Danny Moerkerke
Reputation: 462
Web Crypto API: generate key pair and make only private key non-extractable
Is it possible with the Web Crypto API to generate a key pair and make only the private key non-extractable?
I want to safely store the private key so I make it non-extractable but I also want to share the public key.
The generateKey method of the SubtleCrypto object only allows to make both keys either extractable or non-extractable.
Is there any other way to accomplish this?
Upvotes: 3
Views: 960
Answers (1)
Andrew Parks
Reputation: 8087
The generateKey method of the SubtleCrypto object only allows to make both keys either extractable or non-extractable.
This is not true. It will only make the private key non-extractable.
(async ()=>{
let keyPair = await window.crypto.subtle.generateKey(
{
name: "ECDSA",
namedCurve: "P-384"
},
false,
["sign", "verify"]
);
console.log(keyPair.privateKey.extractable) // false
console.log(keyPair.publicKey.extractable) // true
console.log(await window.crypto.subtle.exportKey('jwk', keyPair.publicKey))
})();Upvotes: 3
Related Questions
- How to resolve InvalidRequest for batch graph APIs request
- C# Microsoft Graph Api Request_BadRequest
- msgraph: how to create a batch request for subscriptions using GraphServiceClient?
- Retrieve contacts along with profile pic in batches using Graph API
- Create Multiple Contacts from Single Request by batching in Microsoft Graph Api
- Outlook contacts ErrorQuotaExceeded
- Create Contact returns HTTP 400 - Bad Request
- batch processing: userPrincipalName already exists when trying to add multiple users async in AAD
- Converting this code to use Microsoft Graph with batch mode
- Updating a shared contact is getting error