terrier989
commented
3 years ago Hi! Thanks for the issue report. I agree that this issue should be fixed. The current API was never assessed with RSA in mind. RSA support was added only because someone requested it in the issue tracker and adding a few Web Crypto API + JWK wrappers didn't take much time. It might be possible to introduce these as non-breaking changes by adding methods to RsaPss / RsaSsaPkcs1v15 or BrowserRsaPss / BrowserRsaSsaPkcs1v15 classes. In any case, I think we should have API v3 at some point that fixes these and other issues in the API design.
There's another popular format for RSA key pairs when interoperating with other systems - PEM - and it's well supported by WebCrypto.
However, this library, when dealing with RSA keyPairs makes the strong assumption that we only ever want to use JWK, and it's nearly impossible to just add support for that other format cleanly, without doing a major refactor.
Also, RSA key pairs can be used for encryption, but, again, this library makes the assumption that we only ever want to use RSA keypairs for signing/verifying and not for encryption. It's in the design, in the sense that you need a SecretKey to encrypt/decrypt (according to the Cipher base class) and the SecretKey base class is not compatible with KeyPair base class.