(Node.js) Create a JWS Using ECDSA P-521 SHA-512

Creates and verifies a JSON Web Signature (JWS) that uses ECDSA P-521 SHA-512

Note: This example requires Chilkat v9.5.0.66 or greater.

Install Chilkat for Node.js and Electron using npm at Chilkat npm packages for Node.js Chilkat npm packages for Electron on Windows, Linux, MacOSX, and ARM

var os = require('os');
if (os.platform() == 'win32') {  
    if (os.arch() == 'ia32') {
        var chilkat = require('@chilkat/ck-node21-win-ia32');
    } else {
        var chilkat = require('@chilkat/ck-node21-win64'); 
    }
} else if (os.platform() == 'linux') {
    if (os.arch() == 'arm') {
        var chilkat = require('@chilkat/ck-node21-arm');
    } else if (os.arch() == 'x86') {
        var chilkat = require('@chilkat/ck-node21-linux32');
    } else {
        var chilkat = require('@chilkat/ck-node21-linux64');
    }
} else if (os.platform() == 'darwin') {
    if (os.arch() == 'arm64') {
        var chilkat = require('@chilkat/ck-node21-mac-m1');
    } else {
        var chilkat = require('@chilkat/ck-node21-macosx');
    }
}

function chilkatExample() {

    // This requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // Note: This example requires Chilkat v9.5.0.66 or greater.

    // Use the following ECC key loaded from JWK format.
    var sbJwk = new chilkat.StringBuilder();
    sbJwk.Append("{\"kty\":\"EC\",");
    sbJwk.Append("\"crv\":\"P-521\",");
    sbJwk.Append("\"x\":\"AekpBQ8ST8a8VcfVOTNl353vSrDCLLJXmPk06wTjxrrjcBpXp5EOnYG_NjFZ6OvLFV1jSfS9tsz4qUxcWceqwQGk\",");
    sbJwk.Append("\"y\":\"ADSmRA43Z1DSNx_RvcLI87cdL07l6jQyyBXMoxVg_l2Th-x3S1WDhjDly79ajL4Kkd0AZMaZmh9ubmf63e3kyMj2\",");
    sbJwk.Append("\"d\":\"AY5pb7A0UFiB3RELSD64fTLOSV_jazdF7fLYyuTw8lOfRhWg6Y6rUrPAxerEzgdRhajnu0ferB0d53vM9mE15j2C\"");
    sbJwk.Append("}");

    var eccKey = new chilkat.PrivateKey();
    // Note: This example loads the ECDSA key from JWK format.  Any format can be loaded
    // into the private key object. (See the online reference documentation..)
    var success = eccKey.LoadJwk(sbJwk.GetAsString());
    if (success !== true) {
        console.log(eccKey.LastErrorText);
        return;
    }

    // Create the JWS Protected Header
    var jwsProtHdr = new chilkat.JsonObject();
    jwsProtHdr.AppendString("alg","ES512");

    var jws = new chilkat.Jws();

    // Set the protected header:
    var signatureIndex = 0;
    jws.SetProtectedHeader(signatureIndex,jwsProtHdr);

    // Set the ECC key:
    jws.SetPrivateKey(signatureIndex,eccKey);

    // Set the payload.
    var bIncludeBom = false;
    var payloadStr = "In our village, folks say God crumbles up the old moon into stars.";
    jws.SetPayload(payloadStr,"utf-8",bIncludeBom);

    // Create the JWS
    // By default, the compact serialization is used.
    var jwsCompact = jws.CreateJws();
    if (jws.LastMethodSuccess !== true) {
        console.log(jws.LastErrorText);
        return;
    }

    console.log("JWS: " + jwsCompact);

    // Note: ECC signatures use random values, so the output will be different each time a signature is produced.
    // sample output:
    // JWS: eyJhbGciOiJFUzUxMiJ9.SW4gb3VyIHZpbGxhZ2UsIGZvbGtzIHNheSBHb2QgY3J1bWJsZXMgdXAgdGhlIG9sZCBtb29uIGludG8gc3RhcnMu.AFOnOtZ8UTp-ed1PfLfXxwGU7zT_jnmGGxew-d1CP6SfKa5RUhav5mF4szhSof22JaoQ742VIa0eZ0s1rhBnj8y6APr6g6vKzIpYZlJsnjzjUwAjDQOLmcsjxrrRfATh-NEv7G0Z9FrjdJasS44tCG2EnG6aT2TW-sPG0dy5o9jUWCzi

    // Now load the JWS, validate, and recover the original text.
    var jws2 = new chilkat.Jws();

    // Load the JWS.
    success = jws2.LoadJws(jwsCompact);

    // eccPubKey: PublicKey
    var eccPubKey = eccKey.GetPublicKey();

    // Set the ECC public key used for validation.
    signatureIndex = 0;
    jws2.SetPublicKey(signatureIndex,eccPubKey);

    // Validate the 1st (and only) signature at index 0..
    var v = jws2.Validate(signatureIndex);
    if (v < 0) {
        // Perhaps Chilkat was not unlocked or the trial expired..
        console.log("Method call failed for some other reason.");
        console.log(jws2.LastErrorText);
        return;
    }

    if (v == 0) {
        console.log("Invalid signature.  The ECC key was incorrect, the JWS was invalid, or both.");
        return;
    }

    // If we get here, the signature was validated..
    console.log("Signature validated.");

    // Recover the original content:
    console.log(jws2.GetPayload("utf-8"));

    // Examine the protected header:
    // joseHeader: JsonObject
    var joseHeader = jws2.GetProtectedHeader(signatureIndex);
    if (jws2.LastMethodSuccess !== true) {
        console.log("No protected header found at the given index.");
        return;
    }

    joseHeader.EmitCompact = false;

    console.log("Protected (JOSE) header:");
    console.log(joseHeader.Emit());

    // Output:
    // 	Signature validated.
    // 	In our village, folks say God crumbles up the old moon into stars.
    // 	Protected (JOSE) header:
    // 	{
    // 	  "alg": "ES512"
    // 	}

}

chilkatExample();