Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Electron apps can't use the Channel Session Protocol due to AES-KW being disabled in BoringSSL #367

Closed
gnarea opened this issue Nov 18, 2021 · 1 comment · Fixed by #368
Closed

Electron apps can't use the Channel Session Protocol due to AES-KW being disabled in BoringSSL #367

gnarea opened this issue Nov 18, 2021 · 1 comment · Fixed by #368
Labels
bug Something isn't working released

Comments

@gnarea
Copy link
Member

gnarea commented Nov 18, 2021

Electron doesn't support AES-KW because BoringSSL doesn't enable it. This causes courier sync to break in the desktop gateway, and will make it impossible to write Awala-compatible apps powered by Electron.

If we can't get this fixed in Electron or BoringSSL, we'll need to implement one of the following workarounds -- sorted from least to most awful:

  1. Patch webcrypto to use a pure JS implementation of AES-KW: Can't use AES-WRAP in Electron apps PeculiarVentures/webcrypto#40
  2. Create a new package to extend webcrypto to use a pure JS implementation of AES-KW.
  3. Create a fork of Electron where BoringSSL is patched to enable the cipher. We'd have to maintain it indefinitely.
  4. Ditch Electron in the desktop gateway and officially accept that Awala-compatible apps can't be powered by Electron.
  5. Disable the channel session protocol when AES-KW isn't available.
@gnarea gnarea added the bug Something isn't working label Nov 18, 2021
This was referenced Nov 18, 2021
Closed
Merged
@kodiakhq kodiakhq bot closed this as completed in #368 Nov 21, 2021
kodiakhq bot pushed a commit that referenced this issue Nov 21, 2021
@gnarea
feat: Integrate pure JavaScript implementation of AES-KW cipher (#368)
adf963c 
Fixes  #367
@github-actions
Copy link

🎉 This issue has been resolved in version 1.55.0 🎉

The release is available on:

Your semantic-release bot 📦🚀

github-actions bot pushed a commit that referenced this issue Nov 21, 2021
@kodiakhq
feat: Integrate pure JavaScript implementation of AES-KW cipher (#368)
ea4819d 
Fixes  #367 [skip ci] adf963c
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working released
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: Integrate pure JavaScript implementation of AES-KW cipher relaycorp/relaynet-core-js
1 participant
@gnarea