CODEWITHSUNDEEP
javascripthtmlgoogle-chromesecurityencryption
chopper draw lion4
chopper draw lion4

Reputation: 13497

How do I import my key using the WebCrypto interface?

My applications Cryptography currently utilizes the forge library for encryption, decryption, deriving keys, and importing keys. I recently began reading about the new cryptographic features that are part of the HTML5 spec and wanted to do a POC to see if it is viable as well as the performance impact.

The feature seems pretty unusable right now. I can't even manage to import any of my keys.

Byte encoded key: "#a×iKº|UF?îçàÂ{ÙîµËËã-cØÊz"

B64 encoded key: "I2HXaUu6fFVGP4fu5+CJwh57HtnutcvL4y0XY9icyno="

Unsigned 8 bit integer array key representation: [35, 97, 215, 105, 75, 186, 124, 85, 70, 63, 135, 238, 231, 224, 137, 194, 30, 123, 30, 217, 238, 181, 203, 203, 227, 45, 23, 99, 216, 156, 202, 122]

I tried importing my key using JWK:

window.crypto.subtle.importKey(
    "jwk", //can be "jwk" or "raw"
    {   //this is an example jwk key, "raw" would be an ArrayBuffer
        kty: "oct",
        k: "I2HXaUu6fFVGP4fu5+CJwh57HtnutcvL4y0XY9icyno=",
        alg: "A256GCM",
        ext: true,
    },
    {   //this is the algorithm options
        name: "AES-GCM",
    },
    false, //whether the key is extractable (i.e. can be used in exportKey)
    ["encrypt", "decrypt"] //can "encrypt", "decrypt", "wrapKey", or "unwrapKey"
)
.then(function(key){
    //returns the symmetric key
    console.log(key);
})
.catch(function(err){
    console.error(err);
});

But this just results in a promise that never resolves. I then tried to import my key using 'raw' type and passing it the arrayBuffer above:

window.crypto.subtle.importKey(
    "raw", //can be "jwk" or "raw"
    arrayBuffer,
    {   //this is the algorithm options
        name: "AES-GCM",
    },
    true, //whether the key is extractable (i.e. can be used in exportKey)
    ["encrypt", "decrypt"] //can "encrypt", "decrypt", "wrapKey", or "unwrapKey"
)
.then(function(key){
    //returns the symmetric key
    console.log(key);
})
.catch(function(err){
    console.error(err);
});

But this also just results in a promise that never resolves.

How do I import my key using the WebCrypto interface?

Upvotes: 2

Views: 2627

Answers (1)

LiraNuna
LiraNuna

Reputation: 67261

Your base64 encoding is correct, however JWK requires the use of base64url. In that encoding, the key becomes: I2HXaUu6fFVGP4fu5-CJwh57HtnutcvL4y0XY9icyno.

When I change k to that value, I can successfully import your key.

Upvotes: 1

Related Questions