Charles Engelke's Blog

August 29, 2014

Changes to the Web Cryptography API

Filed under: Uncategorized — Charles Engelke @ 1:32 pm
Tags: , ,

Chrome 37 made it to Stable a few days ago, and now supports the Web Cryptography API without needing to set a special flag. YAY!

But it dropped support for the RSAES-PKCS1-v1_5 algorithm so now the example from the public-key cryptography in the browser post last week doesn’t work any more. BOO!

What happened was that, as part of making the API generally available in Chrome, they updated their code to match the latest editor’s draft of the specification. Which drops RSAES-PKCS1-v1_5. I’m trying to understand why by looking at the change logs and mailing lists, but it seems that there is a vulnerability in that algorithm in certain use cases, so the working group felt it shouldn’t be included. The only public-key encryption and decryption algorithm in the spec now is RSA-OAEP. So I need to rework the example to use that algorithm instead. Which is a very simple set of changes except for one thing: my installation of Chrome (on Ubuntu 14.04) doesn’t support it. The error message when I tried to generate a key said that I needed a newer version of NSS (Network Security Services) to use it.

I tried using apt-get to install a newer version, but I already has the newest version available in the standard repositories. A bit of searching around led me to a discussion on how to watch Netflix on Linux, which included how to get the newest versions of the necessary NSS packages:

Then restart Chrome (you may need to kill all the hidden Chrome processes with pkill chrome for a full restart).

Now my installation of Chrome 37 supports RSA-OAEP, so I can fix the earlier samples. Watch this blog for an announcement when it’s done.

[Update August 31, 2014: Included all three required packages, instead of just the main one.]



  1. […] was used here originally, so this post has been changed to use RSA-OAEP instead. There’s a new post with more information, including how to update Ubuntu 14.04 so that this algorithm will work in […]

    Pingback by Public Key Cryptography in the Browser | Charles Engelke's Blog — August 30, 2014 @ 11:05 pm

  2. Thanks for that update! It saved me some time. And very good posts in general about using the Web Cryptography API in various scenarios which is of high interest to me and there is unfortunately not much documentation out there “yet”. Look forward to your forthcoming tutorials, keep up the good work. Btw. I tested the symmetric example and public-private example in Opera 25, Chrome 38 Windows/Android/Mac, FireFox 33 (with experimental flag enabled) and works fine. Also works fine on Safari 7 on Mac prefixed with webkitSubtle.

    Comment by Mickey — October 20, 2014 @ 3:05 pm

RSS feed for comments on this post.

Blog at

%d bloggers like this: