Summary: | Cannot store CryptoKey to IndexedDB in ServiceWorker | ||
---|---|---|---|
Product: | WebKit | Reporter: | Stefan Sechelmann <stefan> |
Component: | Service Workers | Assignee: | Nitin Mahendru <nitinmahendru> |
Status: | RESOLVED FIXED | ||
Severity: | Normal | CC: | beidson, bfulgham, cdumez, jdknezek+webkit-bugzilla, jiewen_tan, joliccin, katherine_cheney, sihui_liu, webkit-bug-importer |
Priority: | P2 | Keywords: | InRadar |
Version: | Safari Technology Preview | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
URL: | https://embed.plnkr.co/9BWkuIAmxX2EITOWI2yR/ | ||
See Also: |
https://bugs.webkit.org/show_bug.cgi?id=174541 https://bugs.webkit.org/show_bug.cgi?id=177350 |
Description
Stefan Sechelmann
2018-02-27 11:52:14 PST
Sounds like we do not support cloning / serializing CryptoKey objects. Likely not truly an IDB issue. Jiewen should probably take a look. In particular, I suspect we did not implement this part of the spec: https://www.w3.org/TR/WebCryptoAPI/#cryptokey-interface-clone The test URL does not seem to work for me. I see it installing a service worker (not sure what this bug has to do with service workers). If I inspect the service worker, I see there is code using IndexedDB but it is not executed. We do support storing CryptoKey into IndexedDB. However, due to some legacy reasons, we wrap the objects before storing them into IndexedDB. Here is file: See SerializedCryptoKeyWrap.h. For any new implementations, I recommend we don't wrap CryptoKeys anymore. Since the wrapping APIs will be called in SerializedScriptValue.h, failing to implement those would fail IndexedDB interactions. An example to circumvent that is to implement dummy APIs, see SerializedCryptoKeyWrapGCrypt.cpp. I am not sure if ServiceWorker needs to implement this dummy APIs though. The error occurs in service workers only. The example stores a set of objects including a WebCrypto key upon fetch. Please edit the source in the test to trigger the fetch. (and the error) I also am running into this issue. It is not specific to IndexedDB as noted. It occurs with postMessage as well, so it is indeed related to the structured clone algorithm from within the Service Worker Global Scope context. I am able to use the structured clone algorithm for CryptoKeys within the Window context, but not within the ServiceWorkerGlobalScope context. You can get the same exception by trying to `postMessage` to a `Client` object from the service worker the `CryptoKey`. And you will get the same 'DataClone' error. But a `postMessage` on the `window` object via `window.navigator.serviceWorker.controller.postMessage` will not throw the exception. In this case the structured clone succeeds. I can prepare a Plunkr soon. I am hypothesizing that a workaround would be for the service worker to only perform `read` operations into IndexedDB for the CryptoKey, and all write operations will have to happen on the Main thread. Here is a Plunk with a Repro: https://embed.plnkr.co/s2I0U0/ Is it possible that SerializedScriptValue.h for CryptoKey objects runs a different implementation when in the main thread vs. Service Worker thread context? We are encountering this bug when trying to postMessage a CryptoKey between a window and service worker. A gist with a simple reproduction is available here: https://gist.github.com/jknezek-locktera/f355371af152b4469772ded0f20de314 Has there been any movement on this since... 2018? Pull request: https://github.com/WebKit/WebKit/pull/25342 Committed 276088@main (51ae1a6d501e): <https://commits.webkit.org/276088@main> Reviewed commits have been landed. Closing PR #25342 and removing active labels. Re-opening for pull request https://github.com/WebKit/WebKit/pull/25871 Committed 276197@main (fdb77ba046f0): <https://commits.webkit.org/276197@main> Reviewed commits have been landed. Closing PR #25871 and removing active labels. |