Skip to content

Commit

Permalink
fix: export tls key as pkcs8
Browse files Browse the repository at this point in the history 
The WebCrypto polyfill has [improved it's validation](PeculiarVentures/webcrypto-core@4ef9eaa) and we now fail to export the private key of the generated cert correctly.

Update to export in pkcs8 format instead, which we can just base64 encode to turn it into the PEM format.
  • Loading branch information
@achingbrain
achingbrain committed May 28, 2024
1 parent 7aec7bd commit a15a3c2
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions packages/connection-encrypter-tls/src/utils.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -179,11 +179,11 @@ export async function generateCertificate (peerId: PeerId): Promise<{ cert: stri
]
})

const certPrivateKeySpki = await crypto.subtle.exportKey('spki', keys.privateKey)
const certPrivateKeyPkcs8 = await crypto.subtle.exportKey('pkcs8', keys.privateKey)

return {
cert: selfCert.toString(),
key: spkiToPEM(certPrivateKeySpki)
key: pkcs8ToPEM(certPrivateKeyPkcs8)
}
}

Expand Down Expand Up @@ -213,7 +213,7 @@ export function encodeSignatureData (certPublicKey: ArrayBuffer): Uint8Array {
])
}

function spkiToPEM (keydata: ArrayBuffer): string {
function pkcs8ToPEM (keydata: ArrayBuffer): string {
return formatAsPem(uint8ArrayToString(new Uint8Array(keydata), 'base64'))
}

Expand Down

0 comments on commit a15a3c2

Please sign in to comment.