Bug 227480 - [WebCrypto] WebKit accepts elliptic curve key whose point is not on the curve
Summary: [WebCrypto] WebKit accepts elliptic curve key whose point is not on the curve
Status: NEW
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebCore Misc. (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Nobody
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2021-06-29 02:48 PDT by Yoshiaki Jitsukawa
Modified: 2021-07-06 02:49 PDT (History)
5 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Yoshiaki Jitsukawa 2021-06-29 02:48:49 PDT 
It might be an implementation-defined behavior but WebKit doesn't throw when importing an elliptic curve key whose point (x, y) is not on the curve.

For example, on Chrome, a DOM exception is thrown with the following code, while not on Safari:

var jwkKey = {
    kty: "EC",
    use: "enc",
    ext: true,
    crv: "P-384",
    x: "1bHwFrsaPRjYq-zFOyLXK8Ugv3EqbVF075ct7ouTl_pwyhjeBu03JHjKTsyVbNWK",
    y: "1bHwFrsaPRjYq-zFOyLXK8Ugv3EqbVF075ct7ouTl_pwyhjeBu03JHjKTsyVbNWK", // (x, y) is not on the P-384 curve
    // y: "OPQLbvRDpocNk4FRQLUVRBbqiauWcnUn7cAC2uSOH6GpSLoTo6B-4LtHq0ydd-iu", // x and this y is on the curve
};
var extractable = true;

crypto.subtle.importKey("jwk", jwkKey, { name: "ECDH", namedCurve: "P-384" }, extractable, [ ]).then(function(result) {
    publicKey = result;
});
Comment 1 Radar WebKit Bug Importer 2021-07-06 02:49:17 PDT 
<rdar://problem/80201774>