search

panva / paseto

PASETO (Platform-Agnostic SEcurity TOkens) for Node.js with no dependencies
MIT License
428 stars 26 forks source link

Generating a public paseto key should give the public key attached #10

Closed Gby56 closed 4 years ago

Gby56 commented 4 years ago

Describe the bug Playing around with the library, I discovered the V2.generateKey('public') won't return the public key from the keypair. Unless there is a simple way to re-generate the public key from the private one in Node.js, which I didn't find a simple method for, it would be nice to get an object from the generateKey() function that contains both private and public, keeping it fool-proof from people signing with the public key, but reusable to verify the PASETOs

What do you think ?

To Reproduce const key = await V2.generateKey('public')

Expected behaviour Returns the keypair for ease of use, also Environment:

panva commented 4 years ago

You can call node’s createPublicKey with the private one as argument to get the corresponding public one.