151308 – Not possible to import RSA-OAEP keys with hash: {name: "SHA-256"}

Bug 151308 - Not possible to import RSA-OAEP keys with hash: {name: "SHA-256"}

Summary: Not possible to import RSA-OAEP keys with hash: {name: "SHA-256"}

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebCore Misc. (show other bugs)
Version:	WebKit Nightly Build
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:	InRadar

Depends on:
Blocks:	160894
	Show dependency tree / graph

Reported:	2015-11-16 08:49 PST by Roustem
Modified:	2016-11-10 12:27 PST (History)
CC List:	6 users (show)

See Also:	164446

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Roustem 2015-11-16 08:49:15 PST

When trying to import RSA-OAEP private key with hash parameter == SHA-256, the result uses SHA-1 instead.


IMPORTING KEY:  
Uint8Array [123, 34, 97, 108, 103, 34, 58, 34, 82, 83, …] 
Object
hash: {name: "SHA-256"}
modulusLength: 2048
name: "RSA-OAEP"
publicExponent: Uint8Array [1, 0, 1] 

IMPORTED KEY: 
algorithm: {name: "RSA-OAEP", modulusLength: 2048, publicExponent: Uint8Array [1, 0, 1], hash: {name: "SHA-1"}}
extractable: true
type: "private"
usages: ["decrypt"]

Comment 1 Alexey Proskuryakov 2015-11-16 18:49:15 PST

Yes, the older version of WebCrypto spec that WebKit currently implements didn't take a hash when importing, so SHA-256 here is just ignored. We also don't support the RSA-OAEP-256 JWK algorithm yet.

Comment 2 Radar WebKit Bug Importer 2016-07-12 16:05:36 PDT

<rdar://problem/27311678>

Comment 3 Rob 2016-08-19 12:22:28 PDT

I keep scanning the Safari TP release notes in hopes that I'll see some progress on this. Safari is still unsupported for many 1Password customers who created accounts last year using Chrome or Firefox, which support RSA-OAEP-256.

Comment 4 Jiewen Tan 2016-11-10 12:26:46 PST

The bug is resolved by Bug 164446.