Derives the public key in JWK format from a given private key.
The parameters for the public key derivation.
A Promise that resolves to the derived public key in JWK format.
This method takes a private key in JWK format and derives its corresponding public key, also in JWK format. The process ensures that the derived public key correctly corresponds to the given private key.
const ecdsa = new EcdsaAlgorithm();
const privateKey = { ... }; // A Jwk object representing a private key
const publicKey = await ecdsa.computePublicKey({ key: privateKey });
Generates a new private key with the specified algorithm in JSON Web Key (JWK) format.
The parameters for key generation.
A Promise that resolves to the generated private key in JWK format.
const ecdsa = new EcdsaAlgorithm();
const privateKey = await ecdsa.generateKey({ algorithm: 'ES256K' });
Retrieves the public key properties from a given private key in JWK format.
The parameters for retrieving the public key properties.
A Promise that resolves to the public key in JWK format.
This method extracts the public key portion from an ECDSA private key in JWK format. It does so by removing the private key property 'd' and making a shallow copy, effectively yielding the public key.
Note: This method offers a significant performance advantage, being about 200 times faster
than computePublicKey(). However, it does not mathematically validate the private key, nor
does it derive the public key from the private key. It simply extracts existing public key
properties from the private key object. This makes it suitable for scenarios where speed is
critical and the private key's integrity is already assured.
const ecdsa = new EcdsaAlgorithm();
const privateKey = { ... }; // A Jwk object representing a private key
const publicKey = await ecdsa.getPublicKey({ key: privateKey });
Generates an ECDSA signature of given data using a private key.
The parameters for the signing operation.
A Promise resolving to the digital signature as a Uint8Array.
This method uses the signature algorithm determined by the given algorithm to sign the
provided data.
The signature can later be verified by parties with access to the corresponding public key, ensuring that the data has not been tampered with and was indeed signed by the holder of the private key.
const ecdsa = new EcdsaAlgorithm();
const data = new TextEncoder().encode('Message');
const privateKey = { ... }; // A Jwk object representing a private key
const signature = await ecdsa.sign({
key: privateKey,
data
});
Verifies an ECDSA signature associated with the provided data using the provided key.
The parameters for the verification operation.
A Promise resolving to a boolean indicating whether the signature is valid.
This method uses the signature algorithm determined by the crv property of the provided key
to check the validity of a digital signature against the original data. It confirms whether the
signature was created by the holder of the corresponding private key and that the data has not
been tampered with.
s
const ecdsa = new EcdsaAlgorithm();
const publicKey = { ... }; // Public key in JWK format corresponding to the private key that signed the data
const signature = new Uint8Array([...]); // Signature to verify
const data = new TextEncoder().encode('Message');
const isValid = await ecdsa.verify({
key: publicKey,
signature,
data
});
The
EcdsaAlgorithmclass provides a concrete implementation for cryptographic operations using the Elliptic Curve Digital Signature Algorithm (ECDSA). This class implements bothSignerandAsymmetricKeyGeneratorinterfaces, providing private key generation, public key derivation, and creation/verification of signatures.This class is typically accessed through implementations that extend the
CryptoApiinterface.