crypto.subtle is undefined on React Native

[bunea]

crypto.subtle is undefined here (and everywhere else even later on) on both iOS and Android.

I'm running react-native@0.53.3 and it was created with react-native init. Tried looking around to find some culprit but haven't managed to find anything.

Found the culprit, seems that it doesn't work while remotely debugging. Might have something to do with the code being executed in Chrome.

It seems that msrcrypto runs in a web worker while in remote debugging which causes this to be set to true, which in turn causes this (msrcryptoSubtle) not to be instantiated, ergo undefined everywhere while remotely debugging.

[kevlened]

Good find. It's interesting that remote debugging React Native will run the app's code in the context of a Web Worker.

An MSRCRYPTO_FORCE_SYNC global variable that serves as an alternative to using forceSync seems reasonable, and it minimizes the changes needed to msrCrypto.

[bunea]

If I remember correctly React Native passes the bundle to be executed by Chrome while remotely debugging and msrCrypto tries to run in browser mode so it makes sense that it tries to use Web Workers.

JS execution environment in React Native, more specifically:

When using Chrome debugging, all JavaScript code runs within Chrome itself, communicating with native code via WebSockets.`

I have another little issue, it's more related to documenting the usage in React Native and I can open another issue with it so others can properly search for it. msrCrypto only uses jwt keys and using raw will always throw an error. Haven't had the time to actually try a jwt key yet and most probably will do it on Monday.

[kevlened]

Just running msrCrypto in a browser shouldn't be enough for it to use Web Workers. It should be in a browser and forceSync should be false. I set forceSync to true, so I think the entire bundle is running in a Web Worker. Unless: 1) My forceSync modification isn't changing anything 2) There's some other craziness I'm unaware of in msrCrypto

re: raw - Yeah, there's another mention of this issue in this comment. I think this is one of the limitations I'll need to include with this change, until it includes a raw to jwk converter.

[bunea]

Well that's what I was saying in the issue description, your forceSync does nothing (actually it crashes the app) while remote debugging because crypto.subtle is undefined. It never gets initialized in msrCrypto because it's in the browser, at least that's what I figured out while debugging and trying to find the issue.

[vladikoff]

@bunea does importKey work for you without Chrome attached? It's undefined for me

[bunea]

@vladikoff It worked without Chrome attached (actually no remote debugger should be attached in order to work) but even so I made a fork in which I set runningInWorkerInstance to false so I can use the library. If you want you can use the fork as it will be up for a long while there, you just need to set a resolution option in package.json.

    "resolutions": {
        "msrcrypto": "git+https://github.com/bunea/msrCrypto"
    }

With that option it will work even while remotely debugging.

[vladikoff]

@bunea, ah cool. With the current version i am stuck on:

 { [Error: algorithm]
03-24 17:21:17.677 27464 27498 I ReactNativeJS:   line: 142590,
03-24 17:21:17.677 27464 27498 I ReactNativeJS:   column: 64,
03-24 17:21:17.677 27464 27498 I ReactNativeJS:   sourceURL: 'http://localhost:8081/index.delta?platform=android&dev=true&minify=false' }

No info if algo is supported, will keep digging...

[bunea]

@vladikoff This is the list or algorithms supported by msrCrypto :

Supported Algorithms:

    msrCrypto supports the following algorithms:

        Encryption/Decryption:
            RSA-OAEP, RSA-PKCSv1.15, AES-CBC, AES-GCM

        Signature/Verify
            RSA-PSS, RSA-PKCSv1.15, HMAC, ECDSA

        Hash
            SHA-1, SHA-224, SHA-256, SHA-384, SHA-512

        Derive Key/Bits
            Concat-KDF, ECDH 

        Supported ECC curves:
            P-256, P-384, P-512, BN-254, NUMSP256D1, NUMSP256T1, NUMSP384D1, NUMSP384T1

        KeyWrap
            AES-GCM

[vladikoff]

@bunea ah I am using AES-KW, might need to find a different library then or something

[arolson101]

@bunea's fork works for me. I recommend putting it into the main branch

[biboukat]

@vladikoff did u find solution for AES-KW

[bunea]

@biboukat if you look at the updated compatibility table it looks like it was added.

A128KW	AES Key Wrap with default initial value using 128-bit key
A192KW	AES Key Wrap with default initial value using 192-bit key
A256KW	AES Key Wrap with default initial value using 256-bit key

[kevlened]

Unfortunately anything not listed in @bunea's msrCrypto list above isn't supported. The AES-KW algorithms are listed in the legend, but haven't been tested. The support grid below above the legend shows everything that's tested.

The original issue seems to be fixed, but comment if this is still an issue. Closing for now.