230001 2021-09-07 08:22:22 -0700 SubtleCrypto.exportKey RSA sometimes exports different Private Exponent 2021-09-08 09:11:02 -0700 1 1 1 Unclassified WebKit WebKit Misc. Other iPhone / iPad iOS 14 NEW InRadar P2 Normal --- 1 panva.ip webkit-unassigned ap bfulgham katherine_cheney kevin_neal webkit-bug-importer oldest_to_newest 1791020 0 panva.ip 2021-09-07 08:22:22 -0700 When importing RSA JWKs I'm seeing an issue with export on iOS 14 that did not exist on iOS 12 and iOS 13. I'm experiencing this through real device testing on the BrowserStack platform. The issue is that if re-exported, the exported JWK does not sometimes match the imported one. The snippet below works fine on iOS 12 and 13, but fails on iOS 14 Mobile Safari 14.0.2 (iOS 14.3). ```js const jwk = { kty: "RSA", n: "w1MQU2ERHuPd_BJAJEHqI2UQdcU7qBQn9LrujqDIU1KafLNDK_yrS-ZhlpL9XOO0KZpLa4bEZhJpqiHiqG65uaeIsfS1iU2tqKQ5YBq5MQBcfR330jNAa08t8wAnamPZdEZGZX17MIw7J3fvpbHKSdsyfH6EacCrtmGjUzhXiKwcwG3BH1GRySnFBrsCbOA4WBp5DbP1GurgNcWOsGul2bApK44f0bawQ3RAEgchJFsC_Uz_w7piA9r8Wl9KUJZ5ygvEuTojTQBtyjcngwHFXgHDYzveHh7Q25MaX2EmoEUQUnH_VgOXKoSjtBSWTVW1lo-T7dw3XTiIsJRFWa38mQ", e: "AQAB", d: "JYptdNkPJVS-cZhAY7eXfL4L79a8pI1bMJpNB3S3i-wwbQ83NdkWQzxAPWR69cN9-RECtePtE4EuddiVa7H8WEZu62URDxay7drCfEomldhv7kw4OVpIY1eQiUfaS4RtYv-uwAriBm6tX-SZVstZCeDrTyox4PF7D06syW3mxQmZMTL6IwOLpQiAgijO5Aa2KihufIWbCVaEQ8UOvJ9VXcAJsM4wSHUc55jx5CfwHSlyPjxuWcBACvCB4llY_n_krHbFDAocmUImjpbMWp5y3BmS9wtGlbS_H9_Dl9Efkp6qRdhenOF2Fh9vLhoi19AhPu0ORfHTgjUuN4tLb88IAQ", p: "8kxaQxCH24jb0tZ4gPfvRUJJuD6WNbtBClhdoSE2JmvHM-HtzVCh6aW_ulHLIT82PBMRXTK_lihiUD6NvCSbjMiVEKHT6Jn5-dbSlpp8uj3HmfsACBvLpxMD81Go6Tx7RKb1HNL7yRCLyo8r9buJenGF2H03HJ88HuNoCjAxZ8E", q: "zl6xI19mJupKa0PTRZsy6sZ_2dQnl-KuMVt3-TtZ4LfcSZL1F24HlAkj8tPKGVF6oya-bYRoQ928iZTNV2Gy1VdnjUGb3xeINFzORZmGUGtV5w6ugtLcngYKkfdEfLltq2KX3ZvS--EdkT9iY47kWrTicSf28IyLUolCm62fitk", dp: "TjwbFPZ8d4VMPVqk1De6GWna9dO3mqfYy2dW7BUWL_ey_Wyg5R94-EFdk-KfLSAE-gbKH4aoV-q4O-LGzw4e76lAgHtQOhWlomcb3icJyPTzwyNJklSvQEYii2k9mfm-b59dG66AQB7IlGIANrsUG-YV6p4bsnEz72FMEaYX_cE", dq: "PyeLXh_byxz4GUtwZGTSeDa2-ZqLY1fjpwcu9_7JypN5vqpShxENEKibb7yQpJ7iwPsiW7GhluNMx23aSVuEtvVAo2HoqaUx8ZRVK8eH6yRt7X_4t-B_03xVz8W0F9dHUKOjhhYhwyNpQQH8wisAhyHECo0IbSUVnfSThcDkikE", qi: "DBZc1mfJLCxHgpHyfrlueIVTooOCGBWTSC-C6PBicwjl2eJiQVe9Q3zFShjvv70SJpZ15SBKn06fML9nn9lRvbzQJBP671lUtxF_NfYN7Yl_FLEeADMfV7wBKZ8eIk8BhstzSY3xH_ZNJklYRnSCBZNI_NlSfH2QxSb-JjH6xGA", }; const { subtle } = globalThis.crypto; const cryptoKey = await subtle.importKey('jwk', jwk, { name: 'RSASSA-PKCS1-v1_5', hash: { name: 'SHA-256' } }, true, ['sign']) const reExport = await subtle.exportKey('jwk', cryptoKey) console.log(reExport.d === jwk.d) // expect the keys to match ``` 1791157 1 panva.ip 2021-09-07 12:33:06 -0700 Interestingly enough, when I flip the actual and expected, then I the same bug applies to OS X Safari only in reverse. That being said - for deterministic signatures produced using both JWKs - they both generate the same output. 1791243 2 437563 ap 2021-09-07 15:30:01 -0700 Created attachment 437563 test case Same test case as an attachment. Verified failing on Apple Silicon Mac. I think that we get this value directly from CCRSAGetKeyComponents. Equivalent private exponents obviously exist; I'm not sure if there are any requirements on round-trip fidelity or on using a particular normalized form in any of the specs involved. 1791483 3 webkit-bug-importer 2021-09-08 09:11:02 -0700 <rdar://problem/82875952> 437563 2021-09-07 15:30:01 -0700 2021-09-07 15:30:01 -0700 test case test.html text/html 2079 ap PHNjcmlwdD4KY29uc3QgandrID0gewogIGt0eTogIlJTQSIsCiAgbjogIncxTVFVMkVSSHVQZF9C SkFKRUhxSTJVUWRjVTdxQlFuOUxydWpxRElVMUthZkxOREtfeXJTLVpobHBMOVhPTzBLWnBMYTRi RVpoSnBxaUhpcUc2NXVhZUlzZlMxaVUydHFLUTVZQnE1TVFCY2ZSMzMwak5BYTA4dDh3QW5hbVBa ZEVaR1pYMTdNSXc3SjNmdnBiSEtTZHN5Zkg2RWFjQ3J0bUdqVXpoWGlLd2N3RzNCSDFHUnlTbkZC cnNDYk9BNFdCcDVEYlAxR3VyZ05jV09zR3VsMmJBcEs0NGYwYmF3UTNSQUVnY2hKRnNDX1V6X3c3 cGlBOXI4V2w5S1VKWjV5Z3ZFdVRvalRRQnR5amNuZ3dIRlhnSERZenZlSGg3UTI1TWFYMkVtb0VV UVVuSF9WZ09YS29TanRCU1dUVlcxbG8tVDdkdzNYVGlJc0pSRldhMzhtUSIsCiAgZTogIkFRQUIi LAogIGQ6ICJKWXB0ZE5rUEpWUy1jWmhBWTdlWGZMNEw3OWE4cEkxYk1KcE5CM1MzaS13d2JRODNO ZGtXUXp4QVBXUjY5Y045LVJFQ3RlUHRFNEV1ZGRpVmE3SDhXRVp1NjJVUkR4YXk3ZHJDZkVvbWxk aHY3a3c0T1ZwSVkxZVFpVWZhUzRSdFl2LXV3QXJpQm02dFgtU1pWc3RaQ2VEclR5b3g0UEY3RDA2 c3lXM214UW1aTVRMNkl3T0xwUWlBZ2lqTzVBYTJLaWh1ZklXYkNWYUVROFVPdko5VlhjQUpzTTR3 U0hVYzU1ang1Q2Z3SFNseVBqeHVXY0JBQ3ZDQjRsbFlfbl9rckhiRkRBb2NtVUltanBiTVdwNXkz Qm1TOXd0R2xiU19IOV9EbDlFZmtwNnFSZGhlbk9GMkZoOXZMaG9pMTlBaFB1ME9SZkhUZ2pVdU40 dExiODhJQVEiLAogIHA6ICI4a3hhUXhDSDI0amIwdFo0Z1BmdlJVSkp1RDZXTmJ0QkNsaGRvU0Uy Sm12SE0tSHR6VkNoNmFXX3VsSExJVDgyUEJNUlhUS19saWhpVUQ2TnZDU2JqTWlWRUtIVDZKbjUt ZGJTbHBwOHVqM0htZnNBQ0J2THB4TUQ4MUdvNlR4N1JLYjFITkw3eVJDTHlvOHI5YnVKZW5HRjJI MDNISjg4SHVOb0NqQXhaOEUiLAogIHE6ICJ6bDZ4STE5bUp1cEthMFBUUlpzeTZzWl8yZFFubC1L dU1WdDMtVHRaNExmY1NaTDFGMjRIbEFrajh0UEtHVkY2b3lhLWJZUm9ROTI4aVpUTlYyR3kxVmRu alVHYjN4ZUlORnpPUlptR1VHdFY1dzZ1Z3RMY25nWUtrZmRFZkxsdHEyS1gzWnZTLS1FZGtUOWlZ NDdrV3JUaWNTZjI4SXlMVW9sQ202MmZpdGsiLAogIGRwOiAiVGp3YkZQWjhkNFZNUFZxazFEZTZH V25hOWRPM21xZll5MmRXN0JVV0xfZXlfV3lnNVI5NC1FRmRrLUtmTFNBRS1nYktINGFvVi1xNE8t TEd6dzRlNzZsQWdIdFFPaFdsb21jYjNpY0p5UFR6d3lOSmtsU3ZRRVlpaTJrOW1mbS1iNTlkRzY2 QVFCN0lsR0lBTnJzVUctWVY2cDRic25FejcyRk1FYVlYX2NFIiwKICBkcTogIlB5ZUxYaF9ieXh6 NEdVdHdaR1RTZURhMi1acUxZMWZqcHdjdTlfN0p5cE41dnFwU2h4RU5FS2liYjd5UXBKN2l3UHNp VzdHaGx1Tk14MjNhU1Z1RXR2VkFvMkhvcWFVeDhaUlZLOGVINnlSdDdYXzR0LUJfMDN4Vno4VzBG OWRIVUtPamhoWWh3eU5wUVFIOHdpc0FoeUhFQ28wSWJTVVZuZlNUaGNEa2lrRSIsCiAgcWk6ICJE QlpjMW1mSkxDeEhncEh5ZnJsdWVJVlRvb09DR0JXVFNDLUM2UEJpY3dqbDJlSmlRVmU5UTN6RlNo anZ2NzBTSnBaMTVTQktuMDZmTUw5bm45bFJ2YnpRSkJQNjcxbFV0eEZfTmZZTjdZbF9GTEVlQURN ZlY3d0JLWjhlSWs4QmhzdHpTWTN4SF9aTkprbFlSblNDQlpOSV9ObFNmSDJReFNiLUpqSDZ4R0Ei LAp9OwoKYXN5bmMgZnVuY3Rpb24gdGVzdCgpCnsKICAgIGNvbnN0IHsgc3VidGxlIH0gPSBnbG9i YWxUaGlzLmNyeXB0bzsKICAgIGNvbnN0IGNyeXB0b0tleSA9IGF3YWl0IHN1YnRsZS5pbXBvcnRL ZXkoJ2p3aycsIGp3aywgeyBuYW1lOiAnUlNBU1NBLVBLQ1MxLXYxXzUnLCBoYXNoOiB7IG5hbWU6 ICdTSEEtMjU2JyB9IH0sIHRydWUsIFsnc2lnbiddKQoKICAgIGNvbnN0IHJlRXhwb3J0ID0gYXdh aXQgc3VidGxlLmV4cG9ydEtleSgnandrJywgY3J5cHRvS2V5KQoKICAgIGNvbnNvbGUubG9nKHJl RXhwb3J0LmQpOwogICAgY29uc29sZS5sb2cocmVFeHBvcnQuZCA9PT0gandrLmQpIC8vIGV4cGVj dCB0aGUga2V5cyB0byBtYXRjaAp9Cgp0ZXN0KCk7Cgo8L3NjcmlwdD4KPHA+UGxlYXNlIGNoZWNr IEpTIGNvbnNvbGUgZm9yIHJlc3VsdHM8L3A+