I have the following JavaScript code to implement public key encryption using the Web Cryptography API. It works for Firefox and Chrome but fails for Microsoft Edge. The error I am getting from Edge is "Could not complete the operation due to error 80700011." What have I missed?
<script>
var data = new Uint8Array([0, 1, 2, 3, 4, 5, 6, 7, 8, 9]);
var crypto = window.crypto || window.msCrypto;
var cryptoSubtle = crypto.subtle;
cryptoSubtle.generateKey(
{
name: "RSA-OAEP",
modulusLength: 2048,
publicExponent: new Uint8Array([0x01, 0x00, 0x01]),
hash: { name: "SHA-256" },
},
true,
["encrypt", "decrypt"]
).then(function (key) {
console.log(key);
console.log(key.publicKey);
return cryptoSubtle.encrypt(
{
name: "RSA-OAEP"
},
key.publicKey,
data
);
}).then(function (encrypted) {
console.log(new Uint8Array(encrypted));
}).catch(function (err) {
console.error(err);
});
</script>
Microsoft Edge stores passwords encrypted on disk. They're encrypted using AES and the encryption key is saved in an operating system (OS) storage area.
Is the synced data encrypted? Yes, the data is encrypted in transport using TLS 1.2 or greater. All data types are additionally encrypted at rest in Microsoft's service using AES128.
Double Key Encryption encrypts your data with two keys. Your encryption key is in your control and the second key is stored in Microsoft Azure, allowing you to move your encrypted data to the cloud. HYOK protects your content with only one key and the key is always on premises.
I've found the cause of this issue. I have to add the hash field when invoking the encrypt function:
return cryptoSubtle.encrypt(
{
name: "RSA-OAEP",
hash: { name: "SHA-256" }
},
key.publicKey,
data
);
This does not match the Web Cryptography API Spec but it works.
Same problem with crypto.subtle.sign
. Needed to add the hashing algorithm (same issue in Safari)
Replace
crypto.subtle.sign(
{
name: "RSASSA-PKCS1-v1_5"
},
cryptoKey,
digestToSignBuf);
with
crypto.subtle.sign(
{
name: "RSASSA-PKCS1-v1_5",
hash: "SHA-256"
},
cryptoKey,
digestToSignBuf);
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With