CMS包裹的数据二进制编码问题在PKIJS中

发布于 2025-01-23 12:39:59 字数 868 浏览 3 评论 0原文

我正在尝试使用PKIJS库来实施CMS加密内容的交换。基本上，我刚刚从这里复制了示例： https://pkijs.org/pkijs.orgs.org/exmples/cmsenvelodevelvevedexample.htmamplecampledexample.htmll

在这里加密的摘录

cmsEnveloped.addRecipientByCertificate(certSimpl, {  oaepHashAlgorithm: oaepHashAlg });

return cmsEnveloped.encrypt(encAlg, valueBuffer).then(() => {
  var cmsContentSimpl = new ContentInfo();
  cmsContentSimpl.contentType = "1.2.840.113549.1.7.3";
  cmsContentSimpl.content = cmsEnveloped.toSchema();
  cmsEnvelopedBuffer = cmsContentSimpl.toSchema().toBER(false);

是有问题的部分是用.tober（false）对ASN的二进制编码。如果ValueBuffer不太小，则非常慢，〜13Sek对于1 MB。我的问题是：为什么这么慢？我可以用不同的方式对其进行编码，例如tojson（），然后stringtoArrayBuffer？有任何安全问题吗？

原文

I'm trying trying to implement exchange of CMS encrypted content using the pkijs library.
Basically I've just copied the example from here: https://pkijs.org/examples/CMSEnvelopedExample.html

here the excerpt for encryption

cmsEnveloped.addRecipientByCertificate(certSimpl, {  oaepHashAlgorithm: oaepHashAlg });

return cmsEnveloped.encrypt(encAlg, valueBuffer).then(() => {
  var cmsContentSimpl = new ContentInfo();
  cmsContentSimpl.contentType = "1.2.840.113549.1.7.3";
  cmsContentSimpl.content = cmsEnveloped.toSchema();
  cmsEnvelopedBuffer = cmsContentSimpl.toSchema().toBER(false);

The problematic part is the binary encoding of the asn.1 schema with .toBER(false).
If the valueBuffer is not extremely small it is very slow ~13sek for 1 Mb.
My question are: why is this so slow? and could I just encode it differently e.g. toJSON()and then stringToArrayBuffer? Are there any security concerns?

分享到QQ

分享到微博