diff --git a/source/main/services/browserAuth.ts b/source/main/services/browserAuth.ts index e8bd8d26..7b4c03ff 100644 --- a/source/main/services/browserAuth.ts +++ b/source/main/services/browserAuth.ts @@ -50,12 +50,8 @@ export async function encryptPayload( } async function exportECDHKey(key: CryptoKey): Promise { - if (key.type === "private") { - const exported = await webcrypto.subtle.exportKey("jwk", key); - return Buffer.from(exported.d).toString("base64"); - } - const exported = await webcrypto.subtle.exportKey("raw", key); - return Buffer.from(exported).toString("base64"); + const exported = await webcrypto.subtle.exportKey("jwk", key); + return JSON.stringify(exported); } export async function generateBrowserKeys(): Promise { @@ -85,15 +81,17 @@ export async function getBrowserPublicKeyString(): Promise { } async function importECDHKey(key: string): Promise { - const buffer = Buffer.from(key, "base64").buffer; + const jwk = JSON.parse(key) as JsonWebKey; + const usages: Array = + jwk.key_ops && jwk.key_ops.includes("deriveKey") ? ["deriveKey"] : []; return webcrypto.subtle.importKey( - "raw", - buffer, + "jwk", + jwk, { name: API_KEY_ALGO, namedCurve: API_KEY_CURVE }, - false, - ["deriveKey"] + true, + usages ); }