🚀 Feature Request — `crypto.subtle.importKey` should support large RSA public exponent

Open thibmeu opened this issue 1 year ago • 1 comments

It would be great if crypto.subtle.importKey would support large RSA public key exponent.

The following worker (playground) highlights the curent error path

addEventListener('fetch', event => {
  event.respondWith(handleRequest(event.request))
})

async function handleRequest(request) {
  try {
    await crypto.subtle.importKey('jwk', {
      "alg": "PS384",
      "e": "K932_NQuz0qCWG0SZbKm97-6NG1Oy2VFbwAb9Mh1OcHS0jXlZCCa-jJWd9li6aYd_bLkcR26K70eFxIIxSY8bZElSeidBcpBewjHUd5wNmubxI9MInQPgsPUT9gEHXYeRC1o0vBUOUPH7hDNfCEC9ijSOiTFDT01oZakoc_XoTc",
      "ext": true,
      "key_ops": [
          "verify"
      ],
      "kty": "RSA",
      "n": "1pMIIPcf5Re_MlnRTUAgmwKlwNPWGZHHMd19o5-NaYIVUuIxjWya2JfmA4h6R26jFiwSBdqayW8C7fMd8Em9VfFCE0wX1DgqDnjidTRfFl--jknNymz1xybFmd054J514PMwozEh5zl25PrLqc-gAcKLfJb4E0-ZgdtnULQ6QXEPUdpCQP4DEGwSrLHnu1PXXsclbaP93QcYuJw2VBD85hvHyZsRX7TDwxgIH6fhtlo3d06OUMlujOKyzGs7NnmCNmor-ZJMS6_bP_XnIiWKtwXHbUPl8fEhuYSBTpjqKyuHJc2byQXAvD11wqjbcKcVMhPDmuNxsrXcHa_LGdb66Q"
    }, {name: 'RSA-PSS', hash: 'SHA-384'}, true, ['verify'])
    return new Response('crypto.subtle.importKey succeded')
  } catch (e) {
    return new Response(`crypto.subtle.importKey failed: ${e.message}`, { status: 500 })
  }
}

This key import works in Node.js v20 and Firefox.

While there might be a performance penalty, the extra CPU usage would be reflected on the worker bill.

The relevant code is https://github.com/cloudflare/workerd/blob/62481a46b09a54ea5bc605deddd29974214aed41/src/workerd/api/crypto-impl-asymmetric.c%2B%2B#L973-L992

May 13 '24 17:05 thibmeu

@irvinebroque @mikenomitch ... this is related to recent discussions around compute limits and crypto operations. We should discuss and figure out how to prioritize.

May 14 '24 21:05 jasnell