Closed klabarge closed 9 years ago
Related: http://stackoverflow.com/questions/31798241/safari-webcrypto-api-rsa-oaep-encryption
Per https://www.theseus.fi/bitstream/handle/10024/92960/Web_Cryptography_API_Luoma-aho.pdf?sequence=1, Apple's API hasn't matured yet, so they're using a different namespace. This should fix it:
// fix safari crypto namespace
if (window.crypto && !window.crypto.subtle && window.crypto.webkitSubtle) {
window.crypto.subtle = window.crypto.webkitSubtle;
}
@klabarge can you re-test now that we've applied https://github.com/qzind/qz.io/commit/daf14d6c8dc53b1fef34fa8987c4eb5d122cffeb
Same error is displayed after the change:
AFAIk, crypto is only supported on Safari 8. Which Safari version are you testing against?
Both versions 5 and 8 still hang on "Generating key pair..."
Right, but the error on 8 is no longer TypeError: 'undefined' is not an object (evaluating 'window.crypto.subtle.generateKey')
, so that portion is fixed now. I'll have to put some more time into this. It appears it's at least getting further now.
Since there are no errors I have the feeling there's some callback or promise not getting returned from JavaScript.
@Lukas-W opinions welcome.
I'm pretty sure this is due to the download never happening, which is sad... Ultimately, downloading a JavaScript generated "Blob" file is unsupported in Safari. We'd have to farm this off to the server currently, which defeats the purpose of a private key.
https://bugs.webkit.org/show_bug.cgi?id=102914#c25
Edit: Probably a short-term solution (while we all wait for Apple to fix this functionality) is to display a warning for Safari being unsupported, or set a timeout value that displays a generic "please try another browser or clear your cache" warning.
@Lukas-W although this is in the wrong repo, I'll still wait for you to chime in before closing this out.
-Tres
@Lukas-W shall we just put a warning for Safari users? It seems Safari doesn't have the blob support which would be required for downloading the client-side private key.
I tested on both of the below versions with the same results.
When trying to generate both the CSR and the key pair, the browser hangs at "Generating key pair" and never completes.
Inspect element shows the error: