I am using the webcrypto API with some success to encrypt messages between server and client (lets assume I need to do this manually).
My problem is that I need to check if a keypair for the user and server already exists instead of generating a new keypair all the time. Is there a way to check if it exists and retrieve it for decryption of server messages?
To clarify, my privateKey
is on the browser and publicKey
is sent to server.
I have a nodejs server and plain JS front end.
Thanks in advance.
CryptoKeys are not persistent by default. You need to store the keys in the IndexedDB to make them available to the next browser execution.
IndexedDB is a secure storage, keys can be stored, recovered and used without exposing the key material
See https://www.w3.org/TR/WebCryptoAPI/#concepts-key-storage
5.2. Key Storage
This specification does not explicitly provide any new storage mechanisms for CryptoKey objects. Instead, by allowing the CryptoKey to be used with the structured clone algorithm, any existing or future web storage mechanisms that support storing structured clonable objects can be used to store CryptoKey objects.
In practice, it is expected that most authors will make use of the Indexed Database API, which allows associative storage of key/value pairs, where the key is some string identifier meaningful to the application, and the value is a CryptoKey object. This allows the storage and retrieval of key material, without ever exposing that key material to the application or the JavaScript environment
Here you have a full example https://blog.engelke.com/2014/09/19/saving-cryptographic-keys-in-the-browser/
SOLVED:
You can use IndexedDB for storing CryptoKey
objects.
I tried plain old local storage and it does not work.
For more info, see:
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With