WebBuf WebBuf
Docs

Elliptic curve

@webbuf/p256

Rust/wasm optimized P-256 (NIST) ECDSA and Diffie-Hellman

Install 

npm install @webbuf/p256

Usage 

import {
  p256PublicKeyCreate,
  p256PrivateKeyVerify,
  p256PublicKeyVerify,
} from "@webbuf/p256";
import { FixedBuf } from "@webbuf/fixedbuf";

// Generate random private key
const privKey = FixedBuf.fromRandom<32>(32);

// Verify private key is valid
p256PrivateKeyVerify(privKey); // true

// Derive public key (compressed, 33 bytes)
const pubKey = p256PublicKeyCreate(privKey);

// Verify public key
p256PublicKeyVerify(pubKey); // true

API reference (16 exports)

Functions

p256PrivateKeyAdd

function 
p256PrivateKeyAdd(privKey1: FixedBuf<32>, privKey2: FixedBuf<32>): FixedBuf<32>

p256PrivateKeyToJwk

function

Convert a raw 32-byte P-256 private key scalar to a JsonWebKey, ready to pass to `crypto.subtle.importKey("jwk", jwk, ...)`. Internally derives the associated public key (Web Crypto requires `x` and `y` alongside `d`).

p256PrivateKeyToJwk(privateKey: FixedBuf<32>): P256PrivateKeyJwk

p256PrivateKeyVerify

function 
p256PrivateKeyVerify(privateKey: FixedBuf<32>): boolean

p256PublicKeyAdd

function 
p256PublicKeyAdd(publicKey1: FixedBuf<33>, publicKey2: FixedBuf<33>): FixedBuf<33>

p256PublicKeyCompress

function

Compress a 65-byte SEC1 uncompressed P-256 public key into its 33-byte compressed form. Throws if the point is not on the curve.

p256PublicKeyCompress(uncompressed: FixedBuf<65>): FixedBuf<33>

p256PublicKeyCreate

function 
p256PublicKeyCreate(privateKey: FixedBuf<32>): FixedBuf<33>

p256PublicKeyDecompress

function

Decompress a 33-byte SEC1 compressed P-256 public key into its 65-byte uncompressed form (`0x04 || X || Y`). Useful for `crypto.subtle.importKey("raw", ...)`.

p256PublicKeyDecompress(compressed: FixedBuf<33>): FixedBuf<65>

p256PublicKeyFromJwk

function

Reconstruct a compressed 33-byte P-256 public key from a JsonWebKey's `x` and `y` coordinates. Validates that the point is on the curve.

p256PublicKeyFromJwk(jwk: { x: string; y: string; }): FixedBuf<33>

p256PublicKeyToJwk

function

Convert a compressed P-256 public key to a JsonWebKey, ready to pass to `crypto.subtle.importKey("jwk", jwk, ...)`.

p256PublicKeyToJwk(compressed: FixedBuf<33>): P256PublicKeyJwk

p256PublicKeyVerify

function 
p256PublicKeyVerify(publicKey: FixedBuf<33>): boolean

p256SharedSecret

function 
p256SharedSecret(privateKey: FixedBuf<32>, publicKey: FixedBuf<33>): FixedBuf<33>

p256SharedSecretRaw

function

P-256 ECDH shared secret as the raw 32-byte X-coordinate. This is the SEC1 X9.63 "Z" value used as input to a KDF in NIST SP 800-56A §5.7.1.2 and the IETF hybrid KEM combiners. Equivalent to `p256SharedSecret` with the SEC1 prefix byte stripped — the prefix is deterministic given the X-coordinate, so removing it loses no entropy. Use this when feeding the ECDH output into an HKDF-based key schedule.

p256SharedSecretRaw(privateKey: FixedBuf<32>, publicKey: FixedBuf<33>): FixedBuf<32>

p256Sign

function 
p256Sign(digest: FixedBuf<32>, privateKey: FixedBuf<32>, k: FixedBuf<32>): FixedBuf<64>

p256Verify

function 
p256Verify(signature: FixedBuf<64>, digest: FixedBuf<32>, publicKey: FixedBuf<33>): boolean

Interfaces

P256PrivateKeyJwk

interface

JWK representation of a P-256 private key, suitable for `crypto.subtle.importKey("jwk", jwk, ...)`. Includes the public key coordinates (`x`, `y`) as required by Web Crypto.

d: string
kty: "EC"
crv: "P-256"
x: string
y: string

P256PublicKeyJwk

interface

JWK representation of a P-256 public key, suitable for `crypto.subtle.importKey("jwk", jwk, ...)`.

kty: "EC"
crv: "P-256"
x: string
y: string