PKI.js is a pure JavaScript library implementing the formats that are used in PKI applications (signing, encryption, certificate requests, OCSP and TSP requests/responses). It is built on WebCrypto (Web Cryptography API) and requires no plug-ins.
This bug doesn't affect me but I found it by chance whilst debugging #334: If you try to decrypt an EnvelopedData that doesn't have a user keying material (UKM) and you're using ECDH, you'd get the following error:
TypeError: Cannot read property 'toBER' of undefined
at LocalConstructedValueBlock.toBER (/home/gus/repos/relaynet-core-js/node_modules/asn1js/src/asn1.js:1247:35)
at Constructed.toBER (/home/gus/repos/relaynet-core-js/node_modules/asn1js/src/asn1.js:931:45)
at LocalConstructedValueBlock.toBER (/home/gus/repos/relaynet-core-js/node_modules/asn1js/src/asn1.js:1247:35)
at Sequence.toBER (/home/gus/repos/relaynet-core-js/node_modules/asn1js/src/asn1.js:931:45)
at /home/gus/repos/relaynet-core-js/node_modules/pkijs/src/EnvelopedData.js:1429:45
at processTicksAndRejections (internal/process/task_queues.js:97:5)
at Object.<anonymous> (/home/gus/repos/relaynet-core-js/src/integration_tests/pkijs_bug.test.ts:59:21)
This bug doesn't affect me but I found it by chance whilst debugging #334: If you try to decrypt an
EnvelopedData
that doesn't have a user keying material (UKM) and you're using ECDH, you'd get the following error:That's because
ukm
is assumed to be present:https://github.com/PeculiarVentures/PKI.js/blob/699ac6e942c279c12e38d4829a44f3fe20040b0a/src/EnvelopedData.js#L953
https://github.com/PeculiarVentures/PKI.js/blob/682ef8d148e03adc4d7fe5ea1a0cdce4294f5e38/src/ECCCMSSharedInfo.js#L187
But it doesn't have to be according to RFC 5753:
Note that
openssl cms -encrypt
doesn't add a UKM, and BouncyCastle would only do it if explicitly set.