kevlened / isomorphic-webcrypto

:game_die: webcrypto library for Node, React Native and IE11+
https://www.w3.org/TR/WebCryptoAPI/
MIT License
116 stars 42 forks source link

Problem with importKey method #5

Closed sinewave440hz closed 6 years ago

sinewave440hz commented 6 years ago

Using a modified version of the ejected react native example you kindly supplied, I have this in my constructor:

 crypto.ensureSecure()
    .then(() => {
      const array = new Uint8Array(1);
      crypto.getRandomValues(array);
      this.setState({
        random: array[0]
      });
      this.doCryptoOps()
    });

By this stage it should be 'safe' to call importKey (not before, because it uses getRandomValues()), but the following gives me a RSoD:

  doCryptoOps () {
    crypto.subtle.digest(
      { name: 'SHA-256' },
      new Uint8Array([1,2,3]).buffer
    )
    .then(hash => {
      this.setState({
        hash: hex.fromBuffer(hash)
      });
    });

  crypto.subtle.importKey(
    'raw',
    crypto.getRandomValues(new Uint8Array(16)),
    {
      name: 'PBKDF2',
    },
    false,
    ['deriveKey', 'deriveBits']
  ).then(function(key){
    console.log('key: ', key);
  }).catch(function(err){
    console.error(err);
  });
}

And here is the Red Screen of Death: simulator screen shot - iphone 6 - 2018-03-20 at 14 16 42

My example is derived partly from the need in our own app and partly from the PBKDF2 example in the WebCrypto examples you link to. Any idea what the problem might be?

sinewave440hz commented 6 years ago

Update...getting this in msrcrypto:

'actual:', [ 65, 37, 151, 233, 143, 164, 114, 135, 254, 114, 31, 115, 142, 170, 92, 163 ], ' expected: ', { name: 'keyData', type: 'Object', required: true }. msrcrypto is apparently looking for a key in jwk format.

sinewave440hz commented 6 years ago

So I generated a jwk key for testing purposes and was eventually able to see that PBKDF2 is not supported. This is unfortunate for our case as we are locked into using PBKDF2. So for now it's necessary for me to explore the other option available to us - namely using a hidden web view to get access to window.crypto inside react-native. Unfortunately this makes it hard for me to spend time on a PR at this stage, but I will provide a list of the functions I was hoping to add to the demo project - the ones that we needed: importKey(), exportKey(), exportPrivateKey(), deriveKey(), generateKey(). Hope that's vaguely useful. And of course, if PBKDF2 ever gets supported in msrcrypto, I would definitely prefer this approach.

kevlened commented 6 years ago

No worries. We're unlikely to see any movement on msrcrypto from Microsoft (it's been dormant since 2015), but I'll add a table that shows what's supported in each environment to prevent this sort of trouble in the future. Thanks for digging in.

kevlened commented 5 years ago

Hi from 2019, isomorphic-webcrypto should now work with "PBKDF2" in importKey and deriveBits