40 lines
951 B
TypeScript
40 lines
951 B
TypeScript
import * as jose from 'jose';
|
|
|
|
async function generateKeyPair() {
|
|
const { privateKey, publicKey } = await jose.generateKeyPair('RS256', {
|
|
modulusLength: 2048,
|
|
extractable: true,
|
|
});
|
|
|
|
return { privateKey, publicKey };
|
|
}
|
|
|
|
async function createJWKS(publicKey: CryptoKey, kid?: string) {
|
|
const jwk = await jose.exportJWK(publicKey);
|
|
// 添加 kid 字段
|
|
jwk.kid = kid || 'kid-key-1';
|
|
const jwks = {
|
|
keys: [jwk]
|
|
};
|
|
return jwks;
|
|
}
|
|
|
|
type GenerateOpts = {
|
|
kid?: string;
|
|
}
|
|
export const generate = async (opts: GenerateOpts = {}) => {
|
|
const { privateKey, publicKey } = await generateKeyPair();
|
|
const jwks = await createJWKS(publicKey, opts.kid);
|
|
|
|
// 将私钥和 JWKS 保存到文件
|
|
const privateJWK = await jose.exportJWK(privateKey);
|
|
const privatePEM = await jose.exportPKCS8(privateKey);
|
|
const publicPEM = await jose.exportSPKI(publicKey);
|
|
return {
|
|
jwks,
|
|
privateJWK,
|
|
privatePEM,
|
|
publicPEM
|
|
}
|
|
}
|