Bug 156114 - WebCrypto can generate but fails to export RSA-OAEP-256 keys
Summary: WebCrypto can generate but fails to export RSA-OAEP-256 keys
Status: RESOLVED CONFIGURATION CHANGED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebCore Misc. (show other bugs)
Version: Safari Technology Preview
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Nobody
URL:
Keywords: InRadar
Depends on:
Blocks: 160894
  Show dependency treegraph
 
Reported: 2016-04-01 11:18 PDT by Roustem
Modified: 2016-11-15 11:11 PST (History)
6 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Roustem 2016-04-01 11:18:10 PDT
crypto.webkitSubtle.generateKey({
			name: "RSA-OAEP",
			modulusLength: 2048,
			publicExponent: new Uint8Array([0x01, 0x00, 0x01]),
			hash: {name: "SHA-256"}
		}, true, ["encrypt", "decrypt" ]).then((keypair) => {
			console.log("Generated Key Pair:", keypair);
			return crypto.webkitSubtle.exportKey("jwk", keypair.publicKey);
		}).then((keydata) => {
			console.log("Key Data:", keydata);
		}).catch((error) => {
			console.log("Error: ", error);
		});


The code above should be able log both the newly Generated Key Pair and also log the Key Data.

It successfully generates the key pair:

[Log] Generated Key Pair: – KeyPair {publicKey: Key, privateKey: Key}
KeyPair {publicKey: Key, privateKey: Key}KeyPairprivateKey: Key {type: "private", extractable: true, algorithm: Object, usages: ["decrypt", "encrypt"]}KeypublicKey: Key {type: "public", extractable: true, algorithm: Object, usages: ["decrypt", "encrypt"]}KeyKeyPair Prototype

But not able to export it:

[Log] Error: 
TypeError: Key algorithm and size do not map to any JWK algorithm identifier
exportKey
promiseReactionJob
Comment 1 David Kilzer (:ddkilzer) 2016-04-02 00:36:44 PDT
<rdar://problem/25507292>
Comment 2 Brent Fulgham 2016-04-13 20:09:12 PDT
From the ChangeLog in <http://trac.webkit.org/changeset/159944>:

This is happening because RSA-OAEP in JWK is more limited than general WebCrypto, as JWK only allows SHA-1 as hash.

I'm not sure whether that statement is correct.
Comment 3 Brent Fulgham 2016-04-13 21:22:40 PDT
It looks like we are not up-to-date with http://www.w3.org/TR/WebCryptoAPI/.
Comment 4 Alexey Proskuryakov 2016-04-14 09:12:27 PDT
That statement is probably obsolete, JWK added many new identifiers since then.
Comment 5 Jiewen Tan 2016-11-15 11:11:04 PST
This bug should be resolved by Bug 164722.