Copy pasta from stack overflow:
https://stackoverflow.com/questions/62211529/error-on-importing-a-public-key-subtlecrypto-the-provided-value-cannot-be-con
Can SubtleCrypto.verify() use a digest instead of the original message?
Asked 3 years, 1 month ago
Modified 3 years, 1 month ago
Viewed 109 times
0
https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/verify
Algorithms like ES224, ES256, ES384, and ES512 are designed for use with digests, however, Javascript does not appear to support this design and instead requires the full original message. Existing applications may require this feature and idiomatically use these algorithms as intentionally permitted by design.
Also, this is a problem for performance. For example, a digest may represent a 1 GB file and verifying a 256 bit digest is better for performance than re-hashing a 1 GB file.
Go and other languages use digests for verification. This expectation is not outside of industry norms.
Is there a work around the SubtleCrypto restriction of requiring the full original message, without resorting to an external library like noble-curves?
[javascript](https://stackoverflow.com/questions/tagged/javascript)[cryptography](https://stackoverflow.com/questions/tagged/cryptography)[subtlecrypto](https://stackoverflow.com/questions/tagged/subtlecrypto)
Share
Edit
Close
Delete
Flag
edited Jan 4, 2023 at 19:15
asked Jan 4, 2023 at 16:05
Zamicol's user avatar
Zamicol
5,12811 gold badge4242 silver badges4646 bronze badges
I'm sure SubtleCrypto not only does use digests but make them mandatory. Every one of the algorithms specified "digests" the data before applying the underlying signature primitive. –
[President James K. Polk](https://stackoverflow.com/users/238704/president-james-k-polk)
Commented Jan 4, 2023 at 17:46
Add a comment
Start a bounty
1 Answer
Sorted by:
Reset to default
0
No. SubtleCrypto does not allow digests to be used, so you have to use an external library like noble-curves.
Copy pasta from stack overflow:
https://stackoverflow.com/questions/62211529/error-on-importing-a-public-key-subtlecrypto-the-provided-value-cannot-be-con
Can SubtleCrypto.verify() use a digest instead of the original message?
Asked 3 years, 1 month ago
Modified 3 years, 1 month ago
Viewed 109 times
0
https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/verify
Algorithms like ES224, ES256, ES384, and ES512 are designed for use with digests, however, Javascript does not appear to support this design and instead requires the full original message. Existing applications may require this feature and idiomatically use these algorithms as intentionally permitted by design.
Also, this is a problem for performance. For example, a digest may represent a 1 GB file and verifying a 256 bit digest is better for performance than re-hashing a 1 GB file.
Go and other languages use digests for verification. This expectation is not outside of industry norms.
Is there a work around the SubtleCrypto restriction of requiring the full original message, without resorting to an external library like noble-curves?
Share
Edit
Close
Delete
Flag
edited Jan 4, 2023 at 19:15
asked Jan 4, 2023 at 16:05
Zamicol's user avatar
Zamicol
5,12811 gold badge4242 silver badges4646 bronze badges
Add a comment
Start a bounty
1 Answer
Sorted by:
Reset to default
0
No. SubtleCrypto does not allow digests to be used, so you have to use an external library like noble-curves.