This repository contains utility scripts to generate and verify JSON Web Tokens (JWT) using RSA keys.
generateJWT.js: Generates a JWT using a given payload and a private RSA key.verifyJWT.js: Verifies the validity of a JWT using a public RSA key.createKey.js: Creates V3 keystore key file for use in EthSigner
- Node.js and npm installed
- Install the required npm packages:
npm install- Generate the private and public RSA keys:
openssl genrsa -out privateRSAKey.pem 2048
openssl rsa -pubout -in privateRSAKey.pem -pubout -out publicRSAKey.pem- Modify the payload in
generateJWT.jsas needed. - Run the script:
node generateJWT.jsThe generated JWT will be saved to generatedToken.txt and also printed to the console.
- Ensure you have a JWT in
generatedToken.txt(or modify the script to point to the correct file). - Run the script:
node verifyJWT.jsThe script will verify the JWT using the public key. If the JWT is valid, the decoded payload will be printed to the console. If the JWT is invalid or has been tampered with, an error message will be displayed.
- Create a text file containing the password for the V3 keystore key file to be created (for example,
passwordFile.txt). - Modify the
<AccountPrivateKey>with the private key of the wallet and<Password>with the password you just saved insidepasswordFile.txt - Modify the JSON-RPC endpoint as needed.
- Run the script:
node createKey.jsNote: I used these scripts for a project and the day I finished I found out the EthSigner is no longer in development and is being replaced by Web3Signer. Also you should not use V3 keystore key files in production, this was ONLY for run a local development test, both EthSigner and Web3Signer have options to store keys externally in Azure and HashCorp Vault.