webcrypto-api

问题 I've been rather busy trying to get a secure exchange established between a browserclient, using the webcrypto api and PHP server using openssl. I've broken down things as much as I can. I wrote some javascript to generate a keypair, print out the values private and public, encrypt a simple string and print it out as well. I've copied the values straight to a simple php script. Trying to decode it with the values from the javascipt. Encoding and decoding works properly in the javascript (as

问题 The following code works in Firefox 76.0.1: "use strict" let RSAKeys (async () => { RSAKeys = await crypto.subtle.generateKey({ name: "RSA-OAEP", modulusLength: 3072, publicExponent: new Uint8Array([1, 0, 1]), hash: "SHA-256"}, true, // Chromium bug causes it to falsely complain that the array is empty. Sometimes adding "encrypt" helps. ["wrapKey"]) })() but in Chromium 80 I get: Uncaught (in promise) DOMException: Usages cannot be empty when creating a key. ["wrapKey"] clearly isn't an empty

问题 I'm trying to decrypt data on the browser using the AES-CTR algo. The WebCrypto API requires the counter to be passed as a BufferSource. How do I convert the counter (a number) to the expected input (a byte array)? I'm using an all zero IV, so the counter starts at 0. Let's say I'm trying to decrypt data where counter = 445566. How do I convert 445566 into an ArrayBuffer? const key = // retrieve decryption key const encrypted = // retrieve encrypted data const iv = new ArrayBuffer(16) // iv

问题 I have the following code to decrypt AES encrypted data with the Javascript Webcrypto-API, but it results in an "OperationError" with the message "The operation failed for an operation-specific reason": function loadHexToArrybuffer(hex) { return new Uint8Array(hex.match(/[\da-f]{2}/gi).map(h => parseInt(h, 16))); } var iv = loadHexToArrybuffer("47b79d24e3ec47c528abdaed8f3fafde"); var rawKey = loadHexToArrybuffer("8af4d72873e4016cd73a1d5b851e9cb2"); var encryptedData = loadHexToArrybuffer(

问题 I am using WebCrypto with RSASSA-PKCS1-v1_5 (https://github.com/diafygi/webcrypto-examples#rsassa-pkcs1-v1_5---sign) and I need to export the public key to PEM format using javascript code. The documentation says that is possible to export the key in this way: https://github.com/diafygi/webcrypto-examples#rsassa-pkcs1-v1_5---exportkey but I need a different format. Any idea? Thanks in advance. Regards 回答1: Export the public key to spki window.crypto.subtle.exportKey("spki",keys.publicKey);

问题 I am using WebCrypto with RSASSA-PKCS1-v1_5 (https://github.com/diafygi/webcrypto-examples#rsassa-pkcs1-v1_5---sign) and I need to export the public key to PEM format using javascript code. The documentation says that is possible to export the key in this way: https://github.com/diafygi/webcrypto-examples#rsassa-pkcs1-v1_5---exportkey but I need a different format. Any idea? Thanks in advance. Regards 回答1: Export the public key to spki window.crypto.subtle.exportKey("spki",keys.publicKey);

问题 The following code works in Firefox 76.0.1: "use strict" let RSAKeys (async () => { RSAKeys = await crypto.subtle.generateKey({ name: "RSA-OAEP", modulusLength: 3072, publicExponent: new Uint8Array([1, 0, 1]), hash: "SHA-256"}, true, ["wrapKey", "unwrapKey"]) alert(JSON.stringify(Object.fromEntries( await Promise.all(Object.entries(RSAKeys).map(async ([k, v], i) => [k, await cryptoBase64("exportKey", ["pkcs8", "spki"][i], v)]))))) })() async function cryptoBase64(primitive, ...args) { return

问题 The WebCrypto API introduces the notion of non exportable private keys, which can be exported to IndexDB but not not LocalStorage or over the web. This is nicely explained in Charles Engleke's blog "Saving Cryptographic Keys in the Browser". But how do these objects actually work? Is there a way to tell from JS if an object is opaque or not? I am having trouble finding any information on this. 回答1: There isn't a magical "opaque flag" anywhere. "Opaque" here just means there is data held in

问题 I'm trying to verify the signature of a JWT using the SubtleCrypto interface of the Web Crypto API. My code will not verify the token signature while the debug tool at JWT.io will and I don't know why. Here is my verify function: function verify (jwToken, jwKey) { const partialToken = jwToken.split('.').slice(0, 2).join('.') const signaturePart = jwToken.split('.')[2] const encoder = new TextEncoder() return window.crypto.subtle .importKey('jwk', jwKey, { name: 'RSASSA-PKCS1-v1_5', hash: {

问题 I'd like to call window.crypto.subtle.generateKey in my Firefox AddOn. Since I can not access window in main.js I create a page-worker with a content script: var self = require('sdk/self'); var cryptoScript = require('sdk/page-worker').Page({ contentURL: self.data.url('empty.html'), contentScriptFile: self.data.url('call-web-crypto.js') }); I can call window.crypto.subtle.generateKey in call-web-crypto.js , but I can not access the key properties of the generated key pair: XrayWrapper denied