objectECKey

The ECKey class is incryptoImplemented in the module, you can use this class to generate ECDSA key pairs, signatures and verification messages, etc.

Here is an example:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
const crypto = require("crypto");

// generate a secp256k1 key
const key = crypto.generateKey("secp256k1");
console.log("Private key:", key.pem());
console.log("Public key:", key.publicKey.pem());

const message = "Hello, fibjs!";
// sign a message
const sig = key.sign(message);
console.log("Signature:", sig.hex());

// very the signature
const verify = key.verify(message, sig);
console.log("Verify result:", verify);

In this example, we first generate an ECKey object of secp256k1, and then print the generated public and private keys. Next, we signed the message "Hello, fibjs!" and printed the signature result. Finally, we verified the signature using the same key object and printed the verification result.

inheritance relationship

Constructor

ECKey

Construct ECKey from key in DER format

1
2
new ECKey(Buffer DerKey,
    String password = "");

Call parameters:

• DerKey:Buffer, key in DER format
• password: String, decryption password

---

Construct ECKey from key in PEM format

1
2
new ECKey(String pemKey,
    String password = "");

Call parameters:

• pemKey: String, key in PEM format
• password: String, decryption password

---

Construct ECKey from key in JSON format

1
new ECKey(Object jsonKey);

Call parameters:

• jsonKey: Object, key in JSON format

The format of jsonKey supports the following two types, EC private key:

1
2
3
4
5
6
7
{
    "kty": "EC",
    "crv": "P-521",
    "x": "ATfNNFuuvlGxrTGoXgyfSAGgRNNDnO3rN3k74urKJdVS14RYhdnSwm91Bm-F1l-T1XKlAY2yRnzG9w1Ukvo8c0wL",
    "y": "ASBHqrruB6kdkEUB3vlW3-UIkk4HtKdUeTwN-7m3j2rgZvYR1ffRAapDvWqKGiBjomqWafxokBkbDI0c95f6f4XU",
    "d": "AfkIbUHXfW41njdpoKuqqKludcoLJS8D_oMEwkj-GVaXFNKccIoF5iKGu2c69kNDjo83R_7wyGlfRczsklkik1ST"
}

EC public key:

1
2
3
4
5
6
{
    "kty": "EC",
    "crv": "P-521",
    "x": "ATfNNFuuvlGxrTGoXgyfSAGgRNNDnO3rN3k74urKJdVS14RYhdnSwm91Bm-F1l-T1XKlAY2yRnzG9w1Ukvo8c0wL",
    "y": "ASBHqrruB6kdkEUB3vlW3-UIkk4HtKdUeTwN-7m3j2rgZvYR1ffRAapDvWqKGiBjomqWafxokBkbDI0c95f6f4XU"
}

static function

recover

Recover public key from recoverable signature, only supports secp256k1

1
2
static ECKey ECKey.recover(Buffer data,
    Buffer sig) async;

Call parameters:

• data:Buffer, the original data of the signature
• sig:Buffer, recoverable signature

Return results:

• ECKey, returns an object containing the public key

---

from

Load a key in DER format

1
2
static PKey ECKey.from(Buffer DerKey,
    String password = "");

Call parameters:

• DerKey:Buffer, key in DER format
• password: String, decryption password

Return results:

• PKey, returns an object containing the key

---

Load a key in PEM format

1
2
static PKey ECKey.from(String pemKey,
    String password = "");

Call parameters:

• pemKey: String, key in PEM format
• password: String, decryption password

Return results:

• PKey, returns an object containing the key

---

Load a key in JSON format

1
static PKey ECKey.from(Object jsonKey);

Call parameters:

• jsonKey: Object, key in JSON format

Return results:

• PKey, returns an object containing the key

The format of jsonKey supports the following four types of RSA private keys:

1
2
3
4
5
6
7
8
9
10
11
{
    "kty": "RSA",
    "n": "0m5lvKpWqy9JS7tV2HIPqHCYHLquSuxIC3F8strIQLJKO3rZmTT96KTnhsOfBO7Y1bI7mnT0PB3_vcHd9ekWMEoZJQw7MuB8KeM_Wn54-elJr5DNLk5bMppSGxX7ZnumiXGG51_X3Yp-_EbGtDG80GxXXix7Mucyo7K25uE0uW8=",
    "e": "AQAB",
    "d": "agN2O9NxMHL1MTMi75WfL9Pxvl-KWXKqZSF6mjzAsF9iKI8euyHIXYFepzU8kual1RsjDhCnzvWqFvZplW8lXqrHf_P-rS_9Y4gBUw6pjnI_DnFIRwWHRvrUHHSCfWOdTCIKdOTkgLZuGFuhEY3RMIW0WSYejjLtftwy0RVxAzk=",
    "p": "6a4G1qmfwWmn1biigN7IVFlkbLf9oVe6g7rOmHxI-hn1GRxKDSVuAUrmR1IhuAnca9M0y7SD-7TUs6wjOxWxaw==",
    "q": "5ofkxFKdPBD0CQHMb9q13AMHUVe0rJ-hSjqqIBrmqApUOneyAcMV76M0QyIQnI2p3POa4Qu_7XChDwRVl7LlDQ==",
    "dp": "2mXGiGwCHl8j-FBWuID-1C6z-BRB3MBEVoeKPOOzxOPruatB3mWEGXsqG7A8SWgV9URxTI2K6P3J6Z7RUpBkvw==",
    "dq": "oagn5vfb5NQqnOpS9xkSsD67cfIj821ZSFlNFYhnuOzNVda7z_qCtnHm4zDPH0lEFXoKYMfBhfqWJpaugttjPQ==",
    "qi": "dqEQgxNmOVFrF4s776hTqeC6oEDila8EvpVb2F2ZvwAOLjCQ66OiAZK1BiYGHqUy0NeqNmtlsLSuBEZQZvqZwg=="
}

RSA public key:

1
2
3
4
5
{
    "kty": "RSA",
    "n": "0m5lvKpWqy9JS7tV2HIPqHCYHLquSuxIC3F8strIQLJKO3rZmTT96KTnhsOfBO7Y1bI7mnT0PB3_vcHd9ekWMEoZJQw7MuB8KeM_Wn54-elJr5DNLk5bMppSGxX7ZnumiXGG51_X3Yp-_EbGtDG80GxXXix7Mucyo7K25uE0uW8=",
    "e": "AQAB"
}

EC private key:

1
2
3
4
5
6
7
{
    "kty": "EC",
    "crv": "P-521",
    "x": "ATfNNFuuvlGxrTGoXgyfSAGgRNNDnO3rN3k74urKJdVS14RYhdnSwm91Bm-F1l-T1XKlAY2yRnzG9w1Ukvo8c0wL",
    "y": "ASBHqrruB6kdkEUB3vlW3-UIkk4HtKdUeTwN-7m3j2rgZvYR1ffRAapDvWqKGiBjomqWafxokBkbDI0c95f6f4XU",
    "d": "AfkIbUHXfW41njdpoKuqqKludcoLJS8D_oMEwkj-GVaXFNKccIoF5iKGu2c69kNDjo83R_7wyGlfRczsklkik1ST"
}

EC public key:

1
2
3
4
5
6
{
    "kty": "EC",
    "crv": "P-521",
    "x": "ATfNNFuuvlGxrTGoXgyfSAGgRNNDnO3rN3k74urKJdVS14RYhdnSwm91Bm-F1l-T1XKlAY2yRnzG9w1Ukvo8c0wL",
    "y": "ASBHqrruB6kdkEUB3vlW3-UIkk4HtKdUeTwN-7m3j2rgZvYR1ffRAapDvWqKGiBjomqWafxokBkbDI0c95f6f4XU"
}

member properties

curve

String, returns the elliptic curve name of the current algorithm

1
readonly String ECKey.curve;

---

name

String, returns the current algorithm name

1
readonly String ECKey.name;

---

keySize

Integer, returns the current algorithm password length in bits

1
readonly Integer ECKey.keySize;

---

alg

String, returns and sets the current object signature algorithm

1
readonly String ECKey.alg;

---

publicKey

PKey, returns the public key of the current key

1
readonly PKey ECKey.publicKey;

Return results:

• the public key of the current key

member function

computeSecret

Calculate the Elliptic Curve Diffie-Hellman (ECDH) shared key using the current algorithm

1
Buffer ECKey.computeSecret(ECKey publicKey) async;

Call parameters:

• publicKey: ECKey, specify the other party’s public key

Return results:

• Buffer, returns the calculated shared secret key

---

isPrivate

Query whether the current key is a private key

1
Boolean ECKey.isPrivate();

Return results:

• Boolean, is True and represents the private key

---

clone

copy current key

1
PKey ECKey.clone();

Return results:

• PKey, the copy object of the current key

---

pem

Returns the PEM format encoding of the current key

1
String ECKey.pem();

Return results:

• String, PEM format encoding of the current key

---

der

Returns the DER format encoding of the current key

1
Buffer ECKey.der();

Return results:

• Buffer, the DER format encoding of the current key

---

json

Returns the jwt format encoding of the current key

1
Object ECKey.json(Object opts = {});

Call parameters:

• opts: Object, specify export options

Return results:

• Object, the jwt format encoding of the current key

opts supports the following parameters:

1
2
3
{
    compress: false // specify whether to output public key in compressed form
}

Curves that support compression are: secp192r1, secp192k1, secp256r1, secp256k1, brainpoolP256r1, secp384r1, brainpoolP384r1, brainpoolP512r1, secp521r1, sm2

---

equals

Compare two public/private keys to see if they are the same

1
Boolean ECKey.equals(object key);

Call parameters:

• key:object, specify the other party’s public/private key

Return results:

• Boolean, if they are the same, return true

---

encrypt

Encrypt data using current algorithm cipher public key

1
Buffer ECKey.encrypt(Buffer data) async;

Call parameters:

• data:Buffer, specify the data to be encrypted

Return results:

• Buffer, returns the encrypted data

---

decrypt

Decrypt data using current algorithm password private key

1
Buffer ECKey.decrypt(Buffer data) async;

Call parameters:

• data:Buffer, specify the data to be decrypted

Return results:

• Buffer, returns the decrypted data

---

sign

Sign data using the current algorithm cryptographic private key

1
2
Buffer ECKey.sign(Buffer data,
    Object opts = {}) async;

Call parameters:

• data:Buffer, specify the data to be signed. When the algorithm is RSA, the input parameter needs to be executed with the algorithm specified by alg.hash
• opts: Object, specify signature options

Return results:

• Buffer, return the signed data

opts supports the following parameters:

1
2
3
4
5
{
    alg: 0, // specify the hash algorithm for signing, only valid for RSA, default is 0. Supported algorithms: 0=NONE,1=MD5,2=SHA1,3=SHA224,4=SHA256,5=SHA384,6=SHA512,7=RIPEMD160
    format: "der", // specify the signature format, default is der, supported formats: der, raw
    recoverable: false // specify whether to return a recoverable signature, only valid for secp256k1
}

---

verify

Verify data using current algorithm cryptographic public key

1
2
3
Boolean ECKey.verify(Buffer data,
    Buffer sign,
    Object opts = {}) async;

Call parameters:

• data:Buffer, specify the data to be verified
• sign:Buffer, specify the signature to be verified
• opts: Object, specify verification options

Return results:

• Boolean, returns the verified result

opts supports the following parameters:

1
2
3
4
{
    alg: 0, // specify the hash algorithm for signing, only valid for RSA, default is 0. Supported algorithms: 0=NONE,1=MD5,2=SHA1,3=SHA224,4=SHA256,5=SHA384,6=SHA512,7=RIPEMD160
    format: "der" // specify the signature format, default is der, supported formats: der, raw
}

---

toString

Returns the string representation of the object. Generally, "[Native Object]" is returned. The object can be re-implemented according to its own characteristics.

1
String ECKey.toString();

Return results:

• String, returns the string representation of the object

---

toJSON

Returns a JSON format representation of the object, generally returning a collection of readable properties defined by the object.

1
Value ECKey.toJSON(String key = "");

Call parameters:

• key: String, not used

Return results:

• Value, returns a value containing JSON serializable