Closed Bug 1918354 Opened 10 months ago Closed 9 months ago

WebCrypto API: `deriveBits` fails with X25519 keys imported in 'jwk' format

Categories

(Core :: DOM: Web Crypto, defect)

Product:
Core
Component:
DOM: Web Crypto
Version:
Firefox 130
Type:
defect

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: larabr+github, Unassigned)

Details

Steps to reproduce:

  1. Import the X25519 test vectors from RFC7748 (https://datatracker.ietf.org/doc/html/rfc7748#section-6.1) using JWK format;
  2. Run deriveBits:
alicePrivateJWK = { kty: 'OKP', crv: 'X25519', x: 'hSDwCYkwp1R0i33ctD73Wg2_Og0mOBr066SpjqqbTmo', ext: true, d: 'dwdtCnMYpX08FsFyUbJmRd9ML4frwJkqsXf7pR25LCo' };
bobPublicJWK = { kty: 'OKP', crv: 'X25519', x: '3p7bfXt9wbTTW2HC7OQ1Nz-DQ8hbeGdNrfx-FG-IK08', ext: true };
alicePrivateKey = await crypto.subtle.importKey('jwk', alicePrivateJWK, 'X25519', true, ['deriveKey', 'deriveBits']);
bobPublicKey = await crypto.subtle.importKey('jwk', bobPublicJWK, 'X25519', true, [])
sharedSecret = new Uint8Array(await crypto.subtle.deriveBits(
          { name: 'X25519', public: bobPublicKey },
          alicePrivateKey,
          256
)); // this throws

Exporting and re-importing the same keys in PKCS#8/SPKI format results in a successful operation:

bobPublicSKPI = await crypto.subtle.exportKey('spki', bobPublicKey) ;
alicePrivatePKCS8 = await crypto.subtle.exportKey('pkcs8', alicePrivateKey);
alicePrivateKey2 = await crypto.subtle.importKey('pkcs8', alicePrivatePKCS8, 'X25519', true, ['deriveKey', 'deriveBits']);
bobPublicKey2 = await crypto.subtle.importKey('spki', bobPublicSKPI, 'X25519', true, []);
sharedSecret2 = new Uint8Array(await crypto.subtle.deriveBits(
          { name: 'X25519', public: bobPublicKey2 },
          alicePrivateKey2,
          256
)); // this succeeds

Actual results:

deriveBits over the JWK imported keys throws: "DOMException: The operation failed for an operation-specific reason".

deriveBits over the PKCS8/SPKI re-imported keys is successful.

Expected results:

deriveBits is successful with the JWK imported keys.

The Bugbug bot thinks this bug should belong to the 'Core::DOM: Web Crypto' component, and is moving the bug to that component. Please correct in case you think the bot is wrong.

Component: Untriaged → DOM: Web Crypto
Product: Firefox → Core
Status: UNCONFIRMED → RESOLVED
Closed: 10 months ago
Duplicate of bug: 1917228
Resolution: --- → DUPLICATE

I still get DOMException: The operation failed for an operation-specific reason for the first code example. Is this really a duplicate?

Flags: needinfo?(anna.weine)

(In reply to Tom S [:evilpie] from comment #3)

I still get DOMException: The operation failed for an operation-specific reason for the first code example. Is this really a duplicate?

Curious, it works for me.
It might be also connected to the bug (https://bugzilla.mozilla.org/show_bug.cgi?id=1920705) than was closed at the same time :)

Flags: needinfo?(anna.weine)

I can confirm it's still not working for me either on v131.0b9 (macOS)

Status: RESOLVED → REOPENED
No longer duplicate of bug: 1917228
Ever confirmed: true
Resolution: DUPLICATE → ---

(In reply to larabr from comment #5)

I can confirm it's still not working for me either on v131.0b9 (macOS)

Are you using Firefox Release or Nightly?

Flags: needinfo?(larabr+github)

Actually, sorry for the confusion. I just checked again, and the first code sample does work on Nightly 2024-09-30 for me. Running moz-regression --find-fix points to https://hg.mozilla.org/integration/autoland/pushloghtml?fromchange=b254963175f3d173232c962d039876f49f3bc7c4&tochange=dcf993cb9bd97cb5484ec144bee75d39ec4f1f04, which includes Bug 1920705.

Great! Let's wait for the reporter answer :)

(In reply to Anna Weine from comment #6)

(In reply to larabr from comment #5)

I can confirm it's still not working for me either on v131.0b9 (macOS)

Are you using Firefox Release or Nightly?

I've downloaded the Beta from https://www.mozilla.org/en-US/firefox/channel/desktop/ .

Flags: needinfo?(larabr+github)

Usually the cycle is the following: the bug is solved; it goes to Nightly, then, in one cycle to Beta (that's what you've downloaded), then to Release.

Do you specifically need to use Beta? If no - the problem is fixed in Nightly, you can download it here (https://www.mozilla.org/en-US/firefox/channel/desktop/). If yes, I could think what I can do...

Flags: needinfo?(larabr+github)

No I don't need it, it just important for us to know which Firefox versions are affected :)

Flags: needinfo?(larabr+github)

So, I think it's solved for 132 version (https://bugzilla.mozilla.org/show_bug.cgi?id=1920705#c12)

Tom, correct me if I am wrong :)

Status: REOPENED → RESOLVED
Closed: 10 months ago9 months ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.