196181 2019-03-23 16:22:20 -0700 crypto.subtle.importKey fails for for RSA keys with p < q 2022-02-12 22:48:44 -0800 1 1 1 Unclassified WebKit WebKit Misc. Safari 12 All All RESOLVED WONTFIX InRadar P2 Major --- 1 webkit-bugzilla webkit-unassigned bfulgham jiewen_tan webkit-bug-importer oldest_to_newest 1520640 0 webkit-bugzilla 2019-03-23 16:22:20 -0700 In Safari 12 crypto.subtle.importKey fails for RSA keys with p < q. Although generating such keys is against conventions and the efficiency of the CRT application, it is not invalid. Microsoft Edge generates such keys in ~50% of the time. This is a very inconvenient issue for web applications relying on RSA cryptography used in a cross-browser environment. Example good key (with p > q, importKey succeeds in Safari): const goodKey = { n: "wOwKgOpYOpKmVUd8XAleZcgzGx_ZFrWpc39jn3DCUwOVbV0OXp-W4srTcyCFExfhjCNd7r8gZpQ4KvutkkWXGXE3WzxhwMUD3CZrG31bW84Q5cEXo7GerRDmf5MwVJl0AOLdQHIHmrPRzxB5pAknuGwrb6ckmVj0_RVWl6yU2u75XXWAwcuAPUNkeqtpMtASU9LRsNV24VjNsEFPb9bWxgc5iB8rzzE4Z5SiDKiV6mV49kG9RUxmqC9SrIw45JEGTlFDk5UVkq6jHa2k3KwcEjFqP4eMgyHKkpBSuLfx-Rm2LH9oU8v-o75yx_Q7dOsynVv1BtZ3oFqULx2QNL8raQ", e: "AQAB", d: "DAitPw1fI4gyR--FmlgbQ04RogeCiyAZydKQbEmkVXlLwN6lHtHln4_3UJ8ereo3b35lRZc2di-YsVWxpgYhPr0JLu-9SUEA1KKw264eHMPl2e8JgnR56WG8fwi3Yw-PZN7B3ls-ji_ZTolAjTLk_2P_8Z8DcW1TGtZR6HQjdOSHfywpBjSfoj0JZwvJQpgsuSTVdRqs6BdHYThCK-3JLT1xpEPV7P1gH4gUjvj9OaSwEN5682heUZMmrvSR0-7CScMt7T7KhhzlL868v5cjRMe4k5lh8llST9Ze5GKy9WJZslarDeGOSLkOKIpQKekfTcPT0r4GCbKbNa6ZRU1RYQ", p: "4XiAqMzTmP_aPAD7xrugwtuxJQgrx8gWKIfwLcI4zPww1Ve714vdSMiBpc0h-sdP9dt1Vab9GJx_aIn-PF5rdEQ2LLZsT4-E3T0ew80n5mj0UkVpiZaNBn6gJyMOMZ0sGPBXuhhhukoIoCKQaLi6w4aiiNMbcSRnU6h6KqfeW7c", q: "2wtNgSO06FAnzYrlOFwKyB9cYGOE_JO86sMkVQRKDhuVVY26XLpaoSlU275tS1EN4_JPbAJMMN4BjtMyQiDpkID_DdHXoSJCnYEgYOozX394X-j2FjqHctjHq6maQxv4sXtBZM3pwXPNcFq28QfBpEMdhNbvFAcuj6mX8JP68d8", dp: "ypiEwyiJWYlMh246zi_6HB1b53KYJEPd5T2Ayx0h_M7-8jSLTPsYMzY3iMvyJGzDpJ81p2kNMvgsY7ra_1O4KhjAtRyV5keHk2RAKKBHofncz7AfTMpCnftZ3NDbCCm6Xg5YRZdy-PldFsb4C6Ex8E8h7OAEYH3deoaAf6OnYbE", dq: "jmsr6mI_9qhfKMo9PUbDD9ksI9OxHNQmCfH1Rn2ydLfEgcrTuATGdnC8JuAKieTahjH_J7fauA8wrh9tVwe1NOpaay7b532yGFxjo__ChT4JEzsR_ePyO17tfBSbIzUlnqgIHbWwXcKgeYPR3KdxZQ7qO3vQGJKO2IOpMZfVmrs", qi: "ISX6LmvGioKbqgek9vy85DyFEdd_2Xksxg1MBcIOOlaCEydqShgZ2DtQ-ORHGk2D7apH44NvicPfPrAUS5Cbdo1xFnjgQT6LGAzqzQ7Y01SSxFQJIUXWaEGj5m8LVa8xa8PE6plGsIGCX9RL5aQDssc4CYn8YuDacsHca_--JUY", kty: "RSA" }; crypto.subtle .importKey( "jwk", goodKey, { name: "RSA-OAEP", hash: { name: "SHA-1" } }, false, ["decrypt"] ) .then(() => console.log("goodKey success")) .catch(() => console.log("goodKey error")); Example bad key (with p < q, importKey fails in Safari): const badKey = { n: "0ZsZ2wOsJfDReOnhGvv2aphndsGYem9-L9hf4ALARZTfePkZbUQwk_z97HnA1UhBz-70kf1kTRPsO1MEtlFh2l2YVhZP6TQ13mKQpwMNoqN8E3BchvZQvSX-GhR1NxHOgFPvEF9q98ruXOvzhz4LCFgMR2SyGQopUPPpEiMsWO91YUyTwsw02gW_l5BcBis0r1xT3I0V9KEs8DMvBfOqnLeQLwzJ7lCXS-_uirTUyfe_VfMuVMIXDuAdVkcQR8YYm44ySmC-N5e2tmBNT8xc6dRizydS_t1cXh-D3TLw_w17USNNNveeem3jMGMf0ky0ZAbEPihwx5Vnl9SZd9PDfQ", e: "AQAB", d: "GNWssZN00SYAW7gyULUr1CNsltiHTXJqXBbh_TO2PkhOVhIFnjmnG9Gs8FjYrSybh5yDY8zHFo7WvYyvkT6BPpM6WnDYVQQ3obrB8tfcxLlkGRWGEQOcO10GB2cHIFg-xFuthp4XmXZ02ZOnTg3e1sU_5zGaHHdkv8-2fMyoE31MzBGRp6XCvmFhCemIvelymKbLDAkYL6TfBwgszh8C_JCqOeQgA07ht4gCGk_mH2TN91yOrbE5NNfI1yGptB92E_XxoA_v-IDD3hTFBwfuOv4ZyDpRmDYTOJcDwiozStnxTs2301sDAcIXswCsQ-0srsi61mt5APBJepM8PMGX7Q", p: "2yyXrox5xygc5mSXzwTZ3hjGOqcN43WQR_ZTNsk8CpjlbL23dAgs2_obnq0Ch05OxN7NPs9zBm2OZx6sWuZ13rCssUzhWzMwfY8O82RNSeW_gZP1ertbhgqR6K9H1RN_xxx7PqdcxIB8Kykxxf7d4mF-LR_DDXwHyXDCMNXou-8", q: "9NLxbz5zlPSqp_e1LLj6jGwkoYoF9wenAreAsjxDAxlcWVxalKgYr7vuTZ0UCi9Ou1u78NTMi9TAEU_RzeH72nW-RjUQWRRFDkRGqnfpDylCUViZZ49g4zHzVdc-5lg-JVQsZ4pV1ija4726D-yB45VchiKSo7whgB93Mw8de1M", dp: "gElhnzFqNkAsak6G7Q2R2IX3wWz2nCS8BuMPYgn3stw7raJ-NtRyLW__qqjpyfjz8hfXWuRiF2kY6RLzH2G1rFsNOdoeLhuQTm3l-mDDPHXV2iqYjPYNZC_bp66xBO8c45awLMQZcIskIr9B-vprNY6LJC5rJQFsLWRqxdrvFtE", dq: "xqXCMLlDn0FGlzNuVfNhmD7HGiub22ziHlo2mmg7F3Ckdf1xod0i6rRaD6-8aucnwu4T-L0xmuPtVB6n5Z3PdNrEoMK9mQnRXloX3ImfGSYpIUf6cQTtYGtPPf-AkfZXtoIt5XVhYHuV3-Q57GHCop62jD_RK_miVQsy9ML28PE", qi: "KcfzhX3UaSnJfeMg1rG5UBw6y9SG7WM78jmjaaGB4y9tfhiYXska8mG3yh2ahnia8qUDh5y3ZQ8iSD6Cnk2yPql0XxnTb-HBv5SKL2kESGd5PawaET5qABrGkHN4P-bNlWYDQF_VjL-9DxZB6sPgIsTNSaqjGeFCX8Cvqj57KXk", kty: "RSA" }; crypto.subtle .importKey( "jwk", badKey, { name: "RSA-OAEP", hash: { name: "SHA-1" } }, false, ["decrypt"] ) .then(() => console.log("badKey success")) .catch(() => console.log("badKey error")); Running the above two in Safari, I get: goodKey success badKey error The symmetric Microsoft Edge bug I submitted: https://developer.microsoft.com/en-us/microsoft-edge/platform/issues/20950190/ Please sort this out in a way that makes the two browsers compatible in this matter. 1521015 1 webkit-bug-importer 2019-03-25 14:21:00 -0700 <rdar://problem/49228962> 1521027 2 jiewen_tan 2019-03-25 14:28:59 -0700 CommonCrypto is investigating this bug. CommonCrypto is the crypto services WebKit's WebCrypto API calls. 1840951 3 bfulgham 2022-02-12 22:48:44 -0800 Note: This implementation is in a different OS component, which has this fix now. No WebKit Changes will be made for this issue.