Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

RSA generatekey, unsupported algorithm

See original GitHub issue

This is literally the only package I have found that supports webcrypto with react native…

But I really need to be able to generate the following RSA key (for compatibility with the rest of our system)…

await crypto.subtle.generateKey(
      name: "RSA-PSS",
      hash: "SHA-256",
      modulusLength: 4096,
      publicExponent: new Uint8Array([1, 0, 1]),
    ["sign", "verify"],

Any plans to support this? I would be really appreciative.

Issue Analytics

  • State:open
  • Created 3 years ago
  • Comments:20 (6 by maintainers)

github_iconTop GitHub Comments

kevlenedcommented, Jul 4, 2021

@cryptoAlgorithm @davidcallanan The recommended library runs code in the WebView without hitting a remote server. Here’s the code for the suggested library (basically loads an empty html file, then injects js that runs client side). The WebView method is more secure than the js version today, because it’s built on top of the platform’s native crypto APIs.

There is one real limitation to any polyfill I’ve seen in React Native: non-exportable keys. In a browser, you can generate key pairs where the private portion can’t be serialized to a jwk or pem. This prevents an xss from exfiltrating a private key. In the browser, not being able to serialize the key means you have to store the key in IndexedDB if you want to use it in future sessions (IndexedDB can store some objects without serializing them). There is no way to simulate the functionality in React Native unless you use a WebCrypto polyfill built on top of the iOS and Android crypto primitives.

The WebView method is certainly the most secure, reliable, and up-to-date method. I’ve considered moving this library to use the WebView method by default. The only caveat is the extra step of including the WebView in the render tree. This extra step just becomes cumbersome if you’re shipping a library built on top of isomorphic-webcrypto to end-users.

Hope that helps with your decision.

cryptoAlgorithmcommented, Jul 5, 2021

@kevlened, I’ve ran into some issues with this WebView WebCrypto approach, namely the fact that Safari on iOS doesn’t fully support RSA-OEAP encryption/decryption with SHA-512/SHA-256 hashes. Only SHA-1 is supported, which won’t do. I look forward to the day when Safari finally decides to fix this (its a bug that has been around for ages), but for now I can’t really use this approach.

Read more comments on GitHub >

github_iconTop Results From Across the Web

RSA_PRIVATE_KEY problem · Discussion #9331 · saleor ...
The data may be in an incorrect format, it may be encrypted with an unsupported algorithm, or it may be an unsupported key...
Read more >
RSA — PyCryptodome 3.15.0 documentation
RSA is the most widespread and used public key algorithm. Its security is based on the difficulty of factoring large integers. The algorithm...
Read more >
RSA — Cryptography 39.0.0.dev1 documentation
RSA is a public-key algorithm for encrypting and signing messages. Generation¶. Unlike symmetric cryptography, where the key is typically just a random series ......
Read more >
How to generate "ssh-rsa" key instead of "rsa-sha2-512"
As this is not answer how to generate key, but rather what causes sshd ... host key algorithm: ssh-rsa debug1: kex: server->client cipher: ......
Read more >
Generating RSA public keys from go using x509 ...
Reader bitSize := 64 keypair, _:= rsa.GenerateKey(reader, bitSize) fmt.Println("Public key ", &keypair.PublicKey) pubkey_bytes := x509.
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Post

No results found

github_iconTop Related Hashnode Post

No results found