Object built-in object

ObjectECKey

The ECKey class is incryptoImplemented in the module, you can use this class to generate ECDSA key pairs, signature and verification messages, etc.

Here is an example:

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
const crypto = require("crypto"); // generate a secp256k1 key const key = crypto.generateKey("secp256k1"); console.log("Private key:", key.pem()); console.log("Public key:", key.publicKey.pem()); const message = "Hello, fibjs!"; // sign a message const sig = key.sign(message); console.log("Signature:", sig.hex()); // very the signature const verify = key.verify(message, sig); console.log("Verify result:", verify);

In this example, we first generate a secp256k1 ECKey object, and then print the generated public and private keys. Next, we signed the message "Hello, fibjs!" and printed the signature result, and finally verified the signature using the same key object, and printed the verification result.

inheritance relationship

Constructor

ECKey

Construct ECKey from a key in DER format

1 2
new ECKey(Buffer DerKey, String password = "");

Call parameters:

  • DerKey:Buffer, the key in DER format
  • password: String, decrypted password

Construct ECKey from key in PEM format

1 2
new ECKey(String pemKey, String password = "");

Call parameters:

  • pemKey: String, key in PEM format
  • password: String, decrypted password

Construct ECKey from the key in JSON format

1
new ECKey(Object jsonKey);

Call parameters:

  • jsonKey: Object, key in JSON format

The format of jsonKey supports the following two types, EC private key:

1 2 3 4 5 6 7
{ "kty": "EC", "crv": "P-521", "x": "ATfNNFuuvlGxrTGoXgyfSAGgRNNDnO3rN3k74urKJdVS14RYhdnSwm91Bm-F1l-T1XKlAY2yRnzG9w1Ukvo8c0wL", "y": "ASBHqrruB6kdkEUB3vlW3-UIkk4HtKdUeTwN-7m3j2rgZvYR1ffRAapDvWqKGiBjomqWafxokBkbDI0c95f6f4XU", "d": "AfkIbUHXfW41njdpoKuqqKludcoLJS8D_oMEwkj-GVaXFNKccIoF5iKGu2c69kNDjo83R_7wyGlfRczsklkik1ST" }

EC public key:

1 2 3 4 5 6
{ "kty": "EC", "crv": "P-521", "x": "ATfNNFuuvlGxrTGoXgyfSAGgRNNDnO3rN3k74urKJdVS14RYhdnSwm91Bm-F1l-T1XKlAY2yRnzG9w1Ukvo8c0wL", "y": "ASBHqrruB6kdkEUB3vlW3-UIkk4HtKdUeTwN-7m3j2rgZvYR1ffRAapDvWqKGiBjomqWafxokBkbDI0c95f6f4XU" }

static function

recover

recover public key from recoverable signature, only secp256k1 supported

1 2
static ECKey ECKey.recover(Buffer data, Buffer sig) async;

Call parameters:

  • data:Buffer, the original data of the signature
  • sig:Buffer, the recoverable signature

return result:

  • ECKey, returns an object containing the public key

from

Load a key in DER format

1 2
static PKey ECKey.from(Buffer DerKey, String password = "");

Call parameters:

  • DerKey:Buffer, the key in DER format
  • password: String, decrypted password

return result:

  • PKey, returns an object containing the key

Load a key in PEM format

1 2
static PKey ECKey.from(String pemKey, String password = "");

Call parameters:

  • pemKey: String, key in PEM format
  • password: String, decrypted password

return result:

  • PKey, returns an object containing the key

Load a key in JSON format

1
static PKey ECKey.from(Object jsonKey);

Call parameters:

  • jsonKey: Object, key in JSON format

return result:

  • PKey, returns an object containing the key

The format of jsonKey supports the following four types, RSA private key:

1 2 3 4 5 6 7 8 9 10 11
{ "kty": "RSA", "n": "0m5lvKpWqy9JS7tV2HIPqHCYHLquSuxIC3F8strIQLJKO3rZmTT96KTnhsOfBO7Y1bI7mnT0PB3_vcHd9ekWMEoZJQw7MuB8KeM_Wn54-elJr5DNLk5bMppSGxX7ZnumiXGG51_X3Yp-_EbGtDG80GxXXix7Mucyo7K25uE0uW8=", "e": "AQAB", "d": "agN2O9NxMHL1MTMi75WfL9Pxvl-KWXKqZSF6mjzAsF9iKI8euyHIXYFepzU8kual1RsjDhCnzvWqFvZplW8lXqrHf_P-rS_9Y4gBUw6pjnI_DnFIRwWHRvrUHHSCfWOdTCIKdOTkgLZuGFuhEY3RMIW0WSYejjLtftwy0RVxAzk=", "p": "6a4G1qmfwWmn1biigN7IVFlkbLf9oVe6g7rOmHxI-hn1GRxKDSVuAUrmR1IhuAnca9M0y7SD-7TUs6wjOxWxaw==", "q": "5ofkxFKdPBD0CQHMb9q13AMHUVe0rJ-hSjqqIBrmqApUOneyAcMV76M0QyIQnI2p3POa4Qu_7XChDwRVl7LlDQ==", "dp": "2mXGiGwCHl8j-FBWuID-1C6z-BRB3MBEVoeKPOOzxOPruatB3mWEGXsqG7A8SWgV9URxTI2K6P3J6Z7RUpBkvw==", "dq": "oagn5vfb5NQqnOpS9xkSsD67cfIj821ZSFlNFYhnuOzNVda7z_qCtnHm4zDPH0lEFXoKYMfBhfqWJpaugttjPQ==", "qi": "dqEQgxNmOVFrF4s776hTqeC6oEDila8EvpVb2F2ZvwAOLjCQ66OiAZK1BiYGHqUy0NeqNmtlsLSuBEZQZvqZwg==" }

RSA public key:

1 2 3 4 5
{ "kty": "RSA", "n": "0m5lvKpWqy9JS7tV2HIPqHCYHLquSuxIC3F8strIQLJKO3rZmTT96KTnhsOfBO7Y1bI7mnT0PB3_vcHd9ekWMEoZJQw7MuB8KeM_Wn54-elJr5DNLk5bMppSGxX7ZnumiXGG51_X3Yp-_EbGtDG80GxXXix7Mucyo7K25uE0uW8=", "e": "AQAB" }

EC private key:

1 2 3 4 5 6 7
{ "kty": "EC", "crv": "P-521", "x": "ATfNNFuuvlGxrTGoXgyfSAGgRNNDnO3rN3k74urKJdVS14RYhdnSwm91Bm-F1l-T1XKlAY2yRnzG9w1Ukvo8c0wL", "y": "ASBHqrruB6kdkEUB3vlW3-UIkk4HtKdUeTwN-7m3j2rgZvYR1ffRAapDvWqKGiBjomqWafxokBkbDI0c95f6f4XU", "d": "AfkIbUHXfW41njdpoKuqqKludcoLJS8D_oMEwkj-GVaXFNKccIoF5iKGu2c69kNDjo83R_7wyGlfRczsklkik1ST" }

EC public key:

1 2 3 4 5 6
{ "kty": "EC", "crv": "P-521", "x": "ATfNNFuuvlGxrTGoXgyfSAGgRNNDnO3rN3k74urKJdVS14RYhdnSwm91Bm-F1l-T1XKlAY2yRnzG9w1Ukvo8c0wL", "y": "ASBHqrruB6kdkEUB3vlW3-UIkk4HtKdUeTwN-7m3j2rgZvYR1ffRAapDvWqKGiBjomqWafxokBkbDI0c95f6f4XU" }

member attribute

curve

String, returns the elliptic curve name of the current algorithm

1
readonly String ECKey.curve;

name

String, returns the current algorithm name

1
readonly String ECKey.name;

keySize

Integer, returns the current algorithm password length in bits

1
readonly Integer ECKey.keySize;

alg

String, returns and sets the signature algorithm of the current object

1
String ECKey.alg;

publicKey

PKey, returns the public key of the current key

1
readonly PKey ECKey.publicKey;

return result:

  • the public key of the current key

member function

computeSecret

Computes an Elliptic Curve Diffie-Hellman (ECDH) shared secret using the current algorithm

1
Buffer ECKey.computeSecret(ECKey publicKey) async;

Call parameters:

  • publicKey: ECKey, specify the other party's public key

return result:

  • Buffer, returns the computed shared secret

isPrivate

Query whether the current key is a private key

1
Boolean ECKey.isPrivate();

return result:

  • Boolean, if True means private key

clone

copy current key

1
PKey ECKey.clone();

return result:

  • PKey, the copy object of the current key

pem

Returns the PEM format encoding of the current key

1
String ECKey.pem();

return result:

  • String, the PEM format encoding of the current key

der

Returns the DER format encoding of the current key

1
Buffer ECKey.der();

return result:

  • Buffer, the DER format encoding of the current key

json

Return the jwt format encoding of the current key

1
Object ECKey.json(Object opts = {});

Call parameters:

  • opts: Object, specifies export options

return result:

  • Object, the jwt format encoding of the current key

opts supports the following parameters:

1 2 3
{ compress: false, 指定签名以压缩方式输出公钥 }

The curves that support compression are: secp192r1, secp192k1, secp256r1, secp256k1, brainpoolP256r1, secp384r1, brainpoolP384r1, brainpoolP512r1, secp521r1, sm2


equals

Compare whether two public/private keys are the same

1
Boolean ECKey.equals(PKey key);

Call parameters:

  • key:PKey, specify the other party’s public/private key

return result:

  • Boolean, return true if the same

encrypt

Encrypt data using the current algorithm cryptographic public key

1
Buffer ECKey.encrypt(Buffer data) async;

Call parameters:

  • data:Buffer, specifies the data to be encrypted

return result:

  • Buffer, returns the encrypted data

decrypt

Decrypt the data using the current algorithm cryptographic private key

1
Buffer ECKey.decrypt(Buffer data) async;

Call parameters:

  • data:Buffer, specifies the data to be decrypted

return result:

  • Buffer, returns the decrypted data

sign

Sign data using the current algorithm cryptographic private key

1 2
Buffer ECKey.sign(Buffer data, Object opts = {}) async;

Call parameters:

  • data:Buffer, specifies the data to be signed
  • opts: Object, specifies signature options

return result:

  • Buffer, returns the signed data

opts supports the following parameters:

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
{ alg: 0, 指定签名的 hash 算法, 仅在 RSA 时有效, 缺省为 0. 支持算法: 0 = NONE, 1 = MD5, 2 = SHA1, 3 = SHA224, 4 = SHA256, 5 = SHA384, 6 = SHA512, 7 = RIPEMD160 to: pk, 指定验证方公钥, 仅在 ecsdsa 或 sm2 时有效 format: "der", 指定签名格式, 可选为 der 和 raw, 缺省为 der recoverable: false 指定返回可恢复签名, 仅在 secp256k1 有效 }

verify

Verify data using the current algorithm cryptographic public key

1 2 3
Boolean ECKey.verify(Buffer data, Buffer sign, Object opts = {}) async;

Call parameters:

  • data:Buffer, specifying the data to validate
  • sign:Buffer, specifying the signature to verify
  • opts: Object, specifies the authentication options

return result:

  • Boolean, returns the verified result

opts supports the following parameters:

1 2 3 4 5 6 7 8 9 10 11 12 13 14
{ alg: 0, 指定签名的 hash 算法, 仅在 RSA 时有效, 缺省为 0. 支持算法: 0 = NONE, 1 = MD5, 2 = SHA1, 3 = SHA224, 4 = SHA256, 5 = SHA384, 6 = SHA512, 7 = RIPEMD160 to: pk, 指定验证方公钥, 仅在 ecsdsa 或 sm2 时有效 format: "der", 指定签名格式, 可选为 der 和 raw, 缺省为 der }

toString

Return the string representation of the object, generally return "[Native Object]", the object can be reimplemented according to its own characteristics

1
String ECKey.toString();

return result:

  • String, returns a string representation of the object

toJSON

Returns the JSON format representation of the object, generally returns a collection of readable properties defined by the object

1
Value ECKey.toJSON(String key = "");

Call parameters:

  • key: String, not used

return result:

  • Value, which returns a JSON-serializable value