pee cee beez
pee cee beez
PostsComments
CDCloudflare Developers
Created by pee cee beez on 8/11/2023 in #workers-help
SubtleCrypto providing invalid CryptoKey
👍
6 replies
CDCloudflare Developers
Created by pee cee beez on 8/11/2023 in #workers-help
SubtleCrypto providing invalid CryptoKey
...no, it's empty, it throws errors if I try to use it. It looks like it might be a miniflare bug, since I guess it does actually work in the worker runtime
6 replies
CDCloudflare Developers
Created by pee cee beez on 8/10/2023 in #workers-help
Using X509Certificate
Using: 
await crypto.subtle.importKey(
  "spki",
  Buffer.from(
    "3059301306072a8648ce3d020106082a8648ce3d03010703420004ea1371a3dca5e8a934bf5e434ead0aeee951cc1d09774df2f1aa6948dde7c67cb4bc62502d1d05e03e7ae318820875ff988093e14cc541660366b5af868267c4",
    "hex"
  ),
  { name: "ECDSA", namedCurve: "P-256", hash: { name: "SHA-256" } },
  true,
  ["verify"]
)
await crypto.subtle.importKey(
  "spki",
  Buffer.from(
    "3059301306072a8648ce3d020106082a8648ce3d03010703420004ea1371a3dca5e8a934bf5e434ead0aeee951cc1d09774df2f1aa6948dde7c67cb4bc62502d1d05e03e7ae318820875ff988093e14cc541660366b5af868267c4",
    "hex"
  ),
  { name: "ECDSA", namedCurve: "P-256", hash: { name: "SHA-256" } },
  true,
  ["verify"]
)
8 replies
CDCloudflare Developers
Created by pee cee beez on 8/10/2023 in #workers-help
Using X509Certificate
Looks like a bug in SubtleCrypto? importKey in the worker runtime is returning 
CryptoKey {
  usages: undefined,
  algorithm: undefined,
  extractable: undefined,
  type: undefined
}
CryptoKey {
  usages: undefined,
  algorithm: undefined,
  extractable: undefined,
  type: undefined
}
meanwhile NodeJS with the exact same code returns 
CryptoKey {
  type: 'public',
  extractable: true,
  algorithm: { name: 'ECDSA', namedCurve: 'P-256' },
  usages: [ 'verify' ]
}
CryptoKey {
  type: 'public',
  extractable: true,
  algorithm: { name: 'ECDSA', namedCurve: 'P-256' },
  usages: [ 'verify' ]
}
8 replies
CDCloudflare Developers
Created by pee cee beez on 8/10/2023 in #workers-help
Using X509Certificate
Did more research, found an x509 package that works on Node, but gives an incorrect publicKey on the workers runtime... guess this means more research
8 replies
CDCloudflare Developers
Created by pee cee beez on 8/10/2023 in #workers-help
Using X509Certificate
My current NodeJS solution is 
import jwt from "@tsndr/cloudflare-worker-jwt";
import { X509Certificate } from 'node:crypto';

export function verifyToken(keyData: string, token: string) {
  const key = Buffer.from(keyData, 'base64')
  const cert = new X509Certificate(key);
  const publicKey = cert.publicKey.export({ type: 'spki', format: 'pem' });
  return jwt.verify(token, publicKey, "ES256");
}
import jwt from "@tsndr/cloudflare-worker-jwt";
import { X509Certificate } from 'node:crypto';

export function verifyToken(keyData: string, token: string) {
  const key = Buffer.from(keyData, 'base64')
  const cert = new X509Certificate(key);
  const publicKey = cert.publicKey.export({ type: 'spki', format: 'pem' });
  return jwt.verify(token, publicKey, "ES256");
}
8 replies
CDCloudflare Developers
Created by pee cee beez on 8/10/2023 in #workers-help
Using X509Certificate
When I try to import the certificate with importKey it gives me an asn1 error about having the wrong tag
8 replies