Bug 240134 - Error occurs on second call of button onClick callback when crypto.subtle.digest() is called before navigator.credentials.get() using security key
Summary: Error occurs on second call of button onClick callback when crypto.subtle.dig...
Status: RESOLVED CONFIGURATION CHANGED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebKit Misc. (show other bugs)
Version: Safari 15
Hardware: iPhone / iPad iOS 15
: P2 Major
Assignee: Nobody
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2022-05-05 12:35 PDT by tommy
Modified: 2022-06-23 16:52 PDT (History)
5 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description tommy 2022-05-05 12:35:22 PDT
When window.crypto.subtle.digest() is called before window.navigator.credentials.get(), the first time will not error but calling it a second time will.

The code below shows how to reproduce.


const getBtn = document.getElementById("get");
getBtn.addEventListener("click", async () => {
  try {
    /*
      remove the call to crypto.suble.digest and it will work without error
    */
    const digest = await window.crypto.subtle.digest(
      "SHA-512",
      CHALLENGE_BUFFER,
    )
    let credential = (await window.navigator.credentials.get({
      publicKey: {
        challenge: CHALLENGE_BUFFER,
        timeout: 30000,
        userVerification: "discouraged",
        allowCredentials: [
          {
            transports: ["nfc", "usb"],
            id: credentialId,
            type: "public-key",
          },
        ],
      },
    }))
    console.log({credential})
  } catch (e) {
    alert(`error ${e.message}`)
  }
})
Comment 1 Radar WebKit Bug Importer 2022-05-05 15:06:44 PDT
<rdar://problem/92822521>
Comment 2 Brent Fulgham 2022-06-23 16:52:11 PDT
Does not reproduce on Trunk.