const AWS = require('aws-sdk')
const Crypto = require('crypto')

AWS.config.region = 'us-east-1'

var kms = new AWS.KMS()

keyArn = 'Put AWS KMS Key ARN Here'

// Set the KeyPairSpec to the type of key you want to generate.
const request = {
    KeyId: keyArn,
    KeyPairSpec: 'ECC_NIST_P256'
}

kms.generateDataKeyPair(request, (err, data) => {
    if(err) {
        console.log(err)
    } else {
        const privateKeyInput = {
            key: data.PrivateKeyPlaintext,
            format: 'der',
            type: 'pkcs8'
        }
        const privateKeyObject = Crypto.createPrivateKey(privateKeyInput)

        const publicKeyInput = {
            key: data.PublicKey,
            format: 'der',
            type: 'spki'
        }
        const publicKeyObject = Crypto.createPublicKey(publicKeyInput)

        const privateKeyExportOptions = {
            format: 'pem',
            type: 'sec1'
        }
        const pemPrivate = privateKeyObject.export(privateKeyExportOptions)

        const publicKeyExportOptions = {
            format: 'pem',
            type: 'spki'
        }
        const pemPublic = publicKeyObject.export(publicKeyExportOptions)

        console.log(pemPrivate)
        console.log(pemPublic)
    }

})