Generate Key Pair Overview
We are using elliptic curve cryptography (ECC) for our encryption. The key pair should be generated using P-256
curve. Ensure the generated key pair is in PEM
format.
The public key should be encoded in SPKI
format, and the private key should be encoded in PKCS#8
format.
Public Key Format
Private Key Format
Example Implementation
Here's the example of generating key pair in Typescript.
Copy import crypto from "crypto" ;
interface PublicKeyJWKS {
x : string ;
y : string ;
kid : string ;
}
function generateKeyPair () {
const keypair = crypto .generateKeyPairSync ( "ec" , {
namedCurve : "prime256v1" ,
publicKeyEncoding : { type : "spki" , format : "pem" } ,
privateKeyEncoding : { type : "pkcs8" , format : "pem" } ,
});
const lines : string [] = keypair . publicKey .trim () .split ( "\n" );
const x = lines[ 1 ];
const y = lines[ 2 ];
const kid = "kid-for-your-key-pair" ;
const publicKeyJWKS : PublicKeyJWKS = {
x ,
y ,
kid ,
};
const privateKey : string = keypair .privateKey;
console .log ({ publicKeyJWKS , privateKey });
...
}
Output Example
After this section you should have a key pair consisting of :
Ideally, the issuer & verifier should have different key pairs.
Make sure you have both them before proceeding to the next section.
Here's the example for publicKeyJWKS
and privateKey
.
Copy {
publicKeyJWKS : {
x : 'MFkwEwYHKoZIzj 0 CAQYIKoZIzj 0 DAQcDQgAELOmrNI 4 A 9 ML 4 iGJXpYlaZiYGVCxB' ,
y : 'k+evjhOZEbCLj 17 o/ZdfEv 7 dUZIRKRoZ 1 bud 5 Gq 8 OCItDlXkTyMrtWrhdA==' ,
kid : 'q 6 ZFSOJcTiZWJWkvUshpFw 5 v 20 xstZN/T 4 lt 4 zpKsUg='
} ,
privateKey : '-----BEGIN PRIVATE KEY-----\n' +
'MIGHAgEAMBMGByqGSM 49 AgEGCCqGSM 49 AwEHBG 0 wawIBAQQgrSuv 5 exgvZGmELOL\n' +
'RkT 9 fhhRxKW 3 SQASrTVbENIN 5 cKhRANCAAQs 6 as 0 jgD 0 wviIYleliVpmJgZULEGT\n' +
' 56 +OE 5 kRsIuPXuj 9 l 18 S/t 1 RkhEpGhnVu 53 karw 4 Ii 0 OVeRPIyu 1 auF 0 \n' +
'-----END PRIVATE KEY-----\n'
}