Install the package
$ npm install https://github.com/anvilresearch/keychain.git
Load the module
const KeyChain = require('keychain')
Create a new instance by passing a descriptive object to the KeyChain
constructor. This object can have any naming or nesting scheme, as long as the last nested object contains parameters describing key generation. At a bare minimum, this must include an alg
property with a JWA algorithm name as its value. Currently, RS256
, RS384
, and RS512
are supported.
let keys = new KeyChain({
a: { b: { alg: 'RS256' } },
c: { d: { alg: 'RS256' } },
e: { f: { alg: 'RS256', modulusLength: 2048 } // default is 4096
})
This initialized a KeyChain instance but didn't generate keys. To generate keys
according to the object passed to the keychain, call rotate()
. The rotate()
method returns a promise for the keychain.
keys.rotate()
Once keys have been generated, they can be accessed as CryptoKey or JWK objects, according to the object structure defined by the caller.
Access CryptoKey objects for Web Crypto API operations:
keys.a.b.privateKey
keys.a.b.publicKey
Access JWK objects:
keys.a.b.privateJwk
keys.a.b.publicJwk
Key rotation also generates a JWK Set in object and JSON form:
keys.jwks // JWK Set object
keys.jwkSet // JWK Set JSON string
$ npm test
Copyright (c) 2016 Anvil Research, Inc. Copyright (c) 2017-2019 The Solid Project