Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/menduz/ecc-auth

Use secp256k1 to authenticate http requests
https://github.com/menduz/ecc-auth

ephemeral-keys express secp256k1

Last synced: about 1 month ago
JSON representation

Use secp256k1 to authenticate http requests

Host: GitHub
URL: https://github.com/menduz/ecc-auth
Owner: menduz
Created: 2020-07-28T22:25:06.000Z (over 4 years ago)
Default Branch: master
Last Pushed: 2024-10-11T18:40:56.000Z (3 months ago)
Last Synced: 2024-10-16T21:30:42.011Z (3 months ago)
Topics: ephemeral-keys, express, secp256k1
Language: TypeScript
Homepage:
Size: 19.5 KB
Stars: 0
Watchers: 3
Forks: 0
Open Issues: 1
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

        # ecc-auth

What is this?

* A library that normalizes the crypto API for browser and Node.js

* A library to sign fetch requests using `secp256k1`

* A middleware to validate those signatures from `express`

* Uses the native `crypto` in the browser and the built in Node.js package

### Install

```bash

npm install --save ecc-auth

```

### Usage to authenticate requests

#### Browser

```ts

import * as ecc from "ecc-auth/browser";

import { ApiClient } from "ecc-auth/api-client";

// generate ephemeral keys

const keys = ecc.generateKeyPair();

// create client instance

const client = new ApiClient("https://my-service.menduz.com", keys, ecc);

// send signed request

await client.fetch("/me");

```

#### Node.js (express)

```ts

import { requireSignature, getContext } from "ecc-auth/middleware";

const publicKeyWhitelist = new Set();

function authenticatePublicKey(request, response, next) {

  const ctx = getContext(request);

  if (publicKeyWhitelist.has(ctx.publicKey)) {

    next();

  } else {

    next("Unauthorized");

  }

}

app.get("/me", requireSignature(), authorizePublicKey, function (req, res) {

  res.send("Hi there!");

});

```

### Usage of the plain ECC functions

```ts

// from Node.js

import * as ecc from "ecc-auth/node";

// from Browser

import * as ecc from "ecc-auth/browser";

// generate keys

const keys = ecc.generateKeyPair();

const payload = toHex("Hi there!");

// sign payload

const sig = await signUint8Array(payload, keys.privateKey);

// validate signature

assert(

  true == (await isSignatureValid(sig.signature, payload, keys.publicKey))

);

```

### Exposed interface

```ts

// both 'ecc-auth/browser' and 'ecc-auth/node' modules expose the same interface

function isSignatureValid(

  signature: Uint8Array,

  message: Uint8Array,

  publicKey: Uint8Array

): Promise;

function isSignatureValidHex(

  signatureHex: string,

  messageHex: string,

  publicKeyHex: string

): Promise;

function validateRequestSignature(

  signatureHex: string,

  method: string,

  path: string,

  timestamp: string,

  body: string | Uint8Array | void,

  publicKeyHex: string

): Promise;

function generateKeyPair(): Keys;

function getRequestSignature(

  method: string,

  path: string,

  timestamp: string,

  body: string | Uint8Array | void,

  privatekey: Uint8Array

): Promise;

function fromHex(hexString: string): Uint8Array;

function toHex(bytes: Uint8Array): string;

function signString(message: string, key: Uint8Array): Promise;

function signUint8Array(

  msgUint8: Uint8Array,

  key: Uint8Array

): Promise;

function sha256string(message: string): Promise;

function sha256(msgUint8: Uint8Array): Promise;

```