Web Crypto API:生成密钥对并仅使私钥不可提取。

huangapple go评论67阅读模式
英文:

Web Crypto API: generate key pair and make only private key non-extractable

问题

Web Crypto API是否可以生成一对密钥并仅使私钥不可提取?

我想安全地存储私钥,因此我将其设置为不可提取,但我也想共享公钥。

SubtleCrypto对象的generateKey方法只允许同时设置两个密钥为可提取或不可提取。

是否还有其他方法可以实现这一目标?

英文:

Is it possible with the Web Crypto API to generate a key pair and make only the private key non-extractable?

I want to safely store the private key so I make it non-extractable but I also want to share the public key.

The generateKey method of the SubtleCrypto object only allows to make both keys either extractable or non-extractable.

Is there any other way to accomplish this?

答案1

得分: 3

SubtleCrypto对象的generateKey方法只能将生成的密钥要么设置为可提取,要么设置为不可提取。

这不是正确的。它只会将私钥设置为不可提取。

(async () => {
  let keyPair = await window.crypto.subtle.generateKey(
    {
      name: "ECDSA",
      namedCurve: "P-384"
    },
    false,
    ["sign", "verify"]
  );

  console.log(keyPair.privateKey.extractable) // false
  console.log(keyPair.publicKey.extractable) // true
  console.log(await window.crypto.subtle.exportKey('jwk', keyPair.publicKey))
})();
英文:

> The generateKey method of the SubtleCrypto object only allows to make
> both keys either extractable or non-extractable.

This is not true. It will only make the private key non-extractable.

<!-- begin snippet: js hide: false console: true babel: false -->

<!-- language: lang-js -->

(async ()=&gt;{
let keyPair = await window.crypto.subtle.generateKey(
  {
    name: &quot;ECDSA&quot;,
    namedCurve: &quot;P-384&quot;
  },
  false,
  [&quot;sign&quot;, &quot;verify&quot;]
);

console.log(keyPair.privateKey.extractable) // false
console.log(keyPair.publicKey.extractable) // true
console.log(await window.crypto.subtle.exportKey(&#39;jwk&#39;, keyPair.publicKey))
})();

<!-- end snippet -->

huangapple
  • 本文由 发表于 2023年2月10日 05:36:24
  • 转载请务必保留本文链接:https://go.coder-hub.com/75404661.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定