JavaScript Elliptic curve cryptography library for both browserify and node.
- ECDSA (sign/verify)
- ECDH (key agreement)
- ECIES (encrypt/decrypt)
- secp256k1 curve support
- Compressed and uncompressed public key support
- Works in both Node.js and browsers
- Uses
Uint8Arrayfor all binary data
This library uses @noble/curves for elliptic curve operations, which provides:
- Use Node.js crypto module/library bindings where possible
- Use WebCryptoAPI where possible
- Promise-driven API
- Only secp256k1 curve, only SHA-512 (KDF), HMAC-SHA-256 (HMAC) and AES-256-CBC for ECIES
- Compressed key support
npm install @toruslabs/eccryptoECDSA and ECDH are supported in Chrome only on Windows (see also bug 338883), aren't supported by Firefox (fixed only in 36.0+, see bug 1034854; see also feature matrix) and ECIES is not defined at all in WebCryptoAPI draft. Also WebCryptoAPI currently defines only curves recommended by NIST meaning that secp256k1 (K-256) curve is not supported (see also: [1], [2]).
import * as eccrypto from "@toruslabs/eccrypto";
// Generate a new random 32-byte private key
const privateKey = eccrypto.generatePrivate();
// Get the corresponding public key (65 bytes uncompressed)
const publicKey = eccrypto.getPublic(privateKey);
// Or get compressed public key (33 bytes)
const compressedPublicKey = eccrypto.getPublicCompressed(privateKey);
// Message must be 32 bytes or less (typically a hash)
const msgHash = new Uint8Array(32); // Your message hash here
// Sign the message
const signature = await eccrypto.sign(privateKey, msgHash);
console.log("Signature (DER format):", signature);
// Verify the signature
try {
await eccrypto.verify(publicKey, msgHash, signature);
console.log("Signature is valid");
} catch (e) {
console.log("Signature is invalid");
}import * as eccrypto from "@toruslabs/eccrypto";
const privateKeyA = eccrypto.generatePrivate();
const publicKeyA = eccrypto.getPublic(privateKeyA);
const privateKeyB = eccrypto.generatePrivate();
const publicKeyB = eccrypto.getPublic(privateKeyB);
// Both parties derive the same shared secret
const sharedSecretA = await eccrypto.derive(privateKeyA, publicKeyB);
const sharedSecretB = await eccrypto.derive(privateKeyB, publicKeyA);
// sharedSecretA and sharedSecretB are equal
console.log("Shared secrets match:", sharedSecretA.toString() === sharedSecretB.toString());import * as eccrypto from "@toruslabs/eccrypto";
const privateKeyA = eccrypto.generatePrivate();
const publicKeyA = eccrypto.getPublic(privateKeyA);
const privateKeyB = eccrypto.generatePrivate();
const publicKeyB = eccrypto.getPublic(privateKeyB);
// Encrypt a message for B
const message = new TextEncoder().encode("Hello, World!");
const encrypted = await eccrypto.encrypt(publicKeyB, message);
// B decrypts the message
const decrypted = await eccrypto.decrypt(privateKeyB, encrypted);
console.log("Decrypted:", new TextDecoder().decode(decrypted));Generate a new random 32-byte private key.
Get the 65-byte uncompressed public key from a private key.
Get the 33-byte compressed public key from a private key.
Sign a message (max 32 bytes) with a private key. Returns DER-encoded signature.
Verify a signature. Throws an error if the signature is invalid.
Derive a shared secret using ECDH.
Encrypt a message using ECIES. Returns an object with iv, ephemPublicKey, ciphertext, and mac.
Decrypt an ECIES encrypted message.
eccrypto - JavaScript Elliptic curve cryptography library
Written in 2014-2015 by Kagami Hiiragi kagami@genshiken.org
To the extent possible under law, the author(s) have dedicated all copyright and related and neighboring rights to this software to the public domain worldwide. This software is distributed without any warranty.
You should have received a copy of the CC0 Public Domain Dedication along with this software. If not, see http://creativecommons.org/publicdomain/zero/1.0/.