rmhrisk
commented
7 years ago OpenPGP seems to have a cleaner PKCS1.5 impl - https://github.com/openpgpjs/openpgpjs/blob/c9b20c96e01e030b8c8424d0ca6e76b59e983c21/src/crypto/pkcs1.js
Open rmhrisk opened 7 years ago
rmhrisk
commented
7 years ago OpenPGP seems to have a cleaner PKCS1.5 impl - https://github.com/openpgpjs/openpgpjs/blob/c9b20c96e01e030b8c8424d0ca6e76b59e983c21/src/crypto/pkcs1.js
abgoldberg
commented
7 years ago Is this specifically for signing only, or are there plans to add encryption support (even though it's not in WebCrypto) to support legacy interoperability? Any insight on only having RSA-OAEP in WebCrypto and its implications for interoperating with existing S/MIME implementations?
rmhrisk
commented
7 years ago It already supports RSA OAEP (encryption), this should be enough for that. See https://peculiarventures.github.io/pv-webcrypto-tests/ for what is supported in each of your target UAs.
Most UAs seem to support RSA PKCS1.5, we can add support for it in the JS implementation but until it is clear there is a UA that would require it (possibly IE, for example) we won't do this work. That is what this bug is tracking.
Our decision to use asmcrypto.js means we do not get PKCS#1 1.5 from the third-party library, it seems like we can still accomplish this by padding and them using raw crypto.
Forge has a PKCS 1.5 implementation:
https://github.com/digitalbazaar/forge/blob/5f56c29c4bcd88b7b856ea04e5fd3063ab0f6888/js/rsa.js#L1406-L1472
And asymcrypto.js lets us do raw crypto: https://github.com/vibornoff/asmcrypto.js/blob/master/src/rsa/exports-raw.js
Asmcrypto.js also has a bug open to add support for PKCS1.5, we could try to work with them to get it natively supported.