[Webkit-unassigned] [Bug 211777] New: SubtleCrypto.decrypt() - Decrypting with wrong AES-CBC key succeeds instead throwing an error

Tue May 12 04:38:46 PDT 2020

https://bugs.webkit.org/show_bug.cgi?id=211777

            Bug ID: 211777
           Summary: SubtleCrypto.decrypt() - Decrypting with wrong AES-CBC
                    key succeeds instead throwing an error
           Product: WebKit
           Version: Safari 13
          Hardware: Macintosh
                OS: macOS 10.15
            Status: NEW
          Severity: Critical
          Priority: P2
         Component: JavaScriptCore
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: pavel.bednar at tescosw.cz

Created attachment 399118

  --> https://bugs.webkit.org/attachment.cgi?id=399118&action=review

repro sample

We are developing a bussiness app utilizing Web Crypto API.  When user tryies to decrypt data with wrong key, SubtleCrypto.decrypt() should throw an error regarding to https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/decrypt.
In Safari instead of an error it succeed and returns some mismatched data. This is serious bug since we do not have any means to detect unsuccessfull decryption
Same test case in Chrome throws an error, also using another algorithm e.g. AES-CGM in safari also throw errors. It also worked in previous versions of Safari (we tested this several months ago and was throwing error). This bug seems to be related only to AES-CBS.

Bellow I attached simple repro in javascript.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20200512/d845b447/attachment-0001.htm>