# Generate ECDSA Key Pair {% hint style="info" %} NOTE: Contact Quadrata via [email](mailto:contact@quadrata.com) to request submission of a new public key. {% endhint %} {% hint style="success" %} You can find examples below describing how to generate a public and private key pair. {% endhint %} {% tabs %} {% tab title="Command Line: OpenSSL" %} Generate an ECDSA DER key pair on the command line using OpenSSL *** 1\) Generate a new private key and output to file as a PEM. ```shell openssl ecparam -name prime256v1 -genkey -noout -out privkey.pem ``` 2\) Using your private key PEM, generate a private key DER and output to file. ```sh openssl pkcs8 -topk8 -inform PEM -outform DER -in privkey.pem -out privkey.der -nocrypt ``` 3\) Using your private key DER, generate a public key DER and output to file. ```sh openssl ec -inform der -in privkey.der -pubout -outform der -out pubkey.der ``` {% hint style="info" %} The keys generated from these commands, stored at `privkey.der` and `pubkey.der` are DER keys and will be in binary format. You will need to convert them to base64. {% endhint %} ```sh $ cat privkey.der | base64 $ cat pubkey.der | base64 ``` {% endtab %} {% tab title="NodeJS: SubtleCrypto" %} Generate an ECDSA key pair with NodeJS ```javascript const buffer = require('buffer'); const crypto = require('crypto'); async function createEcdsaKeyPair() { const keyPair = await crypto.subtle.generateKey( { name: 'ECDSA', namedCurve: 'P-256', }, true, ['sign', 'verify'], ); const publicKey = await crypto.subtle.exportKey('spki', keyPair.publicKey) .then((key) => { const publicKeyDer = String.fromCharCode .apply(null, new Uint8Array(key)); const publicKey = Buffer.from(publicKeyDer, 'binary') .toString('base64'); return publicKey; } ); const privateKey = await crypto.subtle.exportKey('pkcs8', keyPair.privateKey) .then((key) => { const privateKeyDer = String.fromCharCode .apply(null, new Uint8Array(key)); const privateKey = Buffer.from(privateKeyDer, 'binary') .toString('base64'); return privateKey; } ); return { publicKey, privateKey }; } ``` {% endtab %} {% tab title="Python" %} Generate an ECDSA key pair with Python ```python from base64 import b64encode from cryptography.hazmat.backends import default_backend from cryptography.hazmat.primitives import serialization from cryptography.hazmat.primitives.asymmetric import ec def create_key_pair(password=None): private_key = ec.generate_private_key(ec.SECP256R1(), default_backend()) return ( private_key.private_bytes( encoding=serialization.Encoding.DER, format=serialization.PrivateFormat.PKCS8, encryption_algorithm=serialization.BestAvailableEncryption(bytes(password)) if password is not None else serialization.NoEncryption() ), private_key.public_key().public_bytes( encoding=serialization.Encoding.DER, format=serialization.PublicFormat.SubjectPublicKeyInfo, ), ) private_key, public_key = create_key_pair() print(f'private key: {b64encode(private_key).decode()}') print(f'public key: {b64encode(public_key).decode()}') ``` {% endtab %} {% endtabs %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.quadrata.com/integration/how-to-integrate/request-privacy-data/api-requests/how-to-sign-api/generate-ecdsa-key-pair.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.