Skip to content
This repository was archived by the owner on Mar 8, 2024. It is now read-only.

Commit fd888e0

Browse files
nhartnernhartner
authored
Merge pull request #3 from payid-org/default-P256-with-ES256
Change key curve and algorithm for generated keys
2 parents 8cad244 + c53b527 commit fd888e0

File tree

3 files changed

+42
-2
lines changed

3 files changed

+42
-2
lines changed

src/commands/key-generate.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ export default class GenerateIdentityKeyCommand extends Command {
1212
* @override
1313
*/
1414
protected async action(): Promise<void> {
15-
const key = await JWK.generate('EC', 'secp256k1')
15+
const key = await JWK.generate('EC', 'P-256')
1616
const pem = key.toPEM(true)
1717
try {
1818
const filename = await writeFile('./identity-key.pem', pem)

src/commands/payid-sign.ts

Lines changed: 22 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,10 @@
11
import {
22
convertToVerifiedAddress,
33
signWithKeys,
4-
getDefaultAlgorithm,
54
IdentityKeySigningParams,
65
toKey,
76
} from '@payid-org/utils'
7+
import { JWKECKey, JWKOctKey, JWKOKPKey, JWKRSAKey } from 'jose'
88

99
import Command from './Command'
1010

@@ -69,3 +69,24 @@ export default class SignPayIdCommand extends Command {
6969
)
7070
}
7171
}
72+
73+
/**
74+
* Returns the default algorithm to use to sign with the given jwk.
75+
*
76+
* @param jwk - The key being used to sign.
77+
* @returns The default algorithm.
78+
*/
79+
export function getDefaultAlgorithm(
80+
jwk: JWKRSAKey | JWKECKey | JWKOctKey | JWKOKPKey,
81+
): string {
82+
if (jwk.kty === 'EC') {
83+
return 'ES256'
84+
}
85+
if (jwk.kty === 'oct') {
86+
return 'HS512'
87+
}
88+
if (jwk.kty === 'OKP') {
89+
return 'EdDSA'
90+
}
91+
return 'RS512'
92+
}

test/unit/getDefaultAlgorithm.test.ts

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,19 @@
1+
import 'mocha'
2+
import { assert } from 'chai'
3+
import { JWK } from 'jose'
4+
5+
import { getDefaultAlgorithm } from '../../src/commands/payid-sign'
6+
7+
describe('when getDefaultAlgorithm()', function (): void {
8+
it('given an EC key then returns ES256', async function (): Promise<void> {
9+
const key = await JWK.generate('EC')
10+
const algorithm = getDefaultAlgorithm(key.toJWK())
11+
assert.equal(algorithm, 'ES256')
12+
})
13+
14+
it('given an RSA key then returns RS512', async function (): Promise<void> {
15+
const key = await JWK.generate('RSA')
16+
const algorithm = getDefaultAlgorithm(key.toJWK())
17+
assert.equal(algorithm, 'RS512')
18+
})
19+
})

0 commit comments

Comments
 (0)