Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

#2651 Update to openpgp v6 #2653

Draft
wants to merge 4 commits into
base: master
Choose a base branch
from
Draft

#2651 Update to openpgp v6 #2653

wants to merge 4 commits into from

Conversation

ioanmo226
Copy link
Collaborator

This PR upgraded openpgp to v6

close #2651 // if this PR closes an issue

Tests (delete all except exactly one):

  • Tests added or updated

To be filled by reviewers

I have reviewed that this PR... (tick whichever items you personally focused on during this review):

  • addresses the issue it closes (if any)
  • code is readable and understandable
  • is accompanied with tests, or tests are not needed
  • is free of vulnerabilities
  • is documented clearly and usefully, or doesn't need documentation

@ioanmo226
Copy link
Collaborator Author

Hi @sosnovsky,

I’ve completed migrating OpenPGP to v6. However, v6 heavily relies on the Web Crypto API, which doesn’t seem to be supported by the iOS WebView. This results in the following error caused by the line below:

https://github.com/openpgpjs/openpgpjs/blob/b2bd8a0fdd12902484d65baa4ae4eb7f146fcd32/src/util.js#L432

"⚙️[Core] The WebCrypto API is not available\n -> js getWebCrypto@\n -> js 6382@\n -> js r@\n -> js 1341@\n -> js r@\n -> js 9545@\n -> js r@\n -> js 4010@\n -> js r@\n -> js 1592@\n -> js r@\n -> js 9033@\n -> js r@\n -> js @\n -> js @\n -> js global code@"

Some suggest using a polyfill, others recommend implementing an iOS native bridge to handle crypto operations, and some propose reverting back to OpenPGP v5—which we’d prefer to avoid.

Let me know your thoughts and suggestions.

@sosnovsky
Copy link
Collaborator

Browser compatibility table shows that most of WebCrypto API functionality is supported in iOS WebView since iOS 11 - https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto#browser_compatibility
Maybe we need to change some configuration properties for WKWebView to enable WebCrypto API.
But as I understand, it should work without adding any polyfills. Can you please check it?

@ioanmo226
Copy link
Collaborator Author

Sure. Let me check

@ioanmo226
Copy link
Collaborator Author

From my research, it looks like we have two options(The Web Crypto API is only available in a secure context, so right now it’s undefined):

  1. Run a local HTTPS server for the JS file.
  2. Register a custom webview scheme handler so iOS treats the custom scheme as HTTPS.

I tried registering a custom scheme handler, but iOS still doesn’t recognize it as secure. It might be best to set up a local HTTPS server, though we’ll need to consider certificates (maybe a self-signed one). I’ll dig more into this.

Let me know your thoughts!

@sosnovsky
Copy link
Collaborator

Using https server seems to be more stable solution, but need to check if it's not complicated.
Let's try to use https://github.com/Building42/Telegraph or https://github.com/swhitty/FlyingFox.
But if it'll require a lot of work - we can switch to using some webcrypto polyfill.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sosnovsky sosnovsky Awaiting requested review from sosnovsky sosnovsky will be requested when the pull request is marked ready for review sosnovsky is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Upgrade openpgp to v6
2 participants
@ioanmo226 @sosnovsky