hmac for wasm verifySignature throws exception

Question

hmac for wasm verifySignature throws exception

Closed this issue 6 months ago · 3 comments

        val keyString = "0c60ae04fbb17fe36f4e84631a5b8f3cd6d0cd46e80056bdfec97fd305f764daadef8ae1adc89b203043d7e2af1fb341df0ce5f66dfe3204ec3a9831532a8e4c"
        val key = Cryptography.Instance.hmac.keyDecoder(SHA512).decodeFromByteString(HMAC.Key.Format.RAW, keyString.hexToByteString())
        val signature = "5159e5bcdb6396a4453998ab477028f2103876bd4086855b7b04eb0ca57c3ac262c3fe38414971e53aef5ac094731b629de94afc2f6381d3dc6bec70f58cba73"
        var resultString = "no exception"
        var result = false
        try {
            result = key
                .signatureVerifier()
//                .verifySignature(byteArrayOf(1,2,3), signature.hexToByteArray()) // << this line
                .tryVerifySignature(byteArrayOf(1,2,3), signature.hexToByteArray())
        } catch (e: Exception) {
            resultString = e.message.toString() + "\n" + e::class.qualifiedName
        }

it feels verifySignature calls non-suspend method, thus webcrypto complains. tryVerifySignature is working
The same behavior observed for esdsa.

Answer 1 · 2025-02-15T09:24:26.000Z

AES.kt:

    @SubclassOptInRequired(CryptographyProviderApi::class)
    public interface IvDecryptor : Decryptor {
        @DelicateCryptographyApi
        public suspend fun decryptWithIv(iv: ByteArray, ciphertext: ByteArray): ByteArray {
            return decryptWithIvBlocking(iv, ciphertext)
        }

here we also have limitations for wasm (AES-CBC)

Answer 2 · 2025-02-19T19:15:19.000Z

Hey!
Thanks for pointing on the issue! That's really sad that it's leaked in final release...

Though, as far as I see it's only applicable for SignatureVerifier.verifySignature, while all other operations should work fine, and all of them, including IvDecryptor.decryptWithIv have overrides in WebCrypto.

I will fix those in an upcoming minor release

Answer 3 · 2025-02-20T06:27:27.000Z

Thank you, Oleg for the quick response! I verified all those algorithms across iOS, Jvm, Android ans Wasm, everything is workable. Android uses conscript + custom provider, because Conscript can't find "RSASSA-PSS" it has variances "SHA256withRSA/PSS". Also ECDSA: each decoded key for Android can be represented only as a single instance due to keysotre limitations. for Wasm runCatching is preferable.
SHA256
SHA384
SHA512

HMAC

AES.CBC
AES.CTR

RSA.OAEP

ECDSA

RSA.PSS
RSA.PKCS1

PBKDF2
HKDF

Thank you for your job!