Skip to content

Commit

Permalink
feat: add support for curve secp256k1 (ES256K)
Browse files Browse the repository at this point in the history
  • Loading branch information
panva committed Sep 11, 2024
1 parent 84f7f66 commit 1ac4354
Show file tree
Hide file tree
Showing 10 changed files with 30 additions and 3 deletions.
5 changes: 5 additions & 0 deletions lib/oneShotAlgs.js
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,11 @@ module.exports = function(alg, key) {
digest: 'sha256',
key: { key, dsaEncoding: 'ieee-p1363' },
};
case 'ES256K':
return {
digest: 'sha256',
key: { key, dsaEncoding: 'ieee-p1363' },
};
case 'ES384':
return {
digest: 'sha384',
Expand Down
3 changes: 2 additions & 1 deletion lib/validateAsymmetricKey.js
Original file line number Diff line number Diff line change
@@ -1,13 +1,14 @@
const { ASYMMETRIC_KEY_DETAILS_SUPPORTED, RSA_PSS_KEY_DETAILS_SUPPORTED } = require('./flags');

const allowedAlgorithmsForKeys = {
'ec': ['ES256', 'ES384', 'ES512'],
'ec': ['ES256', 'ES256K', 'ES384', 'ES512'],
'rsa': ['RS256', 'PS256', 'RS384', 'PS384', 'RS512', 'PS512'],
'rsa-pss': ['PS256', 'PS384', 'PS512']
};

const allowedCurves = {
ES256: 'prime256v1',
ES256K: 'secp256k1',
ES384: 'secp384r1',
ES512: 'secp521r1',
};
Expand Down
2 changes: 1 addition & 1 deletion sign.js
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ const encodeBase64url = require('./lib/base64url');
const SUPPORTED_ALGS = [
'RS256', 'RS384', 'RS512',
'PS256', 'PS384', 'PS512',
'ES256', 'ES384', 'ES512',
'ES256', 'ES256K', 'ES384', 'ES512',
'HS256', 'HS384', 'HS512',
'none',
];
Expand Down
5 changes: 5 additions & 0 deletions test/jwt.asymmetric_signing.tests.js
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,11 @@ const algorithms = {
pub_key: loadKey('ecdsa-public.pem'),
invalid_pub_key: loadKey('ecdsa-public-invalid.pem')
},
ES256K: {
priv_key: loadKey('secp256k1-private.pem'),
pub_key: loadKey('secp256k1-public.pem'),
invalid_pub_key: loadKey('secp256k1-public-invalid.pem')
},
PS256: {
pub_key: loadKey('pub.pem'),
priv_key: loadKey('priv.pem'),
Expand Down
1 change: 1 addition & 0 deletions test/roundtrip.test.js
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ for (const [alg, opts] of [
["RS256"],
["PS256"],
["ES256"],
["ES256K"],
["ES384"],
["ES512"],
]) {
Expand Down
2 changes: 2 additions & 0 deletions test/schema.tests.js
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ describe('schema', function() {
describe('sign options', function() {
var cert_rsa_priv = fs.readFileSync(__dirname + '/rsa-private.pem');
var cert_ecdsa_priv = fs.readFileSync(__dirname + '/ecdsa-private.pem');
var cert_secp256k1_priv = fs.readFileSync(__dirname + '/secp256k1-private.pem');
var cert_secp384r1_priv = fs.readFileSync(__dirname + '/secp384r1-private.pem');
var cert_secp521r1_priv = fs.readFileSync(__dirname + '/secp521r1-private.pem');

Expand All @@ -26,6 +27,7 @@ describe('schema', function() {
sign({algorithm: 'PS384'}, cert_rsa_priv);
sign({algorithm: 'PS512'}, cert_rsa_priv);
sign({algorithm: 'ES256'}, cert_ecdsa_priv);
sign({algorithm: 'ES256K'}, cert_secp256k1_priv);
sign({algorithm: 'ES384'}, cert_secp384r1_priv);
sign({algorithm: 'ES512'}, cert_secp521r1_priv);
sign({algorithm: 'HS256'}, 'superSecret');
Expand Down
5 changes: 5 additions & 0 deletions test/secp256k1-private.pem
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
-----BEGIN EC PRIVATE KEY-----
MHQCAQEEIFg3x9PMwysC/B5iW1zUFqDUfNbgP77i71jEPhoce0OkoAcGBSuBBAAK
oUQDQgAEUdPp6J0l51augh0A0sB14n2j69er1ZTkhfv+XY3CIU/SFK/BmIt0KfAX
VF2KGowflLSKkySNnfR93uwnf7y1MQ==
-----END EC PRIVATE KEY-----
4 changes: 4 additions & 0 deletions test/secp256k1-public-invalid.pem
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
-----BEGIN PUBLIC KEY-----
MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAE7cjAbx1KnvP+g5lJQba/42ga/NL5rkIC
rmuRulSLZ+X6oRvnxfhgDkQgkoJkNaqXR6vYE42kfbz5BOfIcNfkig==
-----END PUBLIC KEY-----
4 changes: 4 additions & 0 deletions test/secp256k1-public.pem
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
-----BEGIN PUBLIC KEY-----
MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEUdPp6J0l51augh0A0sB14n2j69er1ZTk
hfv+XY3CIU/SFK/BmIt0KfAXVF2KGowflLSKkySNnfR93uwnf7y1MQ==
-----END PUBLIC KEY-----
2 changes: 1 addition & 1 deletion verify.js
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ const validateAsymmetricKey = require('./lib/validateAsymmetricKey');
const crypto = require("crypto");
const oneShotAlgs = require('./lib/oneShotAlgs');

const EC_KEY_ALGS = ['ES256', 'ES384', 'ES512'];
const EC_KEY_ALGS = ['ES256', 'ES256K', 'ES384', 'ES512'];
const RSA_KEY_ALGS = ['RS256', 'RS384', 'RS512', 'PS256', 'PS384', 'PS512'];
const PUB_KEY_ALGS = [].concat(RSA_KEY_ALGS, EC_KEY_ALGS);
const HS_ALGS = ['HS256', 'HS384', 'HS512'];
Expand Down

0 comments on commit 1ac4354

Please sign in to comment.