@0xpass/key-signer
v2.0.1
Published
The KeySigner library is designed to simplify cryptographic operations involving the generation of digital signatures and the verification of those signatures. Built on top of Node.js's native `crypto` module, it abstracts away some of the complexities in
Downloads
48
Readme
KeySigner Library
The KeySigner library is designed to simplify cryptographic operations involving the generation of digital signatures and the verification of those signatures. Built on top of Node.js's native crypto
module, it abstracts away some of the complexities involved in handling keys and performing cryptographic signing and verification.
Installation
npm install @0xpass/key-signer
or
pnpm install @0xpass/key-signer
Usage
Initializing KeySigner
To create a new instance of KeySigner
, you need to provide the private key. The private key can be supplied either as a path to a DER-encoded file in PKCS#8 format or as a base64-encoded string. This key can be generated using the openssl
command-line tool, or the passport-scope cli passport-scope-cli
package.
import { KeySigner } from "./path/to/keysigner";
// Using a file path
const signer = new KeySigner("/path/to/private_key.der");
// Using a base64-encoded string
const signerBase64 = new KeySigner("base64PrivateKeyString", true);
Creating a Signature
To sign data, use the createSignature
method with the data you wish to sign as a string. This method returns the signature in a base64-encoded format.
const signature = signer.createSignature("data to be signed");
console.log(signature);
Creating a Signature Header
To create an HTTP header containing the signature, use the createSignatureHeader
method. This can be useful for authenticated requests. This can be used for generating and formatting the correct headers for authentication requests to passport.
const { signatureHeaderName, signatureHeaderValue } =
await signer.createSignatureHeader("data to be signed");
console.log(signatureHeaderName, signatureHeaderValue);
Verifying a Signature
To verify a signature, use the verifySignature static method, providing the original data, the signature to verify, and the public key. The public key can be supplied either as a path to a DER-encoded file in SPKI format or as a base64-encoded string.
const isVerified = KeySigner.verifySignature(
"data to be signed",
signature,
"/path/to/public_key.der"
);
console.log(isVerified); // true or false