Bitgo签名私钥和公钥

是的，nodejscrypto采用OpenSSL或JWK定义的几种PEM和DER格式，这些格式不包括比特币HD (BIP32)格式(也不包括WIF等经典比特币格式)。您需要首先从HD格式中提取实际的原始密钥部分(私有乘法器和公共点)，类似于如何验证Python的trezor钱包所做的签名，然后构建nodejs/OpenSSL所需的SEC1(或PKCS8，但SEC1更容易)和SPKI (X.509/PKIX)格式，前者几乎与如何将ECDSA密钥转换为PEM格式相同。(一般来说，JWK更容易构建，但这里的比特币格式不包含这样做所需的信息。)

调整和组合代码(如果你想分开进行签名和验证，通常人们会这样做):

const crypto = require('crypto');
const b58 = require('bs58check');
const prv = 'xprv9s21ZrQH143K2SiPk3UYw24a2d5ZVey4g9mKB58at9vuXbsPmGxzQWzFJQRcaTHhbyNzyt33uRaXmuXopv1Faep4rrL1qHdmWGrwfj2sUHr';
const pub = 'xpub661MyMwAqRbcEvnrr51ZJA1Jaev3u7gv3NguyTYCSVTtQQCYJpHExKJj9fiPM9EELJcGaxV8vFiwJTJuM4F5HoSJXVM4nrVFcWDki7gzmcr';
let prvraw = b58.decode(prv).subarray(46);
let pubraw = b58.decode(pub).subarray(45);
// hardcode secp256k1 and compressed point, which Bitcoin and BIP32 require
let prvsec1 = Buffer.from("302e0201010420"+prvraw.toString('hex')+"a00706052b8104000a",'hex');
let pubspki = Buffer.from("3036301006072a8648ce3d020106052b8104000a032200"+pubraw.toString('hex'),'hex');
// optional prebuild, or can inline in .sign and .verify
let prvkey = crypto.createPrivateKey({key:prvsec1,format:'der',type:'sec1'});
let pubkey = crypto.createPublicKey({key:pubspki,format:'der',type:'spki'});
let data = "some test data";
let sign = crypto.createSign('sha256'); sign.update(data);
let signature = sign.sign(prvkey,'hex'); console.log(signature);
let vrfy = crypto.createVerify('sha256'); vrfy.update(data);
console.log (vrfy.verify(pubkey,signature,'hex'));
// add dsaEncoding:'ieee-p1363' in .sign and .verify if you want that