Web Crypto API using Microsoft Edge (38.14393.0.0)

Issue #11348074 • Assigned to Divya G.

Details

Author
Florian W.
Created
Mar 21, 2017
Privacy
This issue is public.
Found in
  • Microsoft Edge
Found in build #
38.14393
Reports
Reported by 1 person

Sign in to watch or report this issue.

Steps to reproduce

I am using the Web Crypto API (https://www.w3.org/TR/WebCryptoAPI/) successfully on Chrome (since first Web Crypto support), Firefox (since first Web Crypto support) and even on Safari TP (10.2) with support of a WebCrypto Liner a pollyfill for WebCrypto API (https://github.com/PeculiarVentures/webcrypto-liner).

Now I want to test our code using Microsoft Edge. But encrypting and decrypting a sample ArrayBuffer already fails. Here the code:

var crypto = window.crypto;
if (crypto.subtle) {
    var aesGcmKey = null;
    // always create a new, random iv in production systems!!!
    var tempIv = new Uint8Array([1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16]);
    // needed for edge, if additional data missing decrypting is failing
    var tempAdditionalData = new Uint8Array(0);
    var dataToEncrypt = new Uint8Array([1, 2, 3, 4, 5]);

    // 1.) generate key
    var generateKeyPromise = crypto.subtle.generateKey(
        {name: "AES-GCM", length: 256}, true, ["encrypt", "decrypt"]
    );
    generateKeyPromise.then(function (tempKey) {
        aesGcmKey = tempKey;
        // 2.) start encryption with this key
        var encryptedDataPromise = crypto.subtle.encrypt(
            {name: "AES-GCM", iv: tempIv, additionalData: tempAdditionalData, tagLength: 128},
            aesGcmKey,
            dataToEncrypt
        );
        encryptedDataPromise.then(function (encryptedData) {
            // 3.) decrypt using same key
            var decryptedDataPromise = crypto.subtle.decrypt(
                {name: "AES-GCM", iv: tempIv, additionalData: tempAdditionalData, tagLength: 128},
                aesGcmKey,
                encryptedData
            );
            decryptedDataPromise.then(function (decryptedData) {
                // 4.) compare decrypted array buffer and inital data
                console.log('data decrypted!');
                console.log(decryptedData);
            });
            decryptedDataPromise.catch(function (error) {
                console.log('decrypting sample data failed');
                console.log(error);
            });
        });
        // if 2.) is failing
        encryptedDataPromise.catch(function (error) {
            console.log('encrypting sample data failed');
            console.log(error);
        });
    });
    // if 1.) is failing
    generateKeyPromise.catch(function (error) {
        console.log('creating aec gcm key failed');
        console.log(error);
    });
}

This code is failing in the decrypting phase (step 3. in the code) on Edge, while its working fine on Chrome, Firefox and even Safari. The wired part it that the decryptedDataPromise is rejected with an exception but the returned data doesnt look like an exception at all:

[object Object] {additionalData: Uint8Array {...}, iv: Uint8Array {...}, name: "AES-GCM", tagLength: 128}

Attachments

0 attachments

    Comments and activity

    • Changed Steps to Reproduce

    • Microsoft Edge Team

      Changed Assigned To to “Steven K.”

      Changed Assigned To to “Venkat K.”

      Changed Assigned To from “Venkat K.” to “Divya G.”

    You need to sign in to your Microsoft account to add a comment.

    Sign in