NoKey Doesn't work on Safari

The web app crashes on Safari.
I don't know why and I don't have a mac to investigate.

Apr 30 '18 16:04 Zinggi

This is what Safari complains about:

Jun 12 '18 21:06 ChristophP

Ok, so Safari seems to have problems with either RSA-PSS or RSA-OAEP or both (https://github.com/Zinggi/NoKey/blob/master/web/js/setup.js#L77). There might also be more problems down the line.

There is a polyfill that could potentially fix this, but I think using a polyfill for crypto has serious drawbacks: a big performance penalty, possibly faulty or insecure implementation and increased bundle size.
This quote also doesn't inspire a lot of confidence: "We have done no security review or take a position on the security of these third-party libraries. YOU HAVE BEEN WARNED."

So I'm not sure what should be done...

Jun 13 '18 08:06 Zinggi

I might be missing something but following this post I can use webkitSubtle with Safari 11.1 to generate promise after the generateKey in the console like you did in your code.

> if (window.crypto && !window.crypto.subtle && window.crypto.webkitSubtle) {
    window.crypto.subtle = window.crypto.webkitSubtle;
}
< undefined
> window.crypto.subtle
< SubtleCrypto {encrypt: function, decrypt: function, sign: function, verify: function, digest: function, …}
> window.crypto.subtle.generateKey({
            name: "RSA-OAEP",
            modulusLength: 2048,
            publicExponent: new Uint8Array([0x03]),
            hash: { name: "SHA-256" }
}, true, ["encrypt", "decrypt"]);
< Promise {status: "pending"}

Jun 20 '18 07:06 passiomatic

You probably have to run the promise, before you see the error. Try:

window.crypto.subtle.generateKey({
            name: "RSA-OAEP",
            modulusLength: 2048,
            publicExponent: new Uint8Array([0x03]),
            hash: { name: "SHA-256" }
}, true, ["encrypt", "decrypt"]).then(
    (key) => { console.log(key) }
).catch(
    (e) => { console.log("error", e); }
);

Jun 20 '18 08:06 Zinggi

It seems to work:

Promise = $2
result: undefined
status: "resolved"

And when I inspect the object:

[Log] Object

privateKey: CryptoKey {type: "private", extractable: true, algorithm: Object, usages: ["decrypt"]}
publicKey: CryptoKey {type: "public", extractable: true, algorithm: Object, usages: ["encrypt"]}

Jun 20 '18 08:06 passiomatic

Interesting, can you also try RSA-PSS? If that also works, maybe they fixed it? Are you still getting the same error here?

Jun 20 '18 08:06 Zinggi

Unfortunately RSA-PSS gives an error. ;( For the record RSA-PSS is not listed in the algo value here: https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/generateKey

Jun 20 '18 10:06 passiomatic

This issue appears to be related to publicExponent. Using the exponent suggested here (65,537) appears to fix the issue for some reason.

The following code works on Safari 11.1:

crypto.subtle.generateKey({
            name: "RSA-PSS",
            modulusLength: 2048,
            publicExponent: new Uint8Array([0x01, 0x00, 0x01]),
            hash: { name: "SHA-256" },
        }, true, ["sign", "verify"]).then(console.log)

Output: screen shot 2018-06-20 at 18 15 58

Jun 20 '18 17:06 jdmnd

Very strange...
Now I'd need someone to build it locally to try out if this little change would make it work or if there is some other problem then.
I'd also need to know if it's only generateKey that has trouble with that particular exponent or if importing and verifying would also cause problems with that exponent.

Jun 21 '18 12:06 Zinggi

https://developer.mozilla.org/en-US/docs/Web/API/Crypto/subtle#Browser_compatibility

Dec 25 '19 02:12 cqupt-yifanwu

u can use this polyfill https://github.com/PeculiarVentures/webcrypto-liner

Jan 07 '20 01:01 cqupt-yifanwu