1. ed25519キーペアを発行・Personとして公開鍵を送受信

2024-02-26 20:49:40 +00:00 · 2024-02-26 20:49:40 +00:00 · 02dfe0a3d5
commit 02dfe0a3d5
parent 0fb7b98f96
13 changed files with 274 additions and 36 deletions
--- a/packages/backend/src/misc/gen-key-pair.ts
+++ b/packages/backend/src/misc/gen-key-pair.ts
@ -8,7 +8,9 @@ import * as util from 'node:util';

 const generateKeyPair = util.promisify(crypto.generateKeyPair);

-export async function genRsaKeyPair(modulusLength = 2048) {
+export const ED25519_SIGN_ALGORITHM = 'sha256';
+
+export async function genRsaKeyPair(modulusLength = 4096) {
 	return await generateKeyPair('rsa', {
 		modulusLength,
 		publicKeyEncoding: {
@ -24,9 +26,8 @@ export async function genRsaKeyPair(modulusLength = 2048) {
 	});
 }

-export async function genEcKeyPair(namedCurve: 'prime256v1' | 'secp384r1' | 'secp521r1' | 'curve25519' = 'prime256v1') {
-	return await generateKeyPair('ec', {
-		namedCurve,
+export async function genEd25519KeyPair() {
+	return await generateKeyPair('ed25519', {
 		publicKeyEncoding: {
 			type: 'spki',
 			format: 'pem',
@ -39,3 +40,17 @@ export async function genEcKeyPair(namedCurve: 'prime256v1' | 'secp384r1' | 'sec
 		},
 	});
 }
+
+export async function genRSAAndEd25519KeyPair(rsaModulusLength = 4096) {
+	const rsa = await genRsaKeyPair(rsaModulusLength);
+	const ed25519 = await genEd25519KeyPair();
+	const ed25519PublicKeySignature = crypto.sign(ED25519_SIGN_ALGORITHM, Buffer.from(ed25519.publicKey), rsa.privateKey).toString('base64');
+	return {
+		publicKey: rsa.publicKey,
+		privateKey: rsa.privateKey,
+		ed25519PublicKey: ed25519.publicKey,
+		ed25519PrivateKey: ed25519.privateKey,
+		ed25519PublicKeySignature,
+		ed25519SignatureAlgorithm: `rsa-${ED25519_SIGN_ALGORITHM}`,
+	};
+}