About AES-CBC supports.
Reported by
cao111...@gmail.com,
Dec 27
|
||||
Issue descriptionChrome Version : 71.0.3578.98 (Official Build) (64-bit) URLs (if applicable) : https://jsbin.com/mehugobewi/1/edit?js,console Other browsers tested: Add OK or FAIL, along with the version, after other browsers where you have tested this issue: Safari: OK (Version 12.0.2 (14606.3.4)) Firefox: FAIL (Version 64.0 (64-bit)) Edge: [NOT TESTED] What steps will reproduce the problem? (1) Run URL, PoC code. (2) Check output What is the expected result? Support for AES-CBC decrypt processing. What happens instead? Support for AES-CBC decrypt processing. Please provide any additional information below. Attach a screenshot if possible. --------------------------------------------------- The issue was raised by https://t.me/akaza_akarin
,
Dec 27
,
Dec 27
Marking as WontFix/WorkingAsIntended. It is intentional that WebCrypto does not support AES-CBC, as with Mozilla.
,
Dec 27
Actually the problem is a bit different than stated (still WontFix though). Chromium and Firefox both do support AES-CBC for WebCrypto. The issue here is that the ciphertext has an incorrect padding not conformant to PKCS#7. There should be an extra block in the ciphertext that is all padding. It is of concern that Safari allows this rather than failing with an OperationError for the padding failure...
,
Dec 27
,
Dec 28
Can I improve error info?
,
Dec 28
Distinguishing certain cryptographic errors can be used maliciously to infer things about the key/plaintext - for instance padding oracle attacks. In this case the client is already in possession of the key, so that isn't a primary concern. However as a general policy we don't surface error details in WebCrypto's OperationError other than basic input validation, to avoid the risk of leaking useful information. |
||||
►
Sign in to add a comment |
||||
Comment 1 by viswa.karala@chromium.org
, Dec 27