Safari WebCrypto API RSA-OAEP加密

Question

我有以下代码来测试WebCrypto API。它在Firefox和Chrome中工作，我正试图使它在Safari中工作。

 function ab2str(buf) {
      return String.fromCharCode.apply(null, new Uint16Array(buf));
    }

//converts a forge 0.6.x string of bytes to an ArrayBuffer
function str2ab(str) {
  var b = new ArrayBuffer(str.length);
  var view = new Uint8Array(b);
  for(var i = 0; i < str.length; ++i) {
    view[i] = str.charCodeAt(i);
  }
  return b;
}


function _arrayBufferToBase64( buffer ) {
    var binary = '';
    var bytes = new Uint8Array( buffer );
    var len = bytes.byteLength;
    for (var i = 0; i < len; i++) {
        binary += String.fromCharCode( bytes[ i ] );
    }
    return window.btoa( binary );
}

var pubKey;
var privKey;

var s_pubKey="MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5tieEkcDAqAp/baSmNIdg5ezJMcWJX63+hM/DQolgKtw9Dvc0c8GRUqK2r/idZ1iXJzOjWQ3KIFIzmgTRHOKe3aPgJADdZ2vyAqu2woKtsgQ8nTcDYI86dmyfYsHFbgbSn/qeoE8WEzwyT3OoGgn54zoMuQmUmLbGaJYY2XN5bxwqxsRJSoXetBu9o1G9Wy4V1fdxwjRtaO/2FrZfkLp/P5Tc5Hk1Ev7PIPrkRhrl/7lF4JblVRG5m90aeviErvFIN0LdlqiY90UaQY3gyTsylrheTlqRq6yyzKf3dWnF78+CeAqppsOMI+WHURThNLkN56EOTX6TaBrG6f2XjxeqQIDAQAB";

var cripto= window.crypto || window.msCrypto;
var subtle= cripto.subtle || window.crypto.webkitSubtle;

subtle.generateKey(
        {
            name: "RSA-OAEP",
            modulusLength: 2048, //can be 1024, 2048, or 4096
            publicExponent: new Uint8Array([0x01, 0x00, 0x01]),
            hash: {name: "SHA-256"}, //can be "SHA-1", "SHA-256", "SHA-384", or "SHA-512"
        },
        true, //whether the key is extractable (i.e. can be used in exportKey)
        ["encrypt", "decrypt"] //must contain both "encrypt" and "decrypt"
    )
    .then(function(key){
        //returns a keypair object
        //console.log(key);
        //console.log(key.publicKey);
        //console.log(key.privateKey);
        subtle.exportKey(
                "jwk", //can be "jwk" (public or private), "spki" (public only), or "pkcs8" (private only)
                key.publicKey //can be a publicKey or privateKey, as long as extractable was true
            )
            .then(function(keydata){
                //returns the exported key data

                console.log("publicKey:"+_arrayBufferToBase64(keydata));
                subtle.exportKey(
                        "jwk", //can be "jwk" (public or private), "spki" (public only), or "pkcs8" (private only)
                        key.privateKey //can be a publicKey or privateKey, as long as extractable was true
                    )
                    .then(function(keydata){
                        //returns the exported key data

                        console.log("privateKey:"+_arrayBufferToBase64(keydata));
                    });

                subtle.importKey(                       
                        "jwk", //can be "jwk" (public or private), "spki" (public only), or "pkcs8" (private only)
                        keydata,
                        {   //these are the algorithm options
                            name: "RSA-OAEP",
                            hash: {name: "SHA-256"}, //can be "SHA-1", "SHA-256", "SHA-384", or "SHA-512"
                        },
                        false, //whether the key is extractable (i.e. can be used in exportKey)
                        ["encrypt"] //"encrypt" for public key import, "decrypt" for private key imports
                    )
                    .then(function(publicKey){
                        //returns a publicKey (or privateKey if you are importing a private key)
                        console.log(publicKey);

                        subtle.encrypt(
                                {
                                    name: "RSA-OAEP",
                                    //label: Uint8Array([...]) //optional
                                },
                                publicKey, //from generateKey or importKey above
                                str2ab("hola mundo") //ArrayBuffer of data you want to encrypt
                            )
                            .then(function(encrypted){
                                //returns an ArrayBuffer containing the encrypted data
                                //console.log(new Uint8Array(encrypted));
                                console.log("enc: "+_arrayBufferToBase64(encrypted));
                            })
                            .catch(function(err){
                                console.error(err);
                            });
                    })

            })

    })
    .catch(function(err){
        console.error(err);
    });

问题是subtle.encrypt显然没有被执行。console.log和console.error都不被调用。有什么线索吗？前一行"console.log(publicKey);“运行良好。

Answer 1

当前版本的Safari、和WebKit不支持RSA-OAEP-256。它们只支持使用SHA-1的旧RSA-OAEP：

bug.cgi?id=151308

Answer 2

目前，WebCrypto的Safari实现以及边缘实现都存在一些问题。这是复杂的算法支持不同的浏览器。

您可以通过访问：https://peculiarventures.github.io/pv-webcrypto-tests/来探索给定浏览器所支持的内容

考虑到这些差异，我们实现了这个库，它掩盖了许多差异，并添加了一些算法(可选)，以使它们实现互操作：https://github.com/PeculiarVentures/webcrypto-liner/blob/master/BrowserSupport.md

在Safari的情况下，他们只支持RSA的以下内容：

• RSA-OAEP模式:2048发布jwk:3 /w SHA1格式:jwk
• RSA模式:2048发布jwk:65535 /w SHA1格式:jwk

如果您更改:散列：{name："SHA-256"}

to:散列：{name："SHA-1"}

我想这会成功的。

Answer 3

在调用“generateKey”之后，key.publicKey和key.privateKey实际上是CryptoKey对象吗？在我修补Safari的过程中(在iPad上)，它们似乎只是对象.当我叫'exportKey‘时，我会被抛出一个TypeError

附注：不用担心，我用的是'RSASSA-PKCS1-v1_5'，而不是'RSA-OAEP‘。