RESOLVED FIXED 151308
Not possible to import RSA-OAEP keys with hash: {name: "SHA-256"} 
https://bugs.webkit.org/show_bug.cgi?id=151308
Summary Not possible to import RSA-OAEP keys with hash: {name: "SHA-256"}
Roustem
Reported 2015-11-16 08:49:15 PST
When trying to import RSA-OAEP private key with hash parameter == SHA-256, the result uses SHA-1 instead. IMPORTING KEY: Uint8Array [123, 34, 97, 108, 103, 34, 58, 34, 82, 83, …] Object hash: {name: "SHA-256"} modulusLength: 2048 name: "RSA-OAEP" publicExponent: Uint8Array [1, 0, 1] IMPORTED KEY: algorithm: {name: "RSA-OAEP", modulusLength: 2048, publicExponent: Uint8Array [1, 0, 1], hash: {name: "SHA-1"}} extractable: true type: "private" usages: ["decrypt"]
Attachments
Add attachment proposed patch, testcase, etc.
Alexey Proskuryakov
Comment 1 2015-11-16 18:49:15 PST
Yes, the older version of WebCrypto spec that WebKit currently implements didn't take a hash when importing, so SHA-256 here is just ignored. We also don't support the RSA-OAEP-256 JWK algorithm yet.
Radar WebKit Bug Importer
Comment 2 2016-07-12 16:05:36 PDT
<rdar://problem/27311678>
Rob
Comment 3 2016-08-19 12:22:28 PDT
I keep scanning the Safari TP release notes in hopes that I'll see some progress on this. Safari is still unsupported for many 1Password customers who created accounts last year using Chrome or Firefox, which support RSA-OAEP-256.
Jiewen Tan
Comment 4 2016-11-10 12:26:46 PST
The bug is resolved by Bug 164446.
Note You need to log in before you can comment on or make changes to this bug.