Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Null check error in web worker when using RsaOaepPrivateKey.importPkcs8Key for RSA decryption #149

Closed
chaudharydeepanshu opened this issue Sep 6, 2024 · 3 comments
Closed

Null check error in web worker when using RsaOaepPrivateKey.importPkcs8Key for RSA decryption #149

chaudharydeepanshu opened this issue Sep 6, 2024 · 3 comments
Labels
need info

Comments

@chaudharydeepanshu
Copy link

Description

I'm using this package for RSA decryption in both isolates and web workers. While it works fine in isolates, I encounter a null check error when running in a web worker.

Code

This is the function that runs for decryption:

import 'dart:convert';
import 'package:encrypt/encrypt.dart';
import 'package:webcrypto/webcrypto.dart';
import 'package:pem/pem.dart';
import 'package:basic_utils/basic_utils.dart';

Future<String> decryptDEKWeb({
  required String encryptedDek,
  required String rsaPrivateKeyPKCS1,
}) async {
  // Get RSAPrivateKey from the rsaPrivateKeyPKCS1
  final rSAPrivateKey =
  RSAKeyParser().parse(rsaPrivateKeyPKCS1) as RSAPrivateKey;

  // Get PKCS#8 from RSAPrivateKey
  String pkcs8 = CryptoUtils.encodeRSAPrivateKeyToPem(rSAPrivateKey);

  // Decode PKCS#8 key to get key data
  List<int> keyData = PemCodec(PemLabel.privateKey).decode(pkcs8);

  // Import key data as a private key
  final privateKey = await RsaOaepPrivateKey.importPkcs8Key(keyData, Hash.sha1);

  if (encryptedDek.startsWith('encRsa_')) {
    final encryptedData = base64.decode(encryptedDek.substring(7));

    // Decrypt the encrypted data
    final decryptedBytes = await privateKey.decryptBytes(encryptedData);

    return base64.encode(decryptedBytes);
  } else {
    throw ('Invalid encrypted dek');
  }
}

Error

This is the error I get in the web worker:

[   +1 ms] RethrownDartError: Null check operator used on a null value

           dart-sdk/lib/_internal/js_dev_runtime/private/ddc_runtime/errors.dart 329:10  createErrorWithStack
           dart-sdk/lib/_internal/js_dev_runtime/patch/core_patch.dart 265:28            _throw
           dart-sdk/lib/core/errors.dart 120:5                                           throwWithStackTrace
           dart-sdk/lib/async/zone.dart 1386:11                                          callback
           dart-sdk/lib/async/schedule_microtask.dart 40:11                              _microtaskLoop
           dart-sdk/lib/async/schedule_microtask.dart 49:5                               _startMicrotaskLoop
           dart-sdk/lib/_internal/js_dev_runtime/patch/async_patch.dart 181:7            <fn>

From what I can tell, the error is being thrown on this line:

final privateKey = await RsaOaepPrivateKey.importPkcs8Key(keyData, Hash.sha1);

Environment

  • The code runs fine in isolates, but throws this error when used in a web worker.
  • The web worker code is generated using isolate_manager with the following command: 
    dart run isolate_manager:generate

Steps to Reproduce

  1. Run the provided decryptDEKWeb function inside a web worker environment.
  2. Observe the null check error when calling RsaOaepPrivateKey.importPkcs8Key.

Expected Behavior

The function should successfully import the private key and decrypt the data, as it does in an isolate.

Additional Information

  • The keyData passed to importPkcs8Key is valid, as confirmed by logging it before the function call.
  • This issue seems specific to web workers, as the same code works without issues outside of web worker.

Let me know if any further details are required for debugging.
@jonasfj
Copy link
Member

jonasfj commented Sep 6, 2024

Please provide a gist with all the code your running.

A script that shows how to compile it.

And how to open it in a browser AND what browser!

Do not that WebCrypto only works in https://, so if you're opening it as a file or opening it on localhost it shouldn't work.

image

image

I've occasionally done such setups locally with ngrok, come to think of it I'm actually surprised our integration tests work in all browsers -- I think those just load from localhost, but maybe package:test does some magic 🤣

@chaudharydeepanshu
Copy link
Author

chaudharydeepanshu commented Sep 6, 2024
edited
Loading

Please provide a gist with all the code your running.

A script that shows how to compile it.

And how to open it in a browser AND what browser!

I'll soon add a small example app to recreate the issue.

Do not that WebCrypto only works in https://

Btw, this secure content requirement is weird because I was running the app on localhost without using a web worker and it worked fine. Does the secure content requirement only apply when I run it inside web workers?

Thanks for the response!

@jonasfj
Copy link
Member

jonasfj commented Oct 11, 2024

Does the secure content requirement only apply when I run it inside web workers?

Don't know this might differ from browser to browser, and can probably be disabled when starting the browser.

If you're interested in documenting when this works, we're happy to take a PR another bullet point to the compatibility notes in the README.

Otherwise, I think we consider this outside the scope of this package. We offer what the browser offers.

Filed #159

@jonasfj jonasfj closed this as completed Oct 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
need info
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jonasfj @chaudharydeepanshu