Adding generateSignignKey function

apps/policy-engine/src/app/core/signing.service.ts

@@ -0,0 +1,38 @@
+import { toHex } from '@narval/policy-engine-shared'
+import { Alg } from '@narval/signature'
+import { Injectable } from '@nestjs/common'
+import { secp256k1 } from '@noble/curves/secp256k1'
+import { EncryptionService } from '../../encryption/core/encryption.service'
+
+// Optional additional configs, such as for MPC-based DKG.
+type KeyGenerationOptions = {
+  keyId: string
+}
+
+type KeyGenerationResponse = {
+  publicKey: string
+  encryptedPrivateKey?: string
+  keyId?: string
+}
+
+@Injectable()
+export class SigningService {
+  constructor(private encryptionService: EncryptionService) {}
+
+  async generateSigningKey(alg: Alg, options?: KeyGenerationOptions): Promise<KeyGenerationResponse> {
+    if (alg === Alg.ES256K) {
+      const privateKey = toHex(secp256k1.utils.randomPrivateKey())
+      const publicKey = toHex(secp256k1.getPublicKey(privateKey.slice(2), false))
+
+      const encryptedPrivateKey = await this.encryptionService.encrypt(privateKey)
+      const encryptedPrivateKeyHex = toHex(encryptedPrivateKey)
+
+      return {
+        publicKey,
+        encryptedPrivateKey: encryptedPrivateKeyHex
+      }
+    }
+
+    throw new Error('Unsupported algorithm')
+  }
+}

package.json

@@ -82,6 +82,7 @@
     "@nestjs/core": "^10.3.0",
     "@nestjs/platform-express": "^10.3.3",
     "@nestjs/swagger": "^7.2.0",
+    "@noble/curves": "1.3.0",
     "@open-policy-agent/opa-wasm": "^1.8.0",
     "@prisma/client": "^5.7.1",
     "axios": "^1.6.7",