Skip to content

Latest commit

 

History

History
99 lines (89 loc) · 2.92 KB

RSA_ES.md

File metadata and controls

99 lines (89 loc) · 2.92 KB
Raw

RSAES-PKCS1-v1_5

WARNING: This is not compliant with the W3 WebCrypto specification.

Operations

Operation Parameters Result
generateKey RsaKeyGenParams CryptoKeyPair
importKey Algorithm CryptoKey
exportKey None JsonWebKey or BufferSource
encrypt Algorithm ArrayBuffer
decrypt Algorithm ArrayBuffer
wrapKey Algorithm ArrayBuffer
unwrapKey Algorithm CryptoKey

Generate key

const keys = await crypto.subtle.generateKey(
  {
    name: "RSAES-PKCS1-v1_5",
    publicExponent: new Uint8Array([1, 0, 1]), // 0x03 or 0x010001
    modulusLength: 2048, // 1024, 2048, or 4096
  },
  false,
  ["encrypt", "decrypt", "wrapKey", "unwrapKey"],
);

Import key

const publicKey = await crypto.subtle.importKey(
  "jwk",
  {
    alg: "RS256",
    ext: true,
    key_ops: ["verify"],
    kty: "RSA",
    e: "AQAB",
    n: "vqpvdxuyZ6rKYnWTj_ZzDBFZAAAlpe5hpoiYHqa2j5kK7v8U5EaPY2bLib9m4B40j-n3FV9xUCGiplWdqMJJKT-4PjGO5E3S4N9kjFhu57noYT7z7302J0sJXeoFbXxlgE-4G55Oxlm52ID2_RJesP5nzcGTriQwoRbrJP5OEt0",
  },
  {
    name: "RSAES-PKCS1-v1_5",
  },
  false,
  ["encrypt"],
);

Export key

const jwk = await crypto.subtle.exportKey(
  "jwk",
  publicKey);

Encrypt

const encData = await crypto.subtle.encrypt(
  "RSAES-PKCS1-v1_5",
  publicKey,  // RSA public key
  data,       // BufferSource
);

Decrypt

const data = await crypto.subtle.decrypt(
  "RSAES-PKCS1-v1_5",
  privateKey, // RSA private key
  encData,    // BufferSource
);

Wrap key

const wrappedKey = await crypto.subtle.wrapKey(
  "raw",     // raw, pkcs8, spki, or jwk
  aesKey,    // Crypto key
  publicKey, // RSA public key
  "RSAES-PKCS1-v1_5",
);

Unwrap key

const unwrappedKey = await crypto.subtle.unwrapKey(
  "raw",      // raw, pkcs8, spki, or jwk
  wrappedKey, // BufferSource
  privateKey, // RSA private key
  "RSAES-PKCS1-v1_5",
  {
    name: "AES-CBC",
    label: 128,
  }
  false,      // extractable
  ["encrypt", "decrypt"],
);