- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Wed, 08 Oct 2014 16:20:57 +0200
- To: "public-webcrypto-comments@w3.org" <public-webcrypto-comments@w3.org>
Dear List; I'm not particularly up-to-speed on the WebCrypto API but I at least got this working fairly quickly: // Generate ephemeral ECDH key-pair var gen_alg = {name: 'ECDH', namedCurve: selected_card.bank_encryption_key.crv}; crypto.subtle.generateKey(gen_alg, false, ['deriveKey']).then (function(key_pair) { // Import static ECDH key crypto.subtle.importKey('jwk', selected_card.bank_encryption_key, {name: 'ECDH'}, false, ['deriveKey']).then (function(public_key) { // Derive key using ECDH var derive_alg = {name: 'ECDH', public: public_key}; crypto.subtle.deriveKey(derive_alg, key_pair.privateKey, {name: 'AES-CBC', length: 256}, false, ['encrypt']).then (function(aes_key) { // Encrypt using derived key var encryption_algorithm = { name: 'AES-CBC', iv: window.crypto.getRandomValues(new Uint8Array(16))}; crypto.subtle.encrypt(encryption_algorithm, aes_key, signed_auth_data).then (function(encrypted_auth_data) { Naturally I wanted to use a KDF as well but then it got a bit less obvious how to do. There is no support for deriveKey and CONCAT? So the proper solution is to deriveBits() and then import() the raw secret for usage with symmetric encryption algorithms? Pardon me if I'm totally off, WebCrypto is quite different to JCA/JCE which is my primary tool... Cheers Anders
Received on Wednesday, 8 October 2014 14:21:31 UTC