Bug 25420 and Bug 25422 - Allow digest() and exportKey() to return errors for UAs that implement these operations using underlying cryptographic implementations may fail.
An example of such failures is with implementations that allow third-party implementations of algorithms (eg: CryptoAPI/CNG, PKCS#11-based applications like NSS), as the third-party implementation may fail or be improperly registered.
--- a/spec/Overview-WebCryptoAPI.xml Mon Jun 16 00:00:00 2014 -0700
+++ b/spec/Overview-WebCryptoAPI.xml Mon Jun 16 00:00:00 2014 -0700
@@ -3996,6 +3996,14 @@
</p>
</li>
<li>
+ <p>
+ If the underlying cryptographic key material represented by the [[<a
+ href="#dfn-CryptoKey-slot-handle">handle</a>]] internal slot of <var>key</var>
+ cannot be accessed, then <a href="#concept-return-an-error">return an
+ error</a> named <a href="#dfn-OperationError"><code>OperationError</code></a>.
+ </p>
+ </li>
+ <li>
<dl class="switch">
<dt>If <var>format</var> is <code>"spki"</code></dt>
<dd>
@@ -4129,7 +4137,8 @@
<dd>
<ul>
<li>
- <p>Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a> dictionary.</p>
+ <p>Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary.</p>
</li>
<li>
<p>Set the <code>kty</code> attribute of <var>jwk</var> to the string
@@ -5272,6 +5281,14 @@
</p>
</li>
<li>
+ <p>
+ If the underlying cryptographic key material represented by the [[<a
+ href="#dfn-CryptoKey-slot-handle">handle</a>]] internal slot of <var>key</var>
+ cannot be accessed, then <a href="#concept-return-an-error">return an
+ error</a> named <a href="#dfn-OperationError"><code>OperationError</code></a>.
+ </p>
+ </li>
+ <li>
<dl class="switch">
<dt>If <var>format</var> is <code>"spki"</code></dt>
<dd>
@@ -6748,6 +6765,14 @@
</p>
</li>
<li>
+ <p>
+ If the underlying cryptographic key material represented by the [[<a
+ href="#dfn-CryptoKey-slot-handle">handle</a>]] internal slot of <var>key</var>
+ cannot be accessed, then <a href="#concept-return-an-error">return an
+ error</a> named <a href="#dfn-OperationError"><code>OperationError</code></a>.
+ </p>
+ </li>
+ <li>
<dl class="switch">
<dt>If <var>format</var> is <code>"spki"</code></dt>
<dd>
@@ -8204,6 +8229,14 @@
</p>
</li>
<li>
+ <p>
+ If the underlying cryptographic key material represented by the [[<a
+ href="#dfn-CryptoKey-slot-handle">handle</a>]] internal slot of <var>key</var>
+ cannot be accessed, then <a href="#concept-return-an-error">return an
+ error</a> named <a href="#dfn-OperationError"><code>OperationError</code></a>.
+ </p>
+ </li>
+ <li>
<dl class="switch">
<dt>If <var>format</var> is <code>"spki"</code>:</dt>
<dd>
@@ -9477,6 +9510,14 @@
</p>
</li>
<li>
+ <p>
+ If the underlying cryptographic key material represented by the [[<a
+ href="#dfn-CryptoKey-slot-handle">handle</a>]] internal slot of <var>key</var>
+ cannot be accessed, then <a href="#concept-return-an-error">return an
+ error</a> named <a href="#dfn-OperationError"><code>OperationError</code></a>.
+ </p>
+ </li>
+ <li>
<dl class="switch">
<dt>If <var>format</var> is <code>"spki"</code>:</dt>
<dd>
@@ -10353,6 +10394,14 @@
<dd>
<ol>
<li>
+ <p>
+ If the underlying cryptographic key material represented by the [[<a
+ href="#dfn-CryptoKey-slot-handle">handle</a>]] internal slot of <var>key</var>
+ cannot be accessed, then <a href="#concept-return-an-error">return an
+ error</a> named <a href="#dfn-OperationError"><code>OperationError</code></a>.
+ </p>
+ </li>
+ <li>
<dl class="switch">
<dt>If <var>format</var> is <code>"raw"</code>:</dt>
<dd>
@@ -10956,6 +11005,14 @@
<dd>
<ol>
<li>
+ <p>
+ If the underlying cryptographic key material represented by the [[<a
+ href="#dfn-CryptoKey-slot-handle">handle</a>]] internal slot of <var>key</var>
+ cannot be accessed, then <a href="#concept-return-an-error">return an
+ error</a> named <a href="#dfn-OperationError"><code>OperationError</code></a>.
+ </p>
+ </li>
+ <li>
<dl class="switch">
<dt>If <var>format</var> is <code>"raw"</code>:</dt>
<dd>
@@ -11502,6 +11559,14 @@
<dd>
<ol>
<li>
+ <p>
+ If the underlying cryptographic key material represented by the [[<a
+ href="#dfn-CryptoKey-slot-handle">handle</a>]] internal slot of <var>key</var>
+ cannot be accessed, then <a href="#concept-return-an-error">return an
+ error</a> named <a href="#dfn-OperationError"><code>OperationError</code></a>.
+ </p>
+ </li>
+ <li>
<dl class="switch">
<dt>If <var>format</var> is <code>"raw"</code>:</dt>
<dd>
@@ -12193,6 +12258,14 @@
<dd>
<ol>
<li>
+ <p>
+ If the underlying cryptographic key material represented by the [[<a
+ href="#dfn-CryptoKey-slot-handle">handle</a>]] internal slot of <var>key</var>
+ cannot be accessed, then <a href="#concept-return-an-error">return an
+ error</a> named <a href="#dfn-OperationError"><code>OperationError</code></a>.
+ </p>
+ </li>
+ <li>
<dl class="switch">
<dt>If <var>format</var> is <code>"raw"</code>:</dt>
<dd>
@@ -12768,6 +12841,14 @@
<dd>
<ol>
<li>
+ <p>
+ If the underlying cryptographic key material represented by the [[<a
+ href="#dfn-CryptoKey-slot-handle">handle</a>]] internal slot of <var>key</var>
+ cannot be accessed, then <a href="#concept-return-an-error">return an
+ error</a> named <a href="#dfn-OperationError"><code>OperationError</code></a>.
+ </p>
+ </li>
+ <li>
<dl class="switch">
<dt>If <var>format</var> is <code>"raw"</code>:</dt>
<dd>
@@ -13278,6 +13359,14 @@
<dd>
<ol>
<li>
+ <p>
+ If the underlying cryptographic key material represented by the [[<a
+ href="#dfn-CryptoKey-slot-handle">handle</a>]] internal slot of <var>key</var>
+ cannot be accessed, then <a href="#concept-return-an-error">return an
+ error</a> named <a href="#dfn-OperationError"><code>OperationError</code></a>.
+ </p>
+ </li>
+ <li>
<dl class="switch">
<dt>If <var>format</var> is <code>"raw"</code>:</dt>
<dd>
@@ -14036,6 +14125,14 @@
<dd>
<ol>
<li>
+ <p>
+ If the underlying cryptographic key material represented by the [[<a
+ href="#dfn-CryptoKey-slot-handle">handle</a>]] internal slot of <var>key</var>
+ cannot be accessed, then <a href="#concept-return-an-error">return an
+ error</a> named <a href="#dfn-OperationError"><code>OperationError</code></a>.
+ </p>
+ </li>
+ <li>
<dl class="switch">
<dt>If <var>format</var> is <code>"raw"</code>:</dt>
<dd>
@@ -14929,6 +15026,14 @@
<dd>
<ol>
<li>
+ <p>
+ If the underlying cryptographic key material represented by the [[<a
+ href="#dfn-CryptoKey-slot-handle">handle</a>]] internal slot of <var>key</var>
+ cannot be accessed, then <a href="#concept-return-an-error">return an
+ error</a> named <a href="#dfn-OperationError"><code>OperationError</code></a>.
+ </p>
+ </li>
+ <li>
<dl class="switch">
<dt>
If <var>format</var> is <code>"raw"</code>:
@@ -15249,6 +15354,13 @@
</li>
<li>
<p>
+ If performing the operation results in an error, then <a
+ href="#concept-return-an-error">return an error</a> named <a
+ href="#dfn-OperationError"><code>OperationError</code></a>.
+ </p>
+ </li>
+ <li>
+ <p>
Return a new ArrayBuffer containing <var>result</var>.
</p>
</li>
--- a/spec/Overview.html Mon Jun 16 00:00:00 2014 -0700
+++ b/spec/Overview.html Mon Jun 16 00:00:00 2014 -0700
@@ -3934,6 +3934,13 @@
</p>
</li>
<li>
+ <p>
+ If the underlying cryptographic key material represented by the [[<a href="#dfn-CryptoKey-slot-handle">handle</a>]] internal slot of <var>key</var>
+ cannot be accessed, then <a href="#concept-return-an-error">return an
+ error</a> named <a href="#dfn-OperationError"><code>OperationError</code></a>.
+ </p>
+ </li>
+ <li>
<dl class="switch">
<dt>If <var>format</var> is <code>"spki"</code></dt>
<dd>
@@ -4058,7 +4065,8 @@
<dd>
<ul>
<li>
- <p>Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a> dictionary.</p>
+ <p>Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary.</p>
</li>
<li>
<p>Set the <code>kty</code> attribute of <var>jwk</var> to the string
@@ -5155,6 +5163,13 @@
</p>
</li>
<li>
+ <p>
+ If the underlying cryptographic key material represented by the [[<a href="#dfn-CryptoKey-slot-handle">handle</a>]] internal slot of <var>key</var>
+ cannot be accessed, then <a href="#concept-return-an-error">return an
+ error</a> named <a href="#dfn-OperationError"><code>OperationError</code></a>.
+ </p>
+ </li>
+ <li>
<dl class="switch">
<dt>If <var>format</var> is <code>"spki"</code></dt>
<dd>
@@ -6540,6 +6555,13 @@
</p>
</li>
<li>
+ <p>
+ If the underlying cryptographic key material represented by the [[<a href="#dfn-CryptoKey-slot-handle">handle</a>]] internal slot of <var>key</var>
+ cannot be accessed, then <a href="#concept-return-an-error">return an
+ error</a> named <a href="#dfn-OperationError"><code>OperationError</code></a>.
+ </p>
+ </li>
+ <li>
<dl class="switch">
<dt>If <var>format</var> is <code>"spki"</code></dt>
<dd>
@@ -7919,6 +7941,13 @@
</p>
</li>
<li>
+ <p>
+ If the underlying cryptographic key material represented by the [[<a href="#dfn-CryptoKey-slot-handle">handle</a>]] internal slot of <var>key</var>
+ cannot be accessed, then <a href="#concept-return-an-error">return an
+ error</a> named <a href="#dfn-OperationError"><code>OperationError</code></a>.
+ </p>
+ </li>
+ <li>
<dl class="switch">
<dt>If <var>format</var> is <code>"spki"</code>:</dt>
<dd>
@@ -9130,6 +9159,13 @@
</p>
</li>
<li>
+ <p>
+ If the underlying cryptographic key material represented by the [[<a href="#dfn-CryptoKey-slot-handle">handle</a>]] internal slot of <var>key</var>
+ cannot be accessed, then <a href="#concept-return-an-error">return an
+ error</a> named <a href="#dfn-OperationError"><code>OperationError</code></a>.
+ </p>
+ </li>
+ <li>
<dl class="switch">
<dt>If <var>format</var> is <code>"spki"</code>:</dt>
<dd>
@@ -9963,6 +9999,13 @@
<dd>
<ol>
<li>
+ <p>
+ If the underlying cryptographic key material represented by the [[<a href="#dfn-CryptoKey-slot-handle">handle</a>]] internal slot of <var>key</var>
+ cannot be accessed, then <a href="#concept-return-an-error">return an
+ error</a> named <a href="#dfn-OperationError"><code>OperationError</code></a>.
+ </p>
+ </li>
+ <li>
<dl class="switch">
<dt>If <var>format</var> is <code>"raw"</code>:</dt>
<dd>
@@ -10554,6 +10597,13 @@
<dd>
<ol>
<li>
+ <p>
+ If the underlying cryptographic key material represented by the [[<a href="#dfn-CryptoKey-slot-handle">handle</a>]] internal slot of <var>key</var>
+ cannot be accessed, then <a href="#concept-return-an-error">return an
+ error</a> named <a href="#dfn-OperationError"><code>OperationError</code></a>.
+ </p>
+ </li>
+ <li>
<dl class="switch">
<dt>If <var>format</var> is <code>"raw"</code>:</dt>
<dd>
@@ -11096,6 +11146,13 @@
<dd>
<ol>
<li>
+ <p>
+ If the underlying cryptographic key material represented by the [[<a href="#dfn-CryptoKey-slot-handle">handle</a>]] internal slot of <var>key</var>
+ cannot be accessed, then <a href="#concept-return-an-error">return an
+ error</a> named <a href="#dfn-OperationError"><code>OperationError</code></a>.
+ </p>
+ </li>
+ <li>
<dl class="switch">
<dt>If <var>format</var> is <code>"raw"</code>:</dt>
<dd>
@@ -11771,6 +11828,13 @@
<dd>
<ol>
<li>
+ <p>
+ If the underlying cryptographic key material represented by the [[<a href="#dfn-CryptoKey-slot-handle">handle</a>]] internal slot of <var>key</var>
+ cannot be accessed, then <a href="#concept-return-an-error">return an
+ error</a> named <a href="#dfn-OperationError"><code>OperationError</code></a>.
+ </p>
+ </li>
+ <li>
<dl class="switch">
<dt>If <var>format</var> is <code>"raw"</code>:</dt>
<dd>
@@ -12336,6 +12400,13 @@
<dd>
<ol>
<li>
+ <p>
+ If the underlying cryptographic key material represented by the [[<a href="#dfn-CryptoKey-slot-handle">handle</a>]] internal slot of <var>key</var>
+ cannot be accessed, then <a href="#concept-return-an-error">return an
+ error</a> named <a href="#dfn-OperationError"><code>OperationError</code></a>.
+ </p>
+ </li>
+ <li>
<dl class="switch">
<dt>If <var>format</var> is <code>"raw"</code>:</dt>
<dd>
@@ -12842,6 +12913,13 @@
<dd>
<ol>
<li>
+ <p>
+ If the underlying cryptographic key material represented by the [[<a href="#dfn-CryptoKey-slot-handle">handle</a>]] internal slot of <var>key</var>
+ cannot be accessed, then <a href="#concept-return-an-error">return an
+ error</a> named <a href="#dfn-OperationError"><code>OperationError</code></a>.
+ </p>
+ </li>
+ <li>
<dl class="switch">
<dt>If <var>format</var> is <code>"raw"</code>:</dt>
<dd>
@@ -13590,6 +13668,13 @@
<dd>
<ol>
<li>
+ <p>
+ If the underlying cryptographic key material represented by the [[<a href="#dfn-CryptoKey-slot-handle">handle</a>]] internal slot of <var>key</var>
+ cannot be accessed, then <a href="#concept-return-an-error">return an
+ error</a> named <a href="#dfn-OperationError"><code>OperationError</code></a>.
+ </p>
+ </li>
+ <li>
<dl class="switch">
<dt>If <var>format</var> is <code>"raw"</code>:</dt>
<dd>
@@ -14437,6 +14522,13 @@
<dd>
<ol>
<li>
+ <p>
+ If the underlying cryptographic key material represented by the [[<a href="#dfn-CryptoKey-slot-handle">handle</a>]] internal slot of <var>key</var>
+ cannot be accessed, then <a href="#concept-return-an-error">return an
+ error</a> named <a href="#dfn-OperationError"><code>OperationError</code></a>.
+ </p>
+ </li>
+ <li>
<dl class="switch">
<dt>
If <var>format</var> is <code>"raw"</code>:
@@ -14739,6 +14831,11 @@
</li>
<li>
<p>
+ If performing the operation results in an error, then <a href="#concept-return-an-error">return an error</a> named <a href="#dfn-OperationError"><code>OperationError</code></a>.
+ </p>
+ </li>
+ <li>
+ <p>
Return a new ArrayBuffer containing <var>result</var>.
</p>
</li>