312279 – Non-extractable X25519 CryptoKey stored in IndexedDB returns null on subsequent read in Safari

NEW312279

Non-extractable X25519 CryptoKey stored in IndexedDB returns null on subsequent read in Safari

https://bugs.webkit.org/show_bug.cgi?id=312279

Summary Non-extractable X25519 CryptoKey stored in IndexedDB returns null on subseque...

lucor

Reported 2026-04-14 09:24:30 PDT

Created attachment 479067 [details] cryptokey-indexeddb-repro.html STEPS TO REPRODUCE: 1. Open the attached HTML file in Safari 2. Observe console output EXPECTED: - crypto.subtle.generateKey() generates a CryptoKey - key is stored in IndexedDB via put() - key is retrieved via get() - loaded key is the same CryptoKey object ACTUAL: After IndexedDB put/get roundtrip, get() returns null for X25519 non-extractable keys. AES-GCM non-extractable keys appear to work correctly. FREQUENCY: 100% reproducible on tested Safari versions. VERSION: Safari 26.4 (macOS 15.4) See also: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.4 Safari/605.1.15 TEST CASE: See attached cryptokey-indexeddb-repro.html

Attachments
cryptokey-indexeddb-repro.html (1.67 KB, text/html) 2026-04-14 09:24 PDT, lucor	no flags	Details
View All Add attachment proposed patch, testcase, etc.

Note You need to log in before you can comment on or make changes to this bug.

Status NEW

Resolution

Priority P2

Severity Normal

Classification Unclassified

Version Safari 26

Hardware Mac (Apple Silicon)

OS macOS 15

Product WebKit

Component Website Storage

Assignee

Nobody

Reported

2026-04-14 09:24 PDT

Modified

2026-04-14 21:31 PDT History

CC List

1 user Show

URL

Keywords

Depends on

Blocks