Hacker News new | past | comments | ask | show | jobs | submit login

OH FFS!!!!

Serves me right having ChatGPT add commentary and me not double checking.

This is what it should be:

          const keyPair = await crypto.subtle.generateKey(
            { name: "ECDSA", namedCurve: "P-256" },
            false, // this makes it not extractable
            ["sign", "verify"]
          );
Run that in HTTPS (here if you want) and try to extract the private key - I don't think you can, but could be wrong.



Yeah that does it for new keys generated, any old keys in IDB obviously still are exposed.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: