Web Crypto: wrapKey
This page shows the use of the
wrapKey() function of the Web Crypto API.
On page load, it generates four keys:
- An AES-GCM secret key
- An RSA-PSS signing key pair
- An RSA-OAEP encryption key pair
- An ECDSA signing key pair
It provides four buttons across the top:
- Wrap the AES-GCM key in raw format
- Wrap the RSA-PSS private key in PKCS #8 format
- Wrap the RSA-OAEP public key in SubjectPublicKeyInfo format
- Wrap the ECDSA private key in JWK format
"Wrapping" a key essentially means exporting it in an encrypted form. So in all four cases, when you click the button you'll be asked for a password, and we will derive a symmetric key from the password, which we will use to encrypt the key after it is exported.
The exported, encrypted key is written to the area below the buttons.