This content originally appeared on Level Up Coding - Medium and was authored by Rizky Satrio
When I researched about key wrapping in Javascript, I did not find any concrete example of the implementation. That is why I’m writing this article to show an example of Key Wrapping using Javascript.
Key Wrapping itself is an activity of encrypting a Crypto Key with another Crypto Key. An example of this is SSL/TLS handshake in https.
Problem statements
- Key Wrapping using pure Javascript code
- Wrapped Key is AES, wrapping key using RSA Public Key
Solution
The solution is created by utilising Web Crypto API. This API is available in most modern browsers. The example flow of the solution can be found on figure 1.
As you can see in figure 1, the following event occurs:
- Alice generates RSA KeyPair for wrapping key
- Bob generates AES Key for wrapped key,
- Alice exports the RSA Public Key into JWK format,
- Bob exports the AES Key to JWK format,
- Alice sends the RSA Public Key JWK to Bob,
- Bob receives the JWK and import the RSA Public Key,
- Bob encrypt the AES Key with RSA Public Key and convert into JSON,
- Bob send JSON to Alice,
- Alice convert the JSON Data into ArrayBuffer,
- Alice decrypt the ArrayBuffer and parse the result into object,
- Alice import the AES Key using the object from no.10,
- Now Alice have the AES Key, and can start encrypt/decrypt data between her and Bob
Code Snippet
- Generate RSA KeyPair
window.crypto.subtle.generateKey(
{name: "RSA-OAEP",
modulusLength: 4096,
publicExponent: new Uint8Array([1, 0, 1]),
hash: "SHA-256"
},
true,
["encrypt", "decrypt"]
).then(a => {console.log("Public Key:", JSON.stringify(a.publicKey));});
2. Generate AES Key
window.crypto.subtle.generateKey(
{name: "AES-GCM",
length: 256
},
true,
["encrypt", "decrypt"]
).then(result => {}
3. Export Key into JWK
window.crypto.subtle.generateKey(
{name: "AES-GCM",
length: 256
},
true,
["encrypt", "decrypt"]
).then(a => {window.crypto.subtle.exportKey("jwk", a).then(b => {console.log(b);
})
});
4. Import JWK Key
window.crypto.subtle.importKey("jwk", CryptoKey, "AES-GCM", true,["encrypt", "decrypt"]).then(result => {
});
5. Encrypt AES Key with RSA Key and convert into JSON (check finalResult variable)
window.crypto.subtle.encrypt({name: "RSA-OAEP"
}, publicKey, new TextEncoder().encode(JSON.stringify(symKey)))
.then(result => {finalResult= JSON.stringify(Array.from(new Uint8Array(a)));
})
6. Convert JSON into ArrayBuffer
new Uint8Array(JSON.parse(JSONData)).buffer
7. Decrypt and import key
window.crypto.subtle.decrypt(
{name: "RSA-OAEP"
},
privateKey,
new Uint8Array(JSON.parse(encrypted2)).buffer
).then(a => {
window.crypto.subtle.importKey("jwk", JSON.parse(new TextDecoder().decode(a)), "AES-GCM", true,
["encrypt", "decrypt"]).then(a => {console.log("Extractable" + a.algorithm.name + " " + a.extractable);})
});
Code Example
I have made an example in this github (don’t forget to give a star). In that example we will try to create AES Key, RSA Keypair, encrypt the AES Key Using RSA Public Key, and decrypt it using RSA Private Key. You can also try the live application in here.
References
Key Wrapping in Javascript was originally published in Level Up Coding on Medium, where people are continuing the conversation by highlighting and responding to this story.
This content originally appeared on Level Up Coding - Medium and was authored by Rizky Satrio
Rizky Satrio | Sciencx (2022-05-13T10:45:14+00:00) Key Wrapping in Javascript. Retrieved from https://www.scien.cx/2022/05/13/key-wrapping-in-javascript/
Please log in to upload a file.
There are no updates yet.
Click the Upload button above to add an update.