Support for ES256K signer/verifier in @sd-jwt/crypto-nodejs

[rober12]

Hi,

I’m currently working with the @sd-jwt/crypto-nodejs package and using the helper pattern for signer/verifier like this:

import { ES256 } from "@sd-jwt/crypto-nodejs";

export const createSignerVerifier = async () => {
  const { privateKey, publicKey } = await ES256.generateKeyPair();
  return {
    signer: await ES256.getSigner(privateKey),
    verifier: await ES256.getVerifier(publicKey),
  };
};

This works fine for ES256 (P-256), but I’d like to use ES256K (secp256k1) for signing and verifying SD-JWTs. I know this question is a bit unusual, but I’d like to know if it’s possible.

So, my question is:

Is there a way to create a signer and verifier instance with ES256K in the same way as with ES256?

If not, is ES256K support planned (since it is widely used in blockchain/Ethereum ecosystems)?

Would extending the current API with ES256K.generateKeyPair(), ES256K.getSigner(), and ES256K.getVerifier() be the recommended approach?

Thanks in advance for clarifying whether this is currently supported or if it’s something we should implement manually.

[cre8]

Hi @rober12 ,

the library is following the principle "bring your own crypto". Which means you are able to implement any algorithm that you want to, also ES256k. We only implemented ES256 to have at least one implementation that can be used out of the box and works with the native nodejs crypto api or web crypto (so without any external package).

But this seems not to be the case for ES256K so I would say we will not add to the library as a native implementation. But as said you can write your or signer and verifier logic like seen here

[rober12]

Hi @cre8 ,

Thank you very much for your explanation. I’ve set it up on my side and managed to get it working with the ES256K algorithm successfully. I really appreciate the guidance and the flexibility of the library that allowed me to implement my own signer and verifier logic.

Best regards,