RSA Public Key re-export results in malformed buffer

Question

RSA Public Key re-export results in malformed buffer

WorldThirteen opened this issue 2 years ago · 2 comments

When @peculiar/webcrypto is used as a crypto engine, RSA public key re-export result is invalid.

Here is a sample code:

import { Crypto } from '@peculiar/webcrypto';

const crypto = new Crypto();

const algorithm = {
  name: 'RSASSA-PKCS1-v1_5',
  hash: 'SHA-256',
  publicExponent: new Uint8Array([1, 0, 1]),
  modulusLength: 2048,
};
const keys = await crypto.subtle.generateKey(algorithm, true, ['sign', 'verify'])

const cryptoKeyBuffer = await crypto.subtle.exportKey('spki', keys.publicKey);
console.log(cryptoKeyBuffer.byteLength); // will log 294

const reImportedKey = await crypto.subtle.importKey('spki', cryptoKeyBuffer, algorithm, true, ['verify']);
const reExportedKey = await crypto.subtle.exportKey('spki', reImportedKey);

console.log(reExportedKey.byteLength); // will log 22, invalid bytelength.

The same code for WebCrypto in browser implementation or WebCrypto in the node will result in a valid re-exported buffer with the same length and ability to import/export countless times.

Answer 1 · 2022-10-20T16:34:14.000Z

I can't reproduce this issue. I've tried to run this scrip using TS and JS implementations. No success.

I need more information about it. OS version, NodeJS version, module and dependencies versions

Answer 2 · 2022-10-20T19:00:08.000Z

I found that my example was invalid (the latest console log should use another variable). I have edited the initial comment.

Environments where it was possible to reproduce:

MacOS 12.6, CPU M1 Pro, Node v16.17.0 (ARM);
MacOS 12.6, CPU IntelCore i7, Node v16.17.0 (ARM);
Docker Image node:16.15.1.

Dependencies tree (cure related to webcrypto)

npm ls @peculiar/webcrypto @peculiar/asn1-schema @peculiar/json-schema pvtsutils tslib webcrypto-core

├─┬ @peculiar/asn1-schema@2.3.0
│ ├─┬ asn1js@3.0.5
│ │ ├── pvtsutils@1.3.2 deduped
│ │ └── tslib@2.4.0 deduped
│ ├── pvtsutils@1.3.2 deduped
│ └── tslib@2.4.0
├─┬ @peculiar/webcrypto@1.1.7
│ ├── @peculiar/asn1-schema@2.3.0 deduped
│ ├─┬ @peculiar/json-schema@1.1.12
│ │ └── tslib@2.2.0
│ ├── pvtsutils@1.3.2 deduped
│ ├── tslib@2.2.0
│ └─┬ webcrypto-core@1.2.0
│   ├── @peculiar/asn1-schema@2.3.0 deduped
│   ├── @peculiar/json-schema@1.1.12 deduped
│   ├── pvtsutils@1.3.2 deduped
│   └── tslib@2.2.0
└── tslib@1.14.1

I've noticed that I have used not the most recent version, so I've updated it to the latest and the issue is gone.
Seems it was a dependency tree issue, but in such a case, I would like to receive an expectation instead of an invalid buffer.

Since the issue is not reproducible with the latest version and clear dependency tree, closing.