ObjectECKey
The ECKey class is incryptoImplemented in the module, you can use this class to generate ECDSA key pairs, signature and verification messages, etc.
Here is an example:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15const crypto = require("crypto");
// generate a secp256k1 key
const key = crypto.generateKey("secp256k1");
console.log("Private key:", key.pem());
console.log("Public key:", key.publicKey.pem());
const message = "Hello, fibjs!";
// sign a message
const sig = key.sign(message);
console.log("Signature:", sig.hex());
// very the signature
const verify = key.verify(message, sig);
console.log("Verify result:", verify);
In this example, we first generate a secp256k1 ECKey object, and then print the generated public and private keys. Next, we signed the message "Hello, fibjs!" and printed the signature result, and finally verified the signature using the same key object, and printed the verification result.
inheritance relationship
Constructor
ECKey
Construct ECKey from a key in DER format
1
2new ECKey(Buffer DerKey,
String password = "");
Call parameters:
- DerKey:Buffer, the key in DER format
- password: String, decrypted password
Construct ECKey from key in PEM format
1
2new ECKey(String pemKey,
String password = "");
Call parameters:
- pemKey: String, key in PEM format
- password: String, decrypted password
Construct ECKey from the key in JSON format
1new ECKey(Object jsonKey);
Call parameters:
- jsonKey: Object, key in JSON format
The format of jsonKey supports the following two types, EC private key:
1
2
3
4
5
6
7{
"kty": "EC",
"crv": "P-521",
"x": "ATfNNFuuvlGxrTGoXgyfSAGgRNNDnO3rN3k74urKJdVS14RYhdnSwm91Bm-F1l-T1XKlAY2yRnzG9w1Ukvo8c0wL",
"y": "ASBHqrruB6kdkEUB3vlW3-UIkk4HtKdUeTwN-7m3j2rgZvYR1ffRAapDvWqKGiBjomqWafxokBkbDI0c95f6f4XU",
"d": "AfkIbUHXfW41njdpoKuqqKludcoLJS8D_oMEwkj-GVaXFNKccIoF5iKGu2c69kNDjo83R_7wyGlfRczsklkik1ST"
}
EC public key:
1
2
3
4
5
6{
"kty": "EC",
"crv": "P-521",
"x": "ATfNNFuuvlGxrTGoXgyfSAGgRNNDnO3rN3k74urKJdVS14RYhdnSwm91Bm-F1l-T1XKlAY2yRnzG9w1Ukvo8c0wL",
"y": "ASBHqrruB6kdkEUB3vlW3-UIkk4HtKdUeTwN-7m3j2rgZvYR1ffRAapDvWqKGiBjomqWafxokBkbDI0c95f6f4XU"
}
static function
recover
recover public key from recoverable signature, only secp256k1 supported
1
2static ECKey ECKey.recover(Buffer data,
Buffer sig) async;
Call parameters:
return result:
- ECKey, returns an object containing the public key
from
Load a key in DER format
1
2static PKey ECKey.from(Buffer DerKey,
String password = "");
Call parameters:
- DerKey:Buffer, the key in DER format
- password: String, decrypted password
return result:
- PKey, returns an object containing the key
Load a key in PEM format
1
2static PKey ECKey.from(String pemKey,
String password = "");
Call parameters:
- pemKey: String, key in PEM format
- password: String, decrypted password
return result:
- PKey, returns an object containing the key
Load a key in JSON format
1static PKey ECKey.from(Object jsonKey);
Call parameters:
- jsonKey: Object, key in JSON format
return result:
- PKey, returns an object containing the key
The format of jsonKey supports the following four types, RSA private key:
1
2
3
4
5
6
7
8
9
10
11{
"kty": "RSA",
"n": "0m5lvKpWqy9JS7tV2HIPqHCYHLquSuxIC3F8strIQLJKO3rZmTT96KTnhsOfBO7Y1bI7mnT0PB3_vcHd9ekWMEoZJQw7MuB8KeM_Wn54-elJr5DNLk5bMppSGxX7ZnumiXGG51_X3Yp-_EbGtDG80GxXXix7Mucyo7K25uE0uW8=",
"e": "AQAB",
"d": "agN2O9NxMHL1MTMi75WfL9Pxvl-KWXKqZSF6mjzAsF9iKI8euyHIXYFepzU8kual1RsjDhCnzvWqFvZplW8lXqrHf_P-rS_9Y4gBUw6pjnI_DnFIRwWHRvrUHHSCfWOdTCIKdOTkgLZuGFuhEY3RMIW0WSYejjLtftwy0RVxAzk=",
"p": "6a4G1qmfwWmn1biigN7IVFlkbLf9oVe6g7rOmHxI-hn1GRxKDSVuAUrmR1IhuAnca9M0y7SD-7TUs6wjOxWxaw==",
"q": "5ofkxFKdPBD0CQHMb9q13AMHUVe0rJ-hSjqqIBrmqApUOneyAcMV76M0QyIQnI2p3POa4Qu_7XChDwRVl7LlDQ==",
"dp": "2mXGiGwCHl8j-FBWuID-1C6z-BRB3MBEVoeKPOOzxOPruatB3mWEGXsqG7A8SWgV9URxTI2K6P3J6Z7RUpBkvw==",
"dq": "oagn5vfb5NQqnOpS9xkSsD67cfIj821ZSFlNFYhnuOzNVda7z_qCtnHm4zDPH0lEFXoKYMfBhfqWJpaugttjPQ==",
"qi": "dqEQgxNmOVFrF4s776hTqeC6oEDila8EvpVb2F2ZvwAOLjCQ66OiAZK1BiYGHqUy0NeqNmtlsLSuBEZQZvqZwg=="
}
RSA public key:
1
2
3
4
5{
"kty": "RSA",
"n": "0m5lvKpWqy9JS7tV2HIPqHCYHLquSuxIC3F8strIQLJKO3rZmTT96KTnhsOfBO7Y1bI7mnT0PB3_vcHd9ekWMEoZJQw7MuB8KeM_Wn54-elJr5DNLk5bMppSGxX7ZnumiXGG51_X3Yp-_EbGtDG80GxXXix7Mucyo7K25uE0uW8=",
"e": "AQAB"
}
EC private key:
1
2
3
4
5
6
7{
"kty": "EC",
"crv": "P-521",
"x": "ATfNNFuuvlGxrTGoXgyfSAGgRNNDnO3rN3k74urKJdVS14RYhdnSwm91Bm-F1l-T1XKlAY2yRnzG9w1Ukvo8c0wL",
"y": "ASBHqrruB6kdkEUB3vlW3-UIkk4HtKdUeTwN-7m3j2rgZvYR1ffRAapDvWqKGiBjomqWafxokBkbDI0c95f6f4XU",
"d": "AfkIbUHXfW41njdpoKuqqKludcoLJS8D_oMEwkj-GVaXFNKccIoF5iKGu2c69kNDjo83R_7wyGlfRczsklkik1ST"
}
EC public key:
1
2
3
4
5
6{
"kty": "EC",
"crv": "P-521",
"x": "ATfNNFuuvlGxrTGoXgyfSAGgRNNDnO3rN3k74urKJdVS14RYhdnSwm91Bm-F1l-T1XKlAY2yRnzG9w1Ukvo8c0wL",
"y": "ASBHqrruB6kdkEUB3vlW3-UIkk4HtKdUeTwN-7m3j2rgZvYR1ffRAapDvWqKGiBjomqWafxokBkbDI0c95f6f4XU"
}
member attribute
curve
String, returns the elliptic curve name of the current algorithm
1readonly String ECKey.curve;
name
String, returns the current algorithm name
1readonly String ECKey.name;
keySize
Integer, returns the current algorithm password length in bits
1readonly Integer ECKey.keySize;
alg
String, returns and sets the signature algorithm of the current object
1String ECKey.alg;
publicKey
PKey, returns the public key of the current key
1readonly PKey ECKey.publicKey;
return result:
- the public key of the current key
member function
computeSecret
Computes an Elliptic Curve Diffie-Hellman (ECDH) shared secret using the current algorithm
1Buffer ECKey.computeSecret(ECKey publicKey) async;
Call parameters:
- publicKey: ECKey, specify the other party's public key
return result:
- Buffer, returns the computed shared secret
isPrivate
Query whether the current key is a private key
1Boolean ECKey.isPrivate();
return result:
- Boolean, if True means private key
clone
copy current key
1PKey ECKey.clone();
return result:
- PKey, the copy object of the current key
pem
Returns the PEM format encoding of the current key
1String ECKey.pem();
return result:
- String, the PEM format encoding of the current key
der
Returns the DER format encoding of the current key
1Buffer ECKey.der();
return result:
- Buffer, the DER format encoding of the current key
json
Return the jwt format encoding of the current key
1Object ECKey.json(Object opts = {});
Call parameters:
- opts: Object, specifies export options
return result:
- Object, the jwt format encoding of the current key
opts supports the following parameters:
1
2
3{
compress: false, 指定签名以压缩方式输出公钥
}
The curves that support compression are: secp192r1, secp192k1, secp256r1, secp256k1, brainpoolP256r1, secp384r1, brainpoolP384r1, brainpoolP512r1, secp521r1, sm2
equals
Compare whether two public/private keys are the same
1Boolean ECKey.equals(PKey key);
Call parameters:
- key:PKey, specify the other party’s public/private key
return result:
- Boolean, return true if the same
encrypt
Encrypt data using the current algorithm cryptographic public key
1Buffer ECKey.encrypt(Buffer data) async;
Call parameters:
- data:Buffer, specifies the data to be encrypted
return result:
- Buffer, returns the encrypted data
decrypt
Decrypt the data using the current algorithm cryptographic private key
1Buffer ECKey.decrypt(Buffer data) async;
Call parameters:
- data:Buffer, specifies the data to be decrypted
return result:
- Buffer, returns the decrypted data
sign
Sign data using the current algorithm cryptographic private key
1
2Buffer ECKey.sign(Buffer data,
Object opts = {}) async;
Call parameters:
- data:Buffer, specifies the data to be signed
- opts: Object, specifies signature options
return result:
- Buffer, returns the signed data
opts supports the following parameters:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15{
alg: 0, 指定签名的 hash 算法, 仅在 RSA 时有效, 缺省为 0. 支持算法: 0 = NONE,
1 = MD5,
2 = SHA1,
3 = SHA224,
4 = SHA256,
5 = SHA384,
6 = SHA512,
7 = RIPEMD160
to: pk,
指定验证方公钥, 仅在 ecsdsa 或 sm2 时有效
format: "der",
指定签名格式, 可选为 der 和 raw, 缺省为 der
recoverable: false 指定返回可恢复签名, 仅在 secp256k1 有效
}
verify
Verify data using the current algorithm cryptographic public key
1
2
3Boolean ECKey.verify(Buffer data,
Buffer sign,
Object opts = {}) async;
Call parameters:
- data:Buffer, specifying the data to validate
- sign:Buffer, specifying the signature to verify
- opts: Object, specifies the authentication options
return result:
- Boolean, returns the verified result
opts supports the following parameters:
1
2
3
4
5
6
7
8
9
10
11
12
13
14{
alg: 0, 指定签名的 hash 算法, 仅在 RSA 时有效, 缺省为 0. 支持算法: 0 = NONE,
1 = MD5,
2 = SHA1,
3 = SHA224,
4 = SHA256,
5 = SHA384,
6 = SHA512,
7 = RIPEMD160
to: pk,
指定验证方公钥, 仅在 ecsdsa 或 sm2 时有效
format: "der",
指定签名格式, 可选为 der 和 raw, 缺省为 der
}
toString
Return the string representation of the object, generally return "[Native Object]", the object can be reimplemented according to its own characteristics
1String ECKey.toString();
return result:
- String, returns a string representation of the object
toJSON
Returns the JSON format representation of the object, generally returns a collection of readable properties defined by the object
1Value ECKey.toJSON(String key = "");
Call parameters:
- key: String, not used
return result:
- Value, which returns a JSON-serializable value