New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →

Book a Demo Sign in

ec-sign

Package Overview

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

ec-sign

ECDSA cryptographic signature library for JavaScript

latest

Source

npm

Version: 0.1.1

Version published: 2 years ago

Maintainers: 1

Created: 2 years ago

Source

ec-sign-js

ECDSA cryptographic signature library for JavaScript.

Elliptic Curve	Hash Algorithm
P-256(Default)	SHA256(Default)
P-384	SHA384
secp256k1	SHA256

Requirements

Node.js 18 or higher

How to install

npm i ec-sign

How to use library

Generate keypair

const sign = require('ec-sign')

// Synchronous
const keypair = sign.SignUtils.generateKeyPairSync('secp224r1');

// Asynchronous
const keypair = await sign.SignUtils.generateKeyPair('secp224r1');

Converts public key to PEM

const pubPem = sign.SignUtils.toPem(keypair.publicKey);

console.info(pubPem);
// -----BEGIN PUBLIC KEY-----
// MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEm1eVSAq73aR2Oo8L8rvDzBU214+uhgIj
// MkiasZgxKDJtMbGosVVCPd8drgkr3NrZ1Eqhrf0mveProOsJdaF5Ag==
// -----END PUBLIC KEY-----

Converts private key to PEM

const priPem = sign.SignUtils.toPem(keypair.privateKey);

console.info(priPem);
// -----BEGIN PRIVATE KEY-----
// MIGEAgEAMBAGByqGSM49AgEGBSuBBAAKBG0wawIBAQQgH4RMksnOnI68DAm0PzqQ
// rtS1oznTSsb/pVDQLNPguqShRANCAASbV5VICrvdpHY6jwvyu8PMFTbXj66GAiMy
// SJqxmDEoMm0xsaixVUI93x2uCSvc2tnUSqGt/Sa94+ug6wl1oXkC
// -----END PRIVATE KEY-----

Sign with data and private key

const signer = new sign.Signer(priPem);
const result = signer.sign("hello, message");

console.info(result.timestamp);
// 1688895463045

console.info(result.signature);
// MEYCIQCeYobZ2BIoL7jCV4eGYrT/yXGtNLhEFY2MchsIDGCsywIhAMwak6nBiHgJsNfuY2zSdcX235Xy7Ucj2bGMvFh/xdTy

Verify signature with data, timestamp and public key

const verifier = new sign.Verifier(pubPem);
const valid = verifier.verify("hello, message", result.timestamp, result.signature.toString());

console.info(`signature was verified: ${valid}`);
// signature was verified: true

How to build from source

prerequisites

node.js, npm, git need to be installed.

git clone https://github.com/rising3/ec-sign-js.git
cd ec-sign-js
npm i
npm run test
npm run build

License

Apache 2.0

Keywords

ecdsa

signature

verification

FAQs

What is ec-sign?

Is ec-sign well maintained?

Package last updated on 27 May 2024

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

ec-sign

ec-sign-js

Requirements

How to install

How to use library

Generate keypair

Converts public key to PEM

Converts private key to PEM

Sign with data and private key

Verify signature with data, timestamp and public key

How to build from source

prerequisites

License

Keywords

Related posts

TeamPCP Compromises Telnyx Python SDK to Deliver Credential-Stealing Malware

TeamPCP Partners With Ransomware Group Vect to Target Open Source Supply Chains