Doesn't work on Safari

[Zinggi]

The web app crashes on Safari.
I don't know why and I don't have a mac to investigate.

[ChristophP]

This is what Safari complains about:

[Zinggi]

Ok, so Safari seems to have problems with either RSA-PSS or RSA-OAEP or both (https://github.com/Zinggi/NoKey/blob/master/web/js/setup.js#L77). There might also be more problems down the line.

There is a polyfill that could potentially fix this, but I think using a polyfill for crypto has serious drawbacks: a big performance penalty, possibly faulty or insecure implementation and increased bundle size.
This quote also doesn't inspire a lot of confidence: "We have done no security review or take a position on the security of these third-party libraries. YOU HAVE BEEN WARNED."

So I'm not sure what should be done...

[passiomatic]

I might be missing something but following this post I can use webkitSubtle with Safari 11.1 to generate promise after the generateKey in the console like you did in your code.

> if (window.crypto && !window.crypto.subtle && window.crypto.webkitSubtle) {
    window.crypto.subtle = window.crypto.webkitSubtle;
}
< undefined
> window.crypto.subtle
< SubtleCrypto {encrypt: function, decrypt: function, sign: function, verify: function, digest: function, …}
> window.crypto.subtle.generateKey({
            name: "RSA-OAEP",
            modulusLength: 2048,
            publicExponent: new Uint8Array([0x03]),
            hash: { name: "SHA-256" }
}, true, ["encrypt", "decrypt"]);
< Promise {status: "pending"}

[Zinggi]

You probably have to run the promise, before you see the error. Try:

window.crypto.subtle.generateKey({
            name: "RSA-OAEP",
            modulusLength: 2048,
            publicExponent: new Uint8Array([0x03]),
            hash: { name: "SHA-256" }
}, true, ["encrypt", "decrypt"]).then(
    (key) => { console.log(key) }
).catch(
    (e) => { console.log("error", e); }
);

[passiomatic]

It seems to work:

Promise = $2
result: undefined
status: "resolved"

And when I inspect the object:

[Log] Object

privateKey: CryptoKey {type: "private", extractable: true, algorithm: Object, usages: ["decrypt"]}
publicKey: CryptoKey {type: "public", extractable: true, algorithm: Object, usages: ["encrypt"]}

[Zinggi]

Interesting, can you also try RSA-PSS? If that also works, maybe they fixed it? Are you still getting the same error here?

[passiomatic]

Unfortunately RSA-PSS gives an error. ;( For the record RSA-PSS is not listed in the algo value here: https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/generateKey

[jdmnd]

This issue appears to be related to publicExponent. Using the exponent suggested here (65,537) appears to fix the issue for some reason.

The following code works on Safari 11.1:

crypto.subtle.generateKey({
            name: "RSA-PSS",
            modulusLength: 2048,
            publicExponent: new Uint8Array([0x01, 0x00, 0x01]),
            hash: { name: "SHA-256" },
        }, true, ["sign", "verify"]).then(console.log)

Output:

[Zinggi]

Very strange...
Now I'd need someone to build it locally to try out if this little change would make it work or if there is some other problem then.
I'd also need to know if it's only generateKey that has trouble with that particular exponent or if importing and verifying would also cause problems with that exponent.

[cqupt-yifanwu]

https://developer.mozilla.org/en-US/docs/Web/API/Crypto/subtle#Browser_compatibility

[cqupt-yifanwu]

u can use this polyfill https://github.com/PeculiarVentures/webcrypto-liner