如何导入PEM格式的RSA私钥以用于WebCrypto?
[英]How can I import an RSA private key in PEM format for use with WebCrypto?
问题描述
我正在尝试使用WebCrypto与RSA-PSS签署令牌,但是我不断收到错误消息:
DataError: Data provided to an operation does not meet requirements
在crypto.subtle.importKey 。
这是我的JavaScript代码:
function signToken(token, key) {
crypto.subtle.importKey(
'pkcs8',
PEM2Binary(key),
{
name: 'RSA-PSS',
hash: { name: 'SHA-256' },
},
false,
['sign']
).then(function(privKey){
crypto.subtle.sign(
'RSA-PSS',
privKey,
new TextEncoder().encode(token)
).then(function(signedToken){
msg = JSON.stringify({ intent: 'authenticate-token', signedToken: signedToken });
socket.send(msg);
})
}).catch(function(error){
console.error(error);
})
}
function PEM2Binary(pem) {
var encoded = '';
var lines = pem.split('\n');
for (var i = 0; i < lines.length; i++) {
if (lines[i].indexOf('-----') < 0) {
encoded += lines[i];
}
}
var byteStr = atob(encoded);
var bytes = new Uint8Array(byteStr.length);
for (var i = 0; i < byteStr.length; i++) {
bytes[i] = byteStr.charCodeAt(i);
}
return bytes.buffer;
}
以及我正在使用的示例私钥:
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEA3d+Y/kWq4nNrJd0dgktQ7lfDUtEIxcs10I8+xPEUhpvacotB
o787dDP4ZFYhRQf0WMjQYJwEna/NsrPuY2fgFWIBlUdpkj1SR00FBxHvnRlzP1Sg
cYnJlqh7/A26tM51nVkMtf/4NtYr+jFvRmB5759U1GRBFwZYsoWQRQlQKh5MAk89
KRc/TvrXNzam39GcLvSYz9uN0p2p2Mrofjgv42m53AqC9LOrQbwDX7Dxl0n4z3EI
Z2Ycx33QZVYiLPH1GHTJ8+JuKjqY0ovu6lghGN0y2xR+sqWNvgyW7xlDWZ6Vwyxs
K5SCIc48VwiiAyGZGhcCZloMlO5S/dutycgHhQIDAQABAoIBAQDXfef2bmu+bSNQ
LyYN+mCsXQkUUnoWwXuPCNGKLiwlYRIV1jL2ezGfdyp1KUI+7a7g3Immi2HgVXOP
cTrDyYvWuM2Y0zcyFeTn42JSr5TuHF3W0LbUD2N/tDxXXm5MVYnePTMfQXEusW0d
Hw5YaDOGDFYzwvuFBWD4YsjwhE8b12np/BZxniTzIl/blW+moocxAampj2SOc9dV
Z06Nw1gQYScclKqdASxnIsOOALhu7h0qOLAhhVgYWH6c+AC1q/72QQy9QYOW87e/
U5mkmxfjFtifYgnBGCRN5Uv5S6lnJD10z8+yR4SomVlxDTw0UkJMOT96KEhI5ICf
s1kKU2AxAoGBAPeWvNX63C+XbgDscttSNBrx6TOEwfeZiaGSxE+P+vKa3/YuVASf
rkL0xLnUTj+OhoaLzTetQ99RlUQsYkP8IQbIhiqXMHjpDTJStlHEbdJeT1fRUVF5
55S61bpYL8xLGYNvCFEmV66YuyZBAWq/DgkBG6gX2f71lHo2UJL/B/WjAoGBAOVp
Nw5/42wuwtSoynl5f0Tlbb5nruLbNMuaSAZ7ZjDVL6DXmwTyBQgg478LWB29xP2I
Or0TTPped3DeLTJrAG9Gxz6SEHfyh0lN7wc2RfS15NNfHKJwQJjuEaTR498yHWKq
UQkryU5xe3Qfr51RkFvmWzw91aUU0YwvqWDYodC3AoGBAPEBCBv6ry6cZvX7M+qN
4C6CYJBHoFAWYsSmivUvoAVcALowapR9ozGF9aE2Klzvrb92gnK59CGD1pqf4Z9v
4+4ob4Ex3nsz0Ca2IMcDQCvQpcdD97YpxeUe4UEc6pogWFt6T0w+2IcaIMKh8HEq
PM1DCNrdLNRj1P4JtPEB04ulAoGAXXIBGifftCZL+CGU7+wceizWCfPj2cYeeDys
z+8dzhBYaTTJkTcf85KqEhyF1P+CqR7/hhrBhU5Laq8lS98n+yuiZwtKKAGjN6nG
DnL+BdK9lZeta0E8Hs8CYteX8UdRjun/PjQWuJwjBEcP2o3ptnVbfmtVhfu361lS
rf8v0nsCgYAoshpslw7/qxUw7ac4xy0puMwuBBFAiQLFm5siOjZohOWYgQ3gZpl0
TJD9jBnEiH/Jpc883YzSh2bnEGZZ9wBffnhv1rjfNh6PbrcSdSKOznPEMpvw/pOB
wBnu6RWZ9mtWWIdDmYEJDqzrV7qp2w2x2foLc4oyCUKbUbQ/DvTYFQ==
-----END RSA PRIVATE KEY-----
在此先感谢您的帮助。
1 个解决方案
解决方案1
4 已采纳 2018-06-26 05:52:04
PEM文件中的标头-----BEGIN RSA PRIVATE KEY-----是保留给PKCS#1密钥的,但是WebCryptoApi不支持pkcs1,因此您需要使用类似这样的工具将密钥从pkcs1转换为pcks8的openssl
# openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in pkcs1.key -out pkcs8.key
WebCrypto API:如何使用公共密钥解密RSA加密消息?
[英]WebCrypto API: How to decrypt a RSA encrypted message with a public key?
有没有办法在WebCrypto API中获取RSA密钥的组件?
[英]Is there a way to get the components of an RSA key in the WebCrypto API?
将加密的ECDH公钥解析为JWK格式以与WebCrypto结合使用
[英]Parsing crypto ECDH public key into JWK format to use it with WebCrypto
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.