f7DnJmrN8V7ZU',
});

// sign a message
var message = '这是一条需要签名的消息';
var signature = privateKey.sign(message);

// verify the signature
var publicKey = privateKey.publicKey;
var verify = publicKey.verify(message, signature);

console.log('verification result:', verify);

inheritance relationship

%0 object object toString() toJSON() PKey PKey new PKey() from() name keySize alg publicKey isPrivate() clone() pem() der() json() equals() encrypt() decrypt() sign() verify() object->PKey ECKey ECKey new ECKey() recover() curve computeSecret() PKey->ECKey BlsKey BlsKey new BlsKey() aggregateSignature() aggregatePublicKey() bbs_suite bbsSign() bbsVerify() proofGen() proofVerify() ECKey->BlsKey

Constructor

BlsKey

Construct BlsKey from key in JSON format

1
new BlsKey(Object jsonKey);

Call parameters:

  • jsonKey: Object, key in JSON format

The format of jsonKey supports the following two types of private keys:

1
2
3
4
5
6
{
    "kty": "EC",
    "crv": "BLS12381_G1",
    "x": "tCgCNuUYQotPEsrljWi-lIRIPpzhqsnJV1NPnE7je6glUb-FJm9IYkuv2hbHw22i",
    "d": "TXNvJBBG3h23H5hFJcnRZmYd_j1TqpwtJOllYGU3yyw"
}

Bls public key:

1
2
3
4
5
{
    "kty": "EC",
    "crv": "BLS12381_G1",
    "x": "tCgCNuUYQotPEsrljWi-lIRIPpzhqsnJV1NPnE7je6glUb-FJm9IYkuv2hbHw22i"
}

static function

aggregateSignature

Merge a set of signatures into a single signature

1
static Buffer BlsKey.aggregateSignature(Array sigs);

Call parameters:

  • sigs: Array, a set of signatures to be merged

Return results:

  • Buffer, returns the merged single signature

aggregatePublicKey

Merge a set of public keys into a single public key

1
static BlsKey BlsKey.aggregatePublicKey(Array keys);

Call parameters:

  • keys: Array, a set of public keys to be merged

Return results:

  • BlsKey, returns the merged single public key

recover

Recover public key from recoverable signature, only supports secp256k1

1
2
static ECKey BlsKey.recover(Buffer data,
    Buffer sig) async;

Call parameters:

  • data:Buffer, the original data of the signature
  • sig:Buffer, recoverable signature

Return results:

  • ECKey, returns an object containing the public key

from

Load a key in DER format

1
2
static PKey BlsKey.from(Buffer DerKey,
    String password = "");

Call parameters:

  • DerKey:Buffer, key in DER format
  • password: String, decryption password

Return results:

  • PKey, returns an object containing the key

Load a key in PEM format

1
2
static PKey BlsKey.from(String pemKey,
    String password = "");

Call parameters:

  • pemKey: String, key in PEM format
  • password: String, decryption password

Return results:

  • PKey, returns an object containing the key

Load a key in JSON format

1
static PKey BlsKey.from(Object jsonKey);

Call parameters:

  • jsonKey: Object, key in JSON format

Return results:

  • PKey, returns an object containing the key

The format of jsonKey supports the following four types of RSA private keys:

1
2
3
4
5
6
7
8
9
10
11
{
    "kty": "RSA",
    "n": "0m5lvKpWqy9JS7tV2HIPqHCYHLquSuxIC3F8strIQLJKO3rZmTT96KTnhsOfBO7Y1bI7mnT0PB3_vcHd9ekWMEoZJQw7MuB8KeM_Wn54-elJr5DNLk5bMppSGxX7ZnumiXGG51_X3Yp-_EbGtDG80GxXXix7Mucyo7K25uE0uW8=",
    "e": "AQAB",
    "d": "agN2O9NxMHL1MTMi75WfL9Pxvl-KWXKqZSF6mjzAsF9iKI8euyHIXYFepzU8kual1RsjDhCnzvWqFvZplW8lXqrHf_P-rS_9Y4gBUw6pjnI_DnFIRwWHRvrUHHSCfWOdTCIKdOTkgLZuGFuhEY3RMIW0WSYejjLtftwy0RVxAzk=",
    "p": "6a4G1qmfwWmn1biigN7IVFlkbLf9oVe6g7rOmHxI-hn1GRxKDSVuAUrmR1IhuAnca9M0y7SD-7TUs6wjOxWxaw==",
    "q": "5ofkxFKdPBD0CQHMb9q13AMHUVe0rJ-hSjqqIBrmqApUOneyAcMV76M0QyIQnI2p3POa4Qu_7XChDwRVl7LlDQ==",
    "dp": "2mXGiGwCHl8j-FBWuID-1C6z-BRB3MBEVoeKPOOzxOPruatB3mWEGXsqG7A8SWgV9URxTI2K6P3J6Z7RUpBkvw==",
    "dq": "oagn5vfb5NQqnOpS9xkSsD67cfIj821ZSFlNFYhnuOzNVda7z_qCtnHm4zDPH0lEFXoKYMfBhfqWJpaugttjPQ==",
    "qi": "dqEQgxNmOVFrF4s776hTqeC6oEDila8EvpVb2F2ZvwAOLjCQ66OiAZK1BiYGHqUy0NeqNmtlsLSuBEZQZvqZwg=="
}

RSA public key:

1
2
3
4
5
{
    "kty": "RSA",
    "n": "0m5lvKpWqy9JS7tV2HIPqHCYHLquSuxIC3F8strIQLJKO3rZmTT96KTnhsOfBO7Y1bI7mnT0PB3_vcHd9ekWMEoZJQw7MuB8KeM_Wn54-elJr5DNLk5bMppSGxX7ZnumiXGG51_X3Yp-_EbGtDG80GxXXix7Mucyo7K25uE0uW8=",
    "e": "AQAB"
}

EC private key:

1
2
3
4
5
6
7
{
    "kty": "EC",
    "crv": "P-521",
    "x": "ATfNNFuuvlGxrTGoXgyfSAGgRNNDnO3rN3k74urKJdVS14RYhdnSwm91Bm-F1l-T1XKlAY2yRnzG9w1Ukvo8c0wL",
    "y": "ASBHqrruB6kdkEUB3vlW3-UIkk4HtKdUeTwN-7m3j2rgZvYR1ffRAapDvWqKGiBjomqWafxokBkbDI0c95f6f4XU",
    "d": "AfkIbUHXfW41njdpoKuqqKludcoLJS8D_oMEwkj-GVaXFNKccIoF5iKGu2c69kNDjo83R_7wyGlfRczsklkik1ST"
}

EC public key:

1
2
3
4
5
6
{
    "kty": "EC",
    "crv": "P-521",
    "x": "ATfNNFuuvlGxrTGoXgyfSAGgRNNDnO3rN3k74urKJdVS14RYhdnSwm91Bm-F1l-T1XKlAY2yRnzG9w1Ukvo8c0wL",
    "y": "ASBHqrruB6kdkEUB3vlW3-UIkk4HtKdUeTwN-7m3j2rgZvYR1ffRAapDvWqKGiBjomqWafxokBkbDI0c95f6f4XU"
}

member properties

bbs_suite

String, BBS signed cipher suite, default is Bls12381Sha256, can be modified to Bls12381Shake256, only supports BLS12-381-G2 curve

1
String BlsKey.bbs_suite;

curve

String, returns the elliptic curve name of the current algorithm

1
readonly String BlsKey.curve;

name

String, returns the current algorithm name

1
readonly String BlsKey.name;

keySize

Integer, returns the current algorithm password length in bits

1
readonly Integer BlsKey.keySize;

alg

String, returns and sets the current object signature algorithm

1
readonly String BlsKey.alg;

publicKey

PKey, returns the public key of the current key

1
readonly PKey BlsKey.publicKey;

Return results:

  • the public key of the current key

member function

bbsSign

Sign a set of messages using the current private key, only supporting the BLS12-381-G2 curve

1
2
Buffer BlsKey.bbsSign(Array messages,
    Object opts = {}) async;

Call parameters:

  • messages: Array, specifies the message array to be signed
  • opts: Object, specify signature options

Return results:

  • Buffer, returns the signed message

opts supports the following parameters:

1
2
3
{
    header: Buffer | string // specified header for signature, default is empty
}

bbsVerify

Verify signature using current public key, only supports BLS12-381-G2 curve

1
2
3
Boolean BlsKey.bbsVerify(Array messages,
    Buffer sig,
    Object opts = {}) async;

Call parameters:

  • messages: Array, specifies the complete message array
  • sig:Buffer, specify the signature to be verified
  • opts: Object, specify verification options

Return results:

  • Boolean, returns the verified result

opts supports the following parameters:

1
2
3
{
    header: Buffer | string // specified header for signature, default is empty
}

proofGen

Generate a certificate using the current public key and signature, only supports BLS12-381-G2 curve

1
2
3
4
Buffer BlsKey.proofGen(Buffer sig,
    Array messages,
    Array idx,
    Object opts = {}) async;

Call parameters:

  • sig:Buffer, specifies the signature used when generating the certificate
  • messages: Array, specifies the complete message array
  • idx: Array, specifies the message index used when generating proofs, the index is based on 1
  • opts: Object, specify proof options

Return results:

  • Buffer, returns the generated proof

opts supports the following parameters:

1
2
3
4
{
    header: Buffer | string, // specified header for signature, default is empty
    proof_header: Buffer | string // specified header for proof, default is empty
}

proofVerify

Use the current public key to verify the certificate, only supporting the BLS12-381-G2 curve

1
2
3
4
Boolean BlsKey.proofVerify(Array messages,
    Array idx,
    Buffer proof,
    Object opts = {}) async;

Call parameters:

  • messages: Array, specifies an array of messages filtered based on index
  • idx: Array, specifies the message index used in the proof, the index is based on 1
  • proof:Buffer, specify the generated proof
  • opts: Object, specify proof options

Return results:

  • Boolean, returns the verified result

opts supports the following parameters:

1
2
3
4
{
    header: Buffer | string, // specified header for signature, default is empty
    proof_header: Buffer | string // specified header for proof, default is empty
}

computeSecret

Calculate the Elliptic Curve Diffie-Hellman (ECDH) shared key using the current algorithm

1
Buffer BlsKey.computeSecret(ECKey publicKey) async;

Call parameters:

  • publicKey:ECKey, specify the other party’s public key

Return results:

  • Buffer, returns the calculated shared secret key

isPrivate

Query whether the current key is a private key

1
Boolean BlsKey.isPrivate();

Return results:

  • Boolean, is True and represents the private key

clone

copy current key

1
PKey BlsKey.clone();

Return results:

  • PKey, the copy object of the current key

pem

Returns the PEM format encoding of the current key

1
String BlsKey.pem();

Return results:

  • String, PEM format encoding of the current key

der

Returns the DER format encoding of the current key

1
Buffer BlsKey.der();

Return results:

  • Buffer, the DER format encoding of the current key

json

Returns the jwt format encoding of the current key

1
Object BlsKey.json(Object opts = {});

Call parameters:

  • opts: Object, specify export options

Return results:

  • Object, the jwt format encoding of the current key

opts supports the following parameters:

1
2
3
{
    compress: false // specify whether to output public key in compressed form
}

Curves that support compression are: secp192r1, secp192k1, secp256r1, secp256k1, brainpoolP256r1, secp384r1, brainpoolP384r1, brainpoolP512r1, secp521r1, sm2

equals

Compare two public/private keys to see if they are the same

1
Boolean BlsKey.equals(object key);

Call parameters:

  • key:object, specify the other party’s public/private key

Return results:

  • Boolean, if they are the same, return true

encrypt

Encrypt data using current algorithm cipher public key

1
Buffer BlsKey.encrypt(Buffer data) async;

Call parameters:

  • data:Buffer, specify the data to be encrypted

Return results:

  • Buffer, returns the encrypted data

decrypt

Decrypt data using current algorithm password private key

1
Buffer BlsKey.decrypt(Buffer data) async;

Call parameters:

  • data:Buffer, specify the data to be decrypted

Return results:

  • Buffer, returns the decrypted data

sign

Sign data using the current algorithm cryptographic private key

1
2
Buffer BlsKey.sign(Buffer data,
    Object opts = {}) async;

Call parameters:

  • data:Buffer, specify the data to be signed. When the algorithm is RSA, the input parameter needs to be executed with the algorithm specified by alg.hash
  • opts: Object, specify signature options

Return results:

  • Buffer, return the signed data

opts supports the following parameters:

1
2
3
4
5
{
    alg: 0, // specify the hash algorithm for signing, only valid for RSA, default is 0. Supported algorithms: 0=NONE,1=MD5,2=SHA1,3=SHA224,4=SHA256,5=SHA384,6=SHA512,7=RIPEMD160
    format: "der", // specify the signature format, default is der, supported formats: der, raw
    recoverable: false // specify whether to return a recoverable signature, only valid for secp256k1
}

verify

Verify data using current algorithm cryptographic public key

1
2
3
Boolean BlsKey.verify(Buffer data,
    Buffer sign,
    Object opts = {}) async;

Call parameters:

  • data:Buffer, specify the data to be verified
  • sign:Buffer, specify the signature to be verified
  • opts: Object, specify verification options

Return results:

  • Boolean, returns the verified result

opts supports the following parameters:

1
2
3
4
{
    alg: 0, // specify the hash algorithm for signing, only valid for RSA, default is 0. Supported algorithms: 0=NONE,1=MD5,2=SHA1,3=SHA224,4=SHA256,5=SHA384,6=SHA512,7=RIPEMD160
    format: "der" // specify the signature format, default is der, supported formats: der, raw
}

toString

Returns the string representation of the object. Generally, "[Native Object]" is returned. The object can be re-implemented according to its own characteristics.

1
String BlsKey.toString();

Return results:

  • String, returns the string representation of the object

toJSON

Returns a JSON format representation of the object, generally returning a collection of readable properties defined by the object.

1
Value BlsKey.toJSON(String key = "");

Call parameters:

  • key: String, not used

Return results:

  • Value, returns a value containing JSON serializable
© Copyright 2012-2024 fibjs.org | Support us