WebCrypto API 在哪里存储密钥?
Where does the WebCrypto API store keys?
我正在使用 webcrypto API 成功加密服务器和客户端之间的消息(假设我需要手动执行此操作)。
我的问题是我需要检查用户和服务器的密钥对是否已经存在,而不是一直生成新的密钥对。有没有办法检查它是否存在并检索它以解密服务器消息?
澄清一下,我的 privateKey 在浏览器上,publicKey 发送到服务器。
我有一个 nodejs 服务器和纯 JS 前端。
提前致谢。
CryptoKeys 默认情况下不是永久性的。您需要将密钥存储在 IndexedDB 中,以便下次浏览器执行时可以使用它们。
IndexedDB是一种安全存储,密钥可以在不暴露密钥的情况下存储、恢复和使用material
见https://www.w3.org/TR/WebCryptoAPI/#concepts-key-storage
5.2. Key Storage
This specification does not explicitly provide any new storage mechanisms for CryptoKey objects. Instead, by allowing the CryptoKey to be used with the structured clone algorithm, any existing or future web storage mechanisms that support storing structured clonable objects can be used to store CryptoKey objects.
In practice, it is expected that most authors will make use of the Indexed Database API, which allows associative storage of key/value pairs, where the key is some string identifier meaningful to the application, and the value is a CryptoKey object. This allows the storage and retrieval of key material, without ever exposing that key material to the application or the JavaScript environment
这里有一个完整的例子https://blog.engelke.com/2014/09/19/saving-cryptographic-keys-in-the-browser/
已解决:
您可以使用 IndexedDB 存储 CryptoKey 个对象。
我试过普通的旧本地存储,但它不起作用。
有关详细信息,请参阅:
- https://pomcor.com/2017/06/02/keys-in-browser/
- https://www.w3.org/TR/WebCryptoAPI/
- https://developer.mozilla.org/en-US/docs/Web/API/Web_Crypto_API
- https://www.w3.org/TR/IndexedDB/
- https://www.boxcryptor.com/en/blog/post/building-an-app-with-webcrypto-in-2016/
- https://gist.github.com/saulshanabrook/b74984677bccd08b028b30d9968623f5
- https://blog.engelke.com/2014/09/19/saving-cryptographic-keys-in-the-browser/
我正在使用 webcrypto API 成功加密服务器和客户端之间的消息(假设我需要手动执行此操作)。
我的问题是我需要检查用户和服务器的密钥对是否已经存在,而不是一直生成新的密钥对。有没有办法检查它是否存在并检索它以解密服务器消息?
澄清一下,我的 privateKey 在浏览器上,publicKey 发送到服务器。
我有一个 nodejs 服务器和纯 JS 前端。
提前致谢。
CryptoKeys 默认情况下不是永久性的。您需要将密钥存储在 IndexedDB 中,以便下次浏览器执行时可以使用它们。
IndexedDB是一种安全存储,密钥可以在不暴露密钥的情况下存储、恢复和使用material
见https://www.w3.org/TR/WebCryptoAPI/#concepts-key-storage
5.2. Key Storage
This specification does not explicitly provide any new storage mechanisms for CryptoKey objects. Instead, by allowing the CryptoKey to be used with the structured clone algorithm, any existing or future web storage mechanisms that support storing structured clonable objects can be used to store CryptoKey objects.
In practice, it is expected that most authors will make use of the Indexed Database API, which allows associative storage of key/value pairs, where the key is some string identifier meaningful to the application, and the value is a CryptoKey object. This allows the storage and retrieval of key material, without ever exposing that key material to the application or the JavaScript environment
这里有一个完整的例子https://blog.engelke.com/2014/09/19/saving-cryptographic-keys-in-the-browser/
已解决:
您可以使用 IndexedDB 存储 CryptoKey 个对象。
我试过普通的旧本地存储,但它不起作用。
有关详细信息,请参阅:
- https://pomcor.com/2017/06/02/keys-in-browser/
- https://www.w3.org/TR/WebCryptoAPI/
- https://developer.mozilla.org/en-US/docs/Web/API/Web_Crypto_API
- https://www.w3.org/TR/IndexedDB/
- https://www.boxcryptor.com/en/blog/post/building-an-app-with-webcrypto-in-2016/
- https://gist.github.com/saulshanabrook/b74984677bccd08b028b30d9968623f5
- https://blog.engelke.com/2014/09/19/saving-cryptographic-keys-in-the-browser/