我尝试在 js 中派生一个 AES-KW 密钥,例如:let { publicKey: pub, privateKey: key } = await crypto.subtle.generateKey( { name: 'ECDH', namedCurve: 'P-521' }, true, ['deriveKey'], )await crypto.subtle.deriveKey( { name: 'ECDH', public: pub }, key, { name: 'AES-KW', length: 256 }, false, ["encrypt", "decrypt"],)错误:未捕获(承诺)DOMException:无法使用指定的密钥用法创建密钥。我不知道为什么,因为AES-GCM可以成功。
1 回答
梵蒂冈之花
TA贡献1900条经验 获得超5个赞
从技术上讲,ascrypto.subtle.deriveKey提供了一个密钥,可用于根据RFC 3394包装另一个密钥,另请参阅。因为这必须用作代替,另请参见此示例 ( )。name: 'AES-KW'derivedKeyAlgorithmAES-KW['wrapKey', 'unwrapKey']keyUsages['encrypt', 'decrypt']getKey
提供了name: 'AES-GCM'asderivedKeyAlgorithm和['encrypt', 'decrypt']askeyUsages密钥,可用于使用AES-GCM进行加密和解密。
示例AES-KW:
crypto.subtle.generateKey(
{ name: 'ECDH', namedCurve: 'P-521' },
true,
['deriveKey']
).then(function(keypair){
crypto.subtle.deriveKey(
{ name: 'ECDH', public: keypair.publicKey }, // In practice, this is the public key of the recipient
keypair.privateKey, // In practice, this is the own private key
{ name: 'AES-KW', length: 256 },
true,
["wrapKey", "unwrapKey"],
).then(function(wrappingKey){
console.log(wrappingKey);
})
})
添加回答
举报
0/150
提交
取消