javascript - 在浏览器中使用本机 js 导入 RSA 私钥

/*
Convert a string into an ArrayBuffer
from https://developers.google.com/web/updates/2012/06/How-to-convert-ArrayBuffer-to-and-from-String
*/
function str2ab(str) {
  const buf = new ArrayBuffer(str.length);
  const bufView = new Uint8Array(buf);
  for (let i = 0, strLen = str.length; i < strLen; i++) {
    bufView[i] = str.charCodeAt(i);
  }
  return buf;
}

/*
Import a PEM encoded RSA private key, to use for RSA-PSS signing.
Takes a string containing the PEM encoded key, and returns a Promise
that will resolve to a CryptoKey representing the private key.
*/
function importPrivateKey(pem) {
  // fetch the part of the PEM string between header and footer
  const pemHeader = "-----BEGIN PRIVATE KEY-----";
  const pemFooter = "-----END PRIVATE KEY-----";
  const pemContents = pem.substring(pemHeader.length, pem.length - pemFooter.length);
  // base64 decode the string to get the binary data
  const binaryDerString = window.atob(pemContents);
  // convert from a binary string to an ArrayBuffer
  const binaryDer = str2ab(binaryDerString);

  return window.crypto.subtle.importKey(
    "pkcs8",
    binaryDer, {
      name: "RSA-PSS",
      // Consider using a 4096-bit key for systems that require long-term security
      modulusLength: 2048,
      publicExponent: new Uint8Array([1, 0, 1]),
      hash: "SHA-256",
    },
    true, ["sign"]
  );
}

importPrivateKey(`-----BEGIN PRIVATE KEY----- MIIEpQIBAAKCAQEA0VGOJ0tuqowYbe1X67CWoxZi6WjPwUdbtP5xDh2oV9+tIaAP 8zXNWCxInkXzvLPhQpCUN6gWcoh+x/lAJBoa/HWecpU0DmTeI6RN/foo/ByCkJSZ 4/iEChVd6Djr9YFgRK7RvdMklpwUZ8Axo7db91nN2jv0qh9HZd4n6z7XrU5IJx8z TAR42cQBa1sjqPsngRa1KA78ntOaH6SKqZFjHOs8jWw4fRAC7di9UgBeCckHYbtq zD0dBqOcxh7Zb7HDhVlqgUY8/zHkIFjlVgcU9PKLahh9FW+QhWKzOHuhlMYuCnEI RmhXaZ2dlpcUyN0er6IKIt+4noYLJK0Q5DvYKwIDAQABAoIBAQCip9xuPpjFoM4P BiOPPA8itm+wb0kaKYhjEmHqFTPO7TrNaWNbnFBwlyDrFPK9jY6bOlxjD5Q59kWG wfKM21hjHEc/RSBJmypfyfrtRKr6lnEDRuZ7F5ALgeUSYsFBawLS/IJyHxRMkQbu RJSOYxrtEHT9hB+w31ONHmAo1xGkUkq5SItGKvGnKhHTLA+zjxSb/JDAidIA5ZBN e9IROozgrrZdTnY34r6m/LN1NR/fu+EEaquZXAUdw4S4ubEBZDcmDc9Og7H8ewHY YHCVkhXceRH5hOqBnw6LgzZI2wkfCkyZpSYS5ZC4fL17N1xRKiXaH2RbhhMuc5b8 SWL4kRuxAoGBAPoZAKh2NrfDhO9gLcRhsl7YMSRD1rI6X+hWzA4rd0xD9TBgV0kq 8ROh9qkmByGKCnqt3LeEY90Y7hN/OgRHQXs0Jxx2mLO7GU7T2bx5mZSxUTDt1iqB Z3CmRemcxXlpcu+qL8hqXjFj8vS9OoyqSf7wmJMMupyxSTF49UlZHj7pAoGBANZC LjkgPVHscyxgu+cdWMc8oOqPH4+feUsXfUb3iUvzET9S38ioa9JwWxeBR9CdTZ0a hNDjbNG2QqLbazNQiUsLnZ7JHkjtVBLi89jUSn9KjCnJrCGx5e5szyeUNwjBoSae nmCedUWI7yuGq9yuxW/sIZYeDMku0Yp5X2HAOnnzAoGBAPc0fYUGjCFp/l1J+RMS 6md7VF+fOnki4Cfcm4gqCJp21cWChOSKsI4SWqhpMUVCmAcZEYDIOJmTicf1ytft wtjP/RTSWS/WcTaMir0UiO0Ds9gkTrvm+uLLR3GZh0vyIiypUN/N29sAC2dEH7po nAmFsZowS8iUKF/hSrq8fvv5AoGBALeq+9zUmjxEKWb9dZZlPdltS7RHBJMl7eBF Pos7X2LP9xUFgfiNCADZd/zqQhm+/u2R8hDvJDWRvAXHeln+y/Kc/n1DgsaZS9z0 2HwjX8lGqmiYDQrFaYm9lMck8xh6hB6LEtFYhMca34u8Yk9HMtEC5re9AtDjZZUC /pTZKEepAoGAAZwBp6XUcJs58xvCmyBp7lUbI1X6HXjZowXftjV7Fc6GNuE7cX3Q lukabGaseoqKoS0R+h7l7rHkU8EXTIsvAn+apD1rjHV2sLhaOuTmibadn5EFLNSW eVkAlhUXR0VKKRPYcSJ/zz9SMhOFW5PjXeztnK8QROuzEIYy9o95cak= -----END PRIVATE KEY-----`).catch(error => console.log(error))