diafygi/webcrypto-examples

RSA-OAEP wrapKey/unwrapKey

Opened this issue · 1 comments

microshine commented

Check please those functions.
It seems that algorithm must be the same as for encrypt/decrypt - {name: string, label?: ArrayBufferView}

microshine commented

It works for me in Chrome

window.crypto.subtle.generateKey(
    {
        name: "RSA-OAEP",
        modulusLength: 2048, //can be 1024, 2048, or 4096
        publicExponent: new Uint8Array([0x01, 0x00, 0x01]),
        hash: { name: "SHA-1" }, //can be "SHA-1", "SHA-256", "SHA-384", or "SHA-512"
    },
    false, //whether the key is extractable (i.e. can be used in exportKey)
    ["wrapKey", "unwrapKey"] //can be any combination of "sign" and "verify"
)
    .then(function (key) {
        //returns a keypair object
        console.log(key);
        console.log(window.pubkey = key.publicKey);
        console.log(window.prvkey = key.privateKey);
    })
    .then(function () {
        return window.crypto.subtle.generateKey(
            {
                name: "AES-CBC",
                length: 256, //can be  128, 192, or 256
            },
            true, //whether the key is extractable (i.e. can be used in exportKey)
            ["encrypt", "decrypt"] //can be "encrypt", "decrypt", "wrapKey", or "unwrapKey"
        )
    })
    .then(function (key) {
        //returns a key object
        console.log(window.aes = key);
        return window.crypto.subtle.wrapKey(
            "raw", //the export format, must be "raw" (only available sometimes)
            key, //the key you want to wrap, must be able to fit in RSA-OAEP padding
            window.pubkey, //the public key with "wrapKey" usage flag
            {   //these are the wrapping key's algorithm options
                name: "RSA-OAEP",
            }
        );
    })
    .then(function (wrapped) {
        //returns an ArrayBuffer containing the encrypted data
        console.log(new Uint8Array(wrapped));
        return window.crypto.subtle.unwrapKey(
            "raw", //the import format, must be "raw" (only available sometimes)
            wrapped, //the key you want to unwrap
            prvkey, //the private key with "unwrapKey" usage flag
            {   //these are the wrapping key's algorithm options
                name: "RSA-OAEP"
            },
            {   //this what you want the wrapped key to become (same as when wrapping)
                name: "AES-CBC",
                length: 256
            },
            false, //whether the key is extractable (i.e. can be used in exportKey)
            ["encrypt", "decrypt"] //the usages you want the unwrapped key to have
        )
    })
    .then(function (key) {
        //returns a key object
        console.log(key);
    })
    .catch(function (err) {
        console.error(err);
    });