[Webkit-unassigned] [Bug 211777] New: SubtleCrypto.decrypt() - Decrypting with wrong AES-CBC key succeeds instead throwing an error
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue May 12 04:38:46 PDT 2020
https://bugs.webkit.org/show_bug.cgi?id=211777
Bug ID: 211777
Summary: SubtleCrypto.decrypt() - Decrypting with wrong AES-CBC
key succeeds instead throwing an error
Product: WebKit
Version: Safari 13
Hardware: Macintosh
OS: macOS 10.15
Status: NEW
Severity: Critical
Priority: P2
Component: JavaScriptCore
Assignee: webkit-unassigned at lists.webkit.org
Reporter: pavel.bednar at tescosw.cz
Created attachment 399118
--> https://bugs.webkit.org/attachment.cgi?id=399118&action=review
repro sample
We are developing a bussiness app utilizing Web Crypto API. When user tryies to decrypt data with wrong key, SubtleCrypto.decrypt() should throw an error regarding to https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/decrypt.
In Safari instead of an error it succeed and returns some mismatched data. This is serious bug since we do not have any means to detect unsuccessfull decryption
Same test case in Chrome throws an error, also using another algorithm e.g. AES-CGM in safari also throw errors. It also worked in previous versions of Safari (we tested this several months ago and was throwing error). This bug seems to be related only to AES-CBS.
Bellow I attached simple repro in javascript.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20200512/d845b447/attachment-0001.htm>
More information about the webkit-unassigned
mailing list