Welcome! Log In Create A New Profile

Advanced

[PHP] Importing ECDSA public key from javascript/subtlecrypto

Posted by Martijn van Duren 
Martijn van Duren
[PHP] Importing ECDSA public key from javascript/subtlecrypto
June 09, 2017 10:40AM
Hello general@,

For a project I'm working on I need to import an ECDSA public key into
the openssl extension to verify data/signatures send by the client. The
key has been verified, so that's no problem.

The problem is the fact that subtlecrypto exports the key as raw, spki,
or jwk, while non of these can be imported into the openssl extension.

Can anyone inform me on a way to make the key compatible with the
openssl interface, be it on the javascript side or the php side.

Sincerely,

Martijn van Duren

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Adam Jon Richardson
Re: [PHP] Importing ECDSA public key from javascript/subtlecrypto
June 09, 2017 07:30PM
On Fri, Jun 9, 2017 at 4:38 AM, Martijn van Duren <[email protected]>
wrote:
>
>
> For a project I'm working on I need to import an ECDSA public key into
> the openssl extension to verify data/signatures send by the client. The
> key has been verified, so that's no problem.
>
> The problem is the fact that subtlecrypto exports the key as raw, spki,
> or jwk, while non of these can be imported into the openssl extension.
>
> Can anyone inform me on a way to make the key compatible with the
> openssl interface, be it on the javascript side or the php side.
>
> Martijn van Duren


Well, you could fiddle with trying to base64 the raw output and create a
pem-formatted crt file of your own using PHP, but this npm package looks
easier if you export as a jwk and then use the package to convert to a pem:
https://www.npmjs.com/package/pem-jwk

Adam
Hello Adam,

Thanks for your reply.
There are two issues with the pem-jwk package:
1) It's an npm-package and using browserify didn't seem to produce a usable
file.
2) When you look into the code you see that it uses RSAPublicKey.encode,
while I need ECDSA keys.

I also looked into generating a crt from within PHP, but the standard is
complex and I don't have the time nor skills at this time to build something
like that myself.

On 06/09/17 19:20, Adam Jon Richardson wrote:
> On Fri, Jun 9, 2017 at 4:38 AM, Martijn van Duren <[email protected]>
> wrote:
>>
>>
>> For a project I'm working on I need to import an ECDSA public key into
>> the openssl extension to verify data/signatures send by the client. The
>> key has been verified, so that's no problem.
>>
>> The problem is the fact that subtlecrypto exports the key as raw, spki,
>> or jwk, while non of these can be imported into the openssl extension.
>>
>> Can anyone inform me on a way to make the key compatible with the
>> openssl interface, be it on the javascript side or the php side.
>>
>> Martijn van Duren
>
>
> Well, you could fiddle with trying to base64 the raw output and create a
> pem-formatted crt file of your own using PHP, but this npm package looks
> easier if you export as a jwk and then use the package to convert to a pem:
> https://www.npmjs.com/package/pem-jwk
>
> Adam
>

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Sorry, only registered users may post in this forum.

Click here to login