Hi,
Currently my javascript crypto library is working quite consistently in Chrome and Firefox, but the same operations are often behaving differently when executing them in the context of Internet Explorer 11. Here is a simple example of what I'm talking about:
First I generate a key using
var aesAlgo = {name: 'AES-GCM', length: 256}
webcrypto.subtle.generateKey(aesAlgo, 'true', ['encrypt','decrypt']
The generated key is stored in generatedAesGcmKey variable... I then encrypt some hard-coded string using exported key:
var dataToEncrypt = Util.strToUint8Arr("DEADBEEF")
aesAlgo.iv = webcrypto.getRandomValues(new Uint8Array(12))
aesAlgo.tagLength = 96
webcrypto.subtle.encrypt(aesAlgo, generatedAesGcmKey, dataToEncrypt)I then try to decrypt this data, using the same algorithm, key as I used for the encrypt call...
webcrypto.subtle.decrypt(aesAlgo, generatedAesGcmKey, encrypted)
but instead of getting my original data after a successful decrypt call (which is what I get in Firefox/Chrome), I get
Error: Invalid argument. at Anonymous function, with a reference to a line in my script that contains the webcrypto.subtle.decrypt call
It's not immediately clear as to what is going wrong or how to troubleshoot it. Am I meant to perform some adjustment/transformation on the result of the encryption before I can decrypt it?
In another location in my code, I'm trying to unwrap AES-GCM key that was wrapped on the server using RSA OAEP and SHA-256. Again, unwrapping is relatively straightforward in Chrome and Firefox, but when using IE11 I seem to encounter puzzling errors without much detail and get even more confused by documentation. e.g.
https://msdn.microsoft.com/en-us/library/dn302335(v=vs.85).aspx
says:
The wrappedKey object must contain a JSON Web Key (JWK) structure encapsulated with JSON Web Encryption (JWE). The content encryption algorithm used in the JWE must be AES-GCM.
In my case the wrapped AES GCM key arrives from the server in 'raw' format... after reading the above mentioned snippet of documentation, I've started trying to convert it to 'jwk' format before invoking webcrypto.subtle.unwrapkey (e.g. via webcrypto.subtle.importKey('raw'...) followed by webcrypto.subtle.exportKey('jwk'...) but to no avail, still am getting on.error event handler triggered with a parameter that doesn't seem to contain anything useful to help with troubleshooting why unwrapping fails.
Any tips/suggestions would be much appreciated,
regards,
Greg