Add support for pkcs8 with crypto.subtle.importKey

As per this page, I thought I’d submit feedback that it’d be nice if support was added for crypto.subtle.importKey with pkcs8.

This would make it much easier to support JSON Web Tokens and other PKCS8 keys.

1 Like

Connecting to Google Storage partially addressed that.

Tagging @harris

Yeah, I saw that, but I believe they just used an alternative method instead of pkcs8.

As far as I understand he did. “jwk” should also work if you can get it to work with JWT.

Also tagging @KentonVarda and @sklabnik

Hi @justdotjs,

Workers’ crypto.subtle.importKey does indeed support pkcs8 key format for RSASSA-PKCS1-v1_5 and ECDSA algorithms – I added this support in September 2018.

Did you see a document somewhere saying this wasn’t supported? If so we should correct it. I guess the official doc page doesn’t explicitly mention supported key formats, and maybe it should, but I believe we support all valid key formats for the algorithms that we support.

@KentonVarda, hmm, running the example from https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/importKey#PKCS_8_import does give me a DOMException.

Unrecognized or unimplemented key import algorithm requested.

I think that’s due to RSA-PSS not being supported.

I managed to get RSASSA-PKCS1-v1_5 and RSASSA-PSS working properly.

But I didn’t manage to get ECDSA to work, probably due to RSA key - however, it doesn’t work with the browser native Webcrypto API either, which I showed to @harris.

I’m looking to switch to WASM and https://www.npmjs.com/package/libsodium

1 Like

Indeed, we don’t currently implement RSASSA-PSS. Maybe we should.

But I didn’t manage to get ECDSA to work, probably due to RSA key - however, it doesn’t work with the browser native Webcrypto API either

Note that ECDSA has some gratuitous differences in how the API is used (per spec). I don’t remember all the details, but I think one thing is that you need to specify hash algorithms in a different place than you do with RSASSA-PKCS1-v1_5. (And yes, it won’t work with an RSA key – you need an ECDSA key.)

FIDO2 use RSA keys for ECDSA and JS is too slow. So, yeah, libsodium is the only option then.

Yeah, this is what I’d tested and failed to use. It might be nice to implement RSA-PSS so at least the example which is linked to from Cloudflare’s docs on SubtleCrypto would work for people testing it out.

FIDO2 use RSA keys for ECDSA

ECDSA uses EC keys, not RSA keys. Maybe FIDO2 uses a construction that signs ephemeral EC keys using long-lived RSA keys, or something, but you can’t directly use RSA keys in ECDSA.