change to curve P-256 and algorithm ES256 for generated keys

Author: nhartner

src/commands/key-generate.ts

@@ -12,7 +12,7 @@ export default class GenerateIdentityKeyCommand extends Command {
    * @override
    */
   protected async action(): Promise<void> {
-    const key = await JWK.generate('EC', 'secp256k1')
+    const key = await JWK.generate('EC', 'P-256')
     const pem = key.toPEM(true)
     try {
       const filename = await writeFile('./identity-key.pem', pem)

src/commands/payid-sign.ts

@@ -1,10 +1,10 @@
 import {
   convertToVerifiedAddress,
   signWithKeys,
-  getDefaultAlgorithm,
   IdentityKeySigningParams,
   toKey,
 } from '@payid-org/utils'
+import { JWKECKey, JWKOctKey, JWKOKPKey, JWKRSAKey } from 'jose'
 
 import Command from './Command'
 
@@ -69,3 +69,18 @@ export default class SignPayIdCommand extends Command {
     )
   }
 }
+
+export function getDefaultAlgorithm(
+  jwk: JWKRSAKey | JWKECKey | JWKOctKey | JWKOKPKey,
+): string {
+  if (jwk.kty === 'EC') {
+    return 'ES256'
+  }
+  if (jwk.kty === 'oct') {
+    return 'HS512'
+  }
+  if (jwk.kty === 'OKP') {
+    return 'EdDSA'
+  }
+  return 'RS512'
+}

test/unit/getDefaultAlgorithm.test.ts

@@ -0,0 +1,19 @@
+import 'mocha'
+import { assert } from 'chai'
+import { JWK } from 'jose'
+
+import { getDefaultAlgorithm } from '../../src/commands/payid-sign'
+
+describe('when getDefaultAlgorithm()', function (): void {
+  it('given an EC key then returns ES256', async function (): Promise<void> {
+    const key = await JWK.generate('EC')
+    const algorithm = getDefaultAlgorithm(key.toJWK())
+    assert.equal(algorithm, 'ES256')
+  })
+
+  it('given an RSA key then returns RS512', async function (): Promise<void> {
+    const key = await JWK.generate('RSA')
+    const algorithm = getDefaultAlgorithm(key.toJWK())
+    assert.equal(algorithm, 'RS512')
+  })
+})