JWK "key_ops" 成员与 Web Crypto 调用指定的成员不一致

The JWK "key_ops" member was inconsistent with that specified by the Web Crypto call

在 NodeJS 上,我生成密钥并将其导出如下,

const { Crypto } = require("@peculiar/webcrypto");
const crypto = new Crypto();
....
....
....

    let KeyPair = await crypto.subtle.generateKey(
        {
          name: "ECDH",
          namedCurve: "P-384"
        },
        false,
        ["deriveKey"]
    );


    let exportPubKey = await crypto.subtle.exportKey(
        "jwk",
        KeyPair.publicKey
    )

现在,当我尝试在使用 Chrome 浏览器的客户端上导入导出的密钥时,它抛出一个 DOM 异常,我这样导入它,

window.crypto.subtle.importKey("jwk", {"kty":"EC","crv":"P-384","key_ops":[],"ext":true,"x":"mbLH4QWKwgYu3cwaUsk59M9awwhJydGdJOH0z8WapKuW6DAlnI8bcUg7kOl9ZCdb","y":"-PQ_HUtA45oC8YL3Zk2dExIWxykhimjfqFAc2pQrPTmrDKa-5AVn4Noz3PitZw2W"}, {"name": "ECDH", "namedCurve": "P-384"}, false, ["deriveKey"])

错误是,

DOMException: The JWK "key_ops" member was inconsistent with that specified by the Web Crypto call. The JWK usage must be a superset of those requested

令我惊讶的是,我可以在 Node 上导入相同的东西而不会出现任何错误。我的意思是客户端以几乎相同的格式生成 JWK。

经过位模糊测试后,我发现您必须传递一个空数组才能克服错误。

window.crypto.subtle.importKey("jwk", {"kty":"EC","crv":"P-384","key_ops":[],"ext":true,"x":"mbLH4QWKwgYu3cwaUsk59M9awwhJydGdJOH0z8WapKuW6DAlnI8bcUg7kOl9ZCdb","y":"-PQ_HUtA45oC8YL3Zk2dExIWxykhimjfqFAc2pQrPTmrDKa-5AVn4Noz3PitZw2W"}, {"name": "ECDH", "namedCurve": "P-384"}, false, ["deriveKey"])

变成,

window.crypto.subtle.importKey("jwk", {"kty":"EC","crv":"P-384","key_ops":[],"ext":true,"x":"mbLH4QWKwgYu3cwaUsk59M9awwhJydGdJOH0z8WapKuW6DAlnI8bcUg7kOl9ZCdb","y":"-PQ_HUtA45oC8YL3Zk2dExIWxykhimjfqFAc2pQrPTmrDKa-5AVn4Noz3PitZw2W"}, {"name": "ECDH", "namedCurve": "P-384"}, false, [])