Bug 156114

Summary: WebCrypto can generate but fails to export RSA-OAEP-256 keys
Product: WebKit Reporter: Roustem <roustem>
Component: WebCore Misc.Assignee: Nobody <webkit-unassigned>
Status: RESOLVED CONFIGURATION CHANGED    
Severity: Normal CC: ap, bfulgham, ddkilzer, jiewen_tan, rob, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: Safari Technology Preview   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on:    
Bug Blocks: 160894    

Description Roustem 2016-04-01 11:18:10 PDT
crypto.webkitSubtle.generateKey({
			name: "RSA-OAEP",
			modulusLength: 2048,
			publicExponent: new Uint8Array([0x01, 0x00, 0x01]),
			hash: {name: "SHA-256"}
		}, true, ["encrypt", "decrypt" ]).then((keypair) => {
			console.log("Generated Key Pair:", keypair);
			return crypto.webkitSubtle.exportKey("jwk", keypair.publicKey);
		}).then((keydata) => {
			console.log("Key Data:", keydata);
		}).catch((error) => {
			console.log("Error: ", error);
		});


The code above should be able log both the newly Generated Key Pair and also log the Key Data.

It successfully generates the key pair:

[Log] Generated Key Pair: – KeyPair {publicKey: Key, privateKey: Key}
KeyPair {publicKey: Key, privateKey: Key}KeyPairprivateKey: Key {type: "private", extractable: true, algorithm: Object, usages: ["decrypt", "encrypt"]}KeypublicKey: Key {type: "public", extractable: true, algorithm: Object, usages: ["decrypt", "encrypt"]}KeyKeyPair Prototype

But not able to export it:

[Log] Error: 
TypeError: Key algorithm and size do not map to any JWK algorithm identifier
exportKey
promiseReactionJob
Comment 1 David Kilzer (:ddkilzer) 2016-04-02 00:36:44 PDT
<rdar://problem/25507292>
Comment 2 Brent Fulgham 2016-04-13 20:09:12 PDT
From the ChangeLog in <http://trac.webkit.org/changeset/159944>:

This is happening because RSA-OAEP in JWK is more limited than general WebCrypto, as JWK only allows SHA-1 as hash.

I'm not sure whether that statement is correct.
Comment 3 Brent Fulgham 2016-04-13 21:22:40 PDT
It looks like we are not up-to-date with http://www.w3.org/TR/WebCryptoAPI/.
Comment 4 Alexey Proskuryakov 2016-04-14 09:12:27 PDT
That statement is probably obsolete, JWK added many new identifiers since then.
Comment 5 Jiewen Tan 2016-11-15 11:11:04 PST
This bug should be resolved by Bug 164722.