--- a/spec/Overview-WebCryptoAPI.xml Wed Feb 19 16:45:04 2014 -0800
+++ b/spec/Overview-WebCryptoAPI.xml Thu Feb 20 11:12:07 2014 -0800
@@ -1060,6 +1060,15 @@
<div id="subtlecrypto-interface-methods" class="section">
<h3>Methods and Parameters</h3>
+ <div class="ednote">
+ <p>
+ All errors should be reported asynchronously. It is an open issue how to document that
+ this should apply to WebIDL type mapping errors. Also, WebIDL type mapping for
+ Algorithm input parameters needs to use the correct Algorithm subclass expected
+ by the WebCrypto algorithm, not the Algorithm super-class specified in the function
+ prototype.
+ </p>
+ </div>
<div id="SubtleCrypto-method-encrypt" class="section">
<h4>The encrypt method</h4>
<p>
@@ -1073,8 +1082,50 @@
<ol>
<li>
<p>
+ Let <var>algorithm</var>, <var>key</var> and <var>data</var> be the
+ <code>algorithm</code>, <code>key</code> and <code>data</code> parameters
+ passed to the <a href="#dfn-SubtleCrypto-method-encrypt">encrypt</a> method,
+ respectively.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>promise</var> be a new Promise object and <var>resolver</var> its
+ associated resolver object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Return <var>promise</var> and asynchronously perform the remaining steps.
+ </p>
+ </li>
+ <li>
+ <p>
+ If an error occurs, run these substeps and then terminate the algorithm:
+ </p>
+ <ol>
+ <li>
+ <p>
+ Let <var>result</var> be <code>null</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Execute <var>resolver</var>'s <code>reject(value)</code> algorithm, with
+ <var>result</var> as the <code>value</code> argument.
+ </p>
+ </li>
+ </ol>
+ <div class="ednote">
+ Determine whether to reject the algorithm with a DOMError or a
+ <code>null</code> result.
+ </div>
+ </li>
+
+ <li>
+ <p>
Let <var>normalizedAlgorithm</var> be the result of processing
- <code>algorithm</code> according to the
+ <var>algorithm</var> according to the
<a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
</p>
</li>
@@ -1082,37 +1133,21 @@
<p>
If <var>normalizedAlgorithm</var> does not describe a
<a href="#algorithms">registered algorithm</a> that supports the encrypt
- operation, throw a <code>NotSupportedError</code> and
- <a href="#terminate-the-algorithm">terminate the algorithm</a>.
- </p>
- </li>
- <li>
- <p>
- If the <a href="#dfn-Key-usages">usages</a> property of <code>key</code> does not
+ operation, terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ If the <a href="#dfn-Key-usages">usages</a> property of <var>key</var> does not
contain an entry that is a case-sensitive string match for <code>"encrypt"</code>,
terminate this algorithm with an error.
</p>
</li>
<li>
<p>
- Create a new Promise object.
- </p>
- </li>
- <li>
- <p>
- Return the new object and asynchronously perform the remaining steps.
- </p>
- </li>
- <li>
- <p>
- Let <var>resolver</var> be the returned Promise's associated resolver object.
- </p>
- </li>
- <li>
- <p>
Let <var>ciphertext</var> be the result of performing the encrypt
- algorithm specified by <var>normalizedAlgorithm</var> with <code>key</code> as <var>key</var>
- and <code>data</code> as <var>plaintext</var>.
+ operation specified by <var>normalizedAlgorithm</var> using <var>key</var>
+ and with <var>data</var> as <var>plaintext</var>.
</p>
</li>
<li>
@@ -1136,8 +1171,50 @@
<ol>
<li>
<p>
+ Let <var>algorithm</var>, <var>key</var> and <var>data</var> be the
+ <code>algorithm</code>, <code>key</code> and <code>data</code> parameters
+ passed to the <a href="#dfn-SubtleCrypto-method-decrypt">decrypt</a> method,
+ respectively.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>promise</var> be a new Promise object and <var>resolver</var> its
+ associated resolver object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Return <var>promise</var> and asynchronously perform the remaining steps.
+ </p>
+ </li>
+ <li>
+ <p>
+ If an error occurs, run these substeps and then terminate the algorithm:
+ </p>
+ <ol>
+ <li>
+ <p>
+ Let <var>result</var> be <code>null</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Execute <var>resolver</var>'s <code>reject(value)</code> algorithm, with
+ <var>result</var> as the <code>value</code> argument.
+ </p>
+ </li>
+ </ol>
+ <div class="ednote">
+ Determine whether to reject the algorithm with a DOMError or a
+ <code>null</code> result.
+ </div>
+ </li>
+
+ <li>
+ <p>
Let <var>normalizedAlgorithm</var> be the result of processing
- <code>algorithm</code> according to the
+ <var>algorithm</var> according to the
<a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
</p>
</li>
@@ -1145,37 +1222,21 @@
<p>
If <var>normalizedAlgorithm</var> does not describe a
<a href="#algorithms">registered algorithm</a> that supports the decrypt
- operation, throw a <code>NotSupportedError</code> and
- <a href="#terminate-the-algorithm">terminate the algorithm</a>.
- </p>
- </li>
- <li>
- <p>
- If the <a href="#dfn-Key-usages">usages</a> property of <code>key</code> does not
+ operation, terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ If the <a href="#dfn-Key-usages">usages</a> property of <var>key</var> does not
contain an entry that is a case-sensitive string match for <code>"decrypt"</code>,
terminate this algorithm with an error.
</p>
</li>
<li>
<p>
- Create a new Promise object.
- </p>
- </li>
- <li>
- <p>
- Return the new object and asynchronously perform the remaining steps.
- </p>
- </li>
- <li>
- <p>
- Let <var>resolver</var> be the returned Promise's associated resolver object.
- </p>
- </li>
- <li>
- <p>
- Let <var>plaintext</var> be the result of performing the underlying decrypt
- algorithm specified by <var>normalizedAlgorithm</var> with <code>key</code> as
- <var>key</var> and <code>data</code> as <var>ciphertext</var>.
+ Let <var>plaintext</var> be the result of performing the decrypt
+ operation specified by <var>normalizedAlgorithm</var> using <var>key</var>
+ and with <var>data</var> as <var>ciphertext</var>.
</p>
</li>
<li>
@@ -1198,8 +1259,50 @@
<ol>
<li>
<p>
+ Let <var>algorithm</var>, <var>key</var> and <var>data</var> be the
+ <code>algorithm</code>, <code>key</code> and <code>data</code> parameters
+ passed to the <a href="#dfn-SubtleCrypto-method-sign">sign</a> method,
+ respectively.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>promise</var> be a new Promise object and <var>resolver</var> its
+ associated resolver object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Return <var>promise</var> and asynchronously perform the remaining steps.
+ </p>
+ </li>
+ <li>
+ <p>
+ If an error occurs, run these substeps and then terminate the algorithm:
+ </p>
+ <ol>
+ <li>
+ <p>
+ Let <var>result</var> be <code>null</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Execute <var>resolver</var>'s <code>reject(value)</code> algorithm, with
+ <var>result</var> as the <code>value</code> argument.
+ </p>
+ </li>
+ </ol>
+ <div class="ednote">
+ Determine whether to reject the algorithm with a DOMError or a
+ <code>null</code> result.
+ </div>
+ </li>
+
+ <li>
+ <p>
Let <var>normalizedAlgorithm</var> be the result of processing
- <code>algorithm</code> according to the
+ <var>algorithm</var> according to the
<a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
</p>
</li>
@@ -1207,37 +1310,21 @@
<p>
If <var>normalizedAlgorithm</var> does not describe a
<a href="#algorithms">registered algorithm</a> that supports the sign
- operation, throw a <code>NotSupportedError</code> and
- <a href="#terminate-the-algorithm">terminate the algorithm</a>.
- </p>
- </li>
- <li>
- <p>
- If the <a href="#dfn-Key-usages">usages</a> property of <code>key</code> does not
+ operation, terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ If the <a href="#dfn-Key-usages">usages</a> property of <var>key</var> does not
contain an entry that is a case-sensitive string match for <code>"sign"</code>,
terminate this algorithm with an error.
</p>
</li>
<li>
<p>
- Create a new Promise object.
- </p>
- </li>
- <li>
- <p>
- Return the new object and asynchronously perform the remaining steps.
- </p>
- </li>
- <li>
- <p>
- Let <var>resolver</var> be the returned Promise's associated resolver object.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var> be the result of performing the signature algorithm
- specified by <var>normalizedAlgorithm</var> with <code>key</code> as
- <var>key</var> and <code>data</code> as <var>message</var>.
+ Let <var>result</var> be the result of performing the sign operation
+ specified by <var>normalizedAlgorithm</var> uaing <var>key</var> and with
+ <var>data</var> as <var>message</var>.
</p>
</li>
<li>
@@ -1260,8 +1347,49 @@
<ol>
<li>
<p>
+ Let <var>algorithm</var>, <var>key</var>, <var>signature</var> and <var>data</var>
+ be the <code>algorithm</code>, <code>key</code>, <code>signature</code> and
+ <code>data</code> parameters passed to the
+ <a href="#dfn-SubtleCrypto-method-verify">verify</a> method, respectively.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>promise</var> be a new Promise object and <var>resolver</var> its
+ associated resolver object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Return <var>promise</var> and asynchronously perform the remaining steps.
+ </p>
+ </li>
+ <li>
+ <p>
+ If an error occurs, run these substeps and then terminate the algorithm:
+ </p>
+ <ol>
+ <li>
+ <p>
+ Let <var>result</var> be <code>null</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Execute <var>resolver</var>'s <code>reject(value)</code> algorithm, with
+ <var>result</var> as the <code>value</code> argument.
+ </p>
+ </li>
+ </ol>
+ <div class="ednote">
+ Determine whether to reject the algorithm with a DOMError or a
+ <code>null</code> result.
+ </div>
+ </li>
+ <li>
+ <p>
Let <var>normalizedAlgorithm</var> be the result of processing
- <code>algorithm</code> according to the
+ <var>algorithm</var> according to the
<a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
</p>
</li>
@@ -1269,38 +1397,21 @@
<p>
If <var>normalizedAlgorithm</var> does not describe a
<a href="#algorithms">registered algorithm</a> that supports the verify
- operation, throw a <code>NotSupportedError</code> and
- <a href="#terminate-the-algorithm">terminate the algorithm</a>.
- </p>
- </li>
- <li>
- <p>
- If the <a href="#dfn-Key-usages">usages</a> property of <code>key</code> does not
+ operation, terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ If the <a href="#dfn-Key-usages">usages</a> property of <var>key</var> does not
contain an entry that is a case-sensitive string match for <code>"verify"</code>,
terminate this algorithm with an error.
</p>
</li>
<li>
<p>
- Create a new Promise object.
- </p>
- </li>
- <li>
- <p>
- Return the new object and asynchronously perform the remaining steps.
- </p>
- </li>
- <li>
- <p>
- Let <var>resolver</var> be the returned Promise's associated resolver object.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var> be the result of performing the signature verification
- algorithm specified by <var>normalizedAlgorithm</var> with <code>key</code> as
- <var>key</var>, <code>signature</code> as <var>signature</var> and
- <code>data</code> as <var>message</var>.
+ Let <var>result</var> be the result of performing the verify operation
+ specified by <var>normalizedAlgorithm</var> using <var>key</var> and
+ <var>signature</var> and with <var>data</var> as <var>message</var>.
</p>
</li>
<li>
@@ -1323,8 +1434,48 @@
<ol>
<li>
<p>
+ Let <var>algorithm</var> and <var>data</var>
+ be the <code>algorithm</code> and <code>data</code> parameters passed to the
+ <a href="#dfn-SubtleCrypto-method-digest">digest</a> method, respectively.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>promise</var> be a new Promise object and <var>resolver</var> its
+ associated resolver object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Return <var>promise</var> and asynchronously perform the remaining steps.
+ </p>
+ </li>
+ <li>
+ <p>
+ If an error occurs, run these substeps and then terminate the algorithm:
+ </p>
+ <ol>
+ <li>
+ <p>
+ Let <var>result</var> be <code>null</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Execute <var>resolver</var>'s <code>reject(value)</code> algorithm, with
+ <var>result</var> as the <code>value</code> argument.
+ </p>
+ </li>
+ </ol>
+ <div class="ednote">
+ Determine whether to reject the algorithm with a DOMError or a
+ <code>null</code> result.
+ </div>
+ </li>
+ <li>
+ <p>
Let <var>normalizedAlgorithm</var> be the result of processing
- <code>algorithm</code> according to the
+ <var>algorithm</var> according to the
<a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
</p>
</li>
@@ -1332,29 +1483,14 @@
<p>
If <var>normalizedAlgorithm</var> does not describe a
<a href="#algorithms">registered algorithm</a> that supports the digest
- operation, throw a <code>NotSupportedError</code> and
- <a href="#terminate-the-algorithm">terminate the algorithm</a>.
- </p>
- </li>
- <li>
- <p>
- Create a new Promise object.
- </p>
- </li>
- <li>
- <p>
- Return the new object and asynchronously perform the remaining steps.
- </p>
- </li>
- <li>
- <p>
- Let <var>resolver</var> be the returned Promise's associated resolver object.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var> be the result of performing the underlying cryptographic
- algorithm specified by <var>normalizedAlgorithm</var>.
+ operation, terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be the result of performing the digest
+ operation specified by <var>normalizedAlgorithm</var> using <var>data</var>
+ as <var>message</var>.
</p>
</li>
<li>
@@ -1376,46 +1512,28 @@
<ol>
<li>
<p>
- Let <var>normalizedAlgorithm</var> be the result of processing
- <code>algorithm</code> according to the
- <a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
- </p>
- </li>
- <li>
- <p>
- If <var>normalizedAlgorithm</var> does not describe a
- <a href="#algorithms">registered algorithm</a> that supports the generate
- operation, throw a <code>NotSupportedError</code> and
- <a href="#terminate-the-algorithm">terminate the algorithm</a>.
- </p>
- </li>
- <li>
- <p>
- If <code>keyUsages</code> includes a value that is not a
- <a href="#dfn-RecognizedKeyUsage">recognized key usage value</a>, throw a
- <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate
- the algorithm</a>
- </p>
- </li>
- <li>
- <p>
- Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var>
- its associated resolver.
- </p>
- </li>
- <li>
- <p>
- Return <var>promise</var> and continue executing the remaining steps asynchronously.
+ Let <var>algorithm</var>, <var>extractable</var> and <var>usages</var>
+ be the <code>algorithm</code>, <code>extractable</code> and <code>keyUsages</code>
+ parameters passed to the
+ <a href="#dfn-SubtleCrypto-method-generateKey">generateKey</a> method,
+ respectively.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>promise</var> be a new Promise object and <var>resolver</var> its
+ associated resolver object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Return <var>promise</var> and asynchronously perform the remaining steps.
</p>
</li>
<li>
<p>
If an error occurs, run these substeps and then terminate the algorithm:
</p>
- <div class="ednote">
- Determine whether to reject the algorithm with a DOMError or a
- <code>null</code> result.
- </div>
<ol>
<li>
<p>
@@ -1429,13 +1547,37 @@
</p>
</li>
</ol>
- </li>
- <li>
- <p>
- Let <var>result</var> be the result of executing the key generation algorithm
- defined by the algorithm indicated in <var>normalizedAlgorithm</var> with
- <code>extractable</code> as <var>extractable</var> and <code>keyUsages</code> as
- <var>usages</var>.
+ <div class="ednote">
+ Determine whether to reject the algorithm with a DOMError or a
+ <code>null</code> result.
+ </div>
+ </li>
+ <li>
+ <p>
+ Let <var>normalizedAlgorithm</var> be the result of processing
+ <var>algorithm</var> according to the
+ <a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>normalizedAlgorithm</var> does not describe a
+ <a href="#algorithms">registered algorithm</a> that supports the generate
+ key operation, terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>usages</var> includes a value that is not a case-sensitive string match
+ for a <a href="#dfn-RecognizedKeyUsage">recognized key usage value</a>,
+ terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be the result of executing the generate key operation
+ specified by <var>normalizedAlgorithm</var> using
+ <var>extractable</var> and <var>usages</var>.
</p>
</li>
<li>
@@ -1456,76 +1598,30 @@
<ol>
<li>
<p>
- Let <var>normalizedAlgorithm</var> be the result of processing
- <code>algorithm</code> according to the
- <a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
- </p>
- </li>
- <li>
- <p>
- If <var>normalizedAlgorithm</var> does not describe a
- <a href="#algorithms">registered algorithm</a> that supports the derive
- operation, throw a <code>NotSupportedError</code> and
- <a href="#terminate-the-algorithm">terminate the algorithm</a>.
- </p>
- </li>
- <li>
- <p>
- If <code>derivedKeyType</code> is null, let
- <var>normalizedDerivedKeyAlgorithm</var> be null. Otherwise,
- <ol>
- <li>
- <p>
- Let <var>normalizedDerivedKeyAlgorithm</var> be the result of processing
- <code>derivedKeyType</code> according to the
- <a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
- </p>
- </li>
- <li>
- <p>
- If <var>normalizedDerivedKeyAlgorithm</var> does not describe a
- <a href="#algorithms">registered algorithm</a> throw a
- <code>NotSupportedError</code> and
- <a href="#terminate-the-algorithm">terminate the algorithm</a>.
- </p>
- </li>
- </ol>
- </p>
- </li>
- <li>
- <p>
- If the <a href="#dfn-Key-usages">usages</a> property of <code>baseKey</code> does not
- contain an entry that is a case-sensitive string match for <code>"deriveKey"</code>,
- terminate this algorithm with an error.
- </p>
- </li>
- <li>
- <p>
- If <code>keyUsages</code> includes a value that is not a
- <a href="#dfn-RecognizedKeyUsage">recognized key usage value</a>, throw a
- <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate the
- algorithm</a>
- </p>
- </li>
- <li>
- <p>
- Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var>
- its associated resolver.
- </p>
- </li>
- <li>
- <p>
- Return <var>promise</var> and continue executing the remaining steps asynchronously.
+ Let <var>algorithm</var>, <var>baseKey</var>, <var>derivedKeyType</var>,
+ <var>extractable</var> and <var>usages</var> be the <code>algorithm</code>,
+ <code>baseKey</code>, <code>derivedKeyType</code>, <code>extractable</code> and
+ <code>keyUsages</code>
+ parameters passed to the
+ <a href="#dfn-SubtleCrypto-method-deriveKey">deriveKey</a> method,
+ respectively.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>promise</var> be a new Promise object and <var>resolver</var> its
+ associated resolver object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Return <var>promise</var> and asynchronously perform the remaining steps.
</p>
</li>
<li>
<p>
If an error occurs, run these substeps and then terminate the algorithm:
</p>
- <div class="ednote">
- Determine whether to reject the algorithm with a DOMError or a
- <code>null</code> result.
- </div>
<ol>
<li>
<p>
@@ -1539,13 +1635,71 @@
</p>
</li>
</ol>
- </li>
- <li>
- <p>
- Let <var>result</var> be the result of executing the key derivation algorithm
- defined by the algorithm indicated in <var>normalizedAlgorithm</var> using
- <code>key</code> as <var>key</var>, <code>extractable</code> as
- <var>extractable</var> and <code>keyUsages</code> as <var>usages</var>.
+ <div class="ednote">
+ Determine whether to reject the algorithm with a DOMError or a
+ <code>null</code> result.
+ </div>
+ </li>
+ <li>
+ <p>
+ Let <var>normalizedAlgorithm</var> be the result of processing
+ <var>algorithm</var> according to the
+ <a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>normalizedAlgorithm</var> does not describe a
+ <a href="#algorithms">registered algorithm</a> that supports the derive key
+ operation, terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <dl class="switch">
+ <dt>If <var>derivedKeyType</var> is null:</dt>
+ <dd>Let <var>normalizedDerivedKeyAlgorithm</var> be null.</dd>
+ <dt>Otherwise:</dt>
+ <dd>
+ <ol>
+ <li>
+ <p>
+ Let <var>normalizedDerivedKeyAlgorithm</var> be the result of processing
+ <var>derivedKeyType</var> according to the
+ <a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>normalizedDerivedKeyAlgorithm</var> does not describe a
+ <a href="#algorithms">registered algorithm</a>, terminate this algorithm
+ with an error.
+ </p>
+ </li>
+ </ol>
+ </dd>
+ </dl>
+ </li>
+ <li>
+ <p>
+ If the <a href="#dfn-Key-usages">usages</a> property of <var>baseKey</var> does not
+ contain an entry that is a case-sensitive string match for <code>"deriveKey"</code>,
+ terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>usages</var> includes a value that is not a case-sensitive string
+ match for a
+ <a href="#dfn-RecognizedKeyUsage">recognized key usage value</a>, terminate
+ this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be the result of executing the derive key operation
+ specified by <var>normalizedAlgorithm</var> using
+ <var>key</var>, <var>normalizedDerivedKeyAlgorithm</var>, <var>extractable</var>
+ and <var>usages</var>.
</p>
</li>
<li>
@@ -1566,45 +1720,29 @@
<ol>
<li>
<p>
- Let <var>normalizedAlgorithm</var> be the result of processing
- <code>algorithm</code> according to the
- <a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
- </p>
- </li>
- <li>
- <p>
- If <var>normalizedAlgorithm</var> does not describe a
- <a href="#algorithms">registered algorithm</a> that supports the derive
- operation, throw a <code>NotSupportedError</code> and
- <a href="#terminate-the-algorithm">terminate the algorithm</a>.
- </p>
- </li>
- <li>
- <p>
- If the <a href="#dfn-Key-usages">usages</a> property of <code>baseKey</code> does not
- contain an entry that is a case-sensitive string match for <code>"deriveBits"</code>,
- terminate this algorithm with an error.
- </p>
- </li>
- <li>
- <p>
- Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var>
- its associated resolver.
- </p>
- </li>
- <li>
- <p>
- Return <var>promise</var> and continue executing the remaining steps asynchronously.
+ Let <var>algorithm</var>, <var>baseKey</var> and <var>length</var>,
+ be the <code>algorithm</code>,
+ <code>baseKey</code> and <code>length</code>
+ parameters passed to the
+ <a href="#dfn-SubtleCrypto-method-deriveBits">deriveBits</a> method,
+ respectively.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>promise</var> be a new Promise object and <var>resolver</var> its
+ associated resolver object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Return <var>promise</var> and asynchronously perform the remaining steps.
</p>
</li>
<li>
<p>
If an error occurs, run these substeps and then terminate the algorithm:
</p>
- <div class="ednote">
- Determine whether to reject the algorithm with a DOMError or a <code>null</code>
- result.
- </div>
<ol>
<li>
<p>
@@ -1618,18 +1756,37 @@
</p>
</li>
</ol>
- </li>
- <li>
- <p>
- If <var>baseKey</var>.<a href="#dfn-Key-usages"><code>usages</code></a> does not
- contain the <code>"deriveBits"</code> <a href="#dfn-KeyUsage"><code>KeyUsage</code></a>,
+ <div class="ednote">
+ Determine whether to reject the algorithm with a DOMError or a
+ <code>null</code> result.
+ </div>
+ </li>
+ <li>
+ <p>
+ Let <var>normalizedAlgorithm</var> be the result of processing
+ <var>algorithm</var> according to the
+ <a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>normalizedAlgorithm</var> does not describe a
+ <a href="#algorithms">registered algorithm</a> that supports the derive bits
+ operation, terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ If the <a href="#dfn-Key-usages">usages</a> property of <var>baseKey</var> does not
+ contain an entry that is a case-sensitive string match for <code>"deriveBits"</code>,
terminate this algorithm with an error.
</p>
</li>
<li>
<p>
- Let <var>result</var> be the result of executing the key derivation algorithm
- defined by the algorithm indicated in <var>normalizedAlgorithm</var>.
+ Let <var>result</var> be the result of executing the derive bits operation
+ specified by <var>normalizedAlgorithm</var> using <var>baseKey</var> and
+ <var>length</var>.
</p>
</li>
<li>
@@ -1649,67 +1806,31 @@
</p>
<ol>
<li>
- <dl class="switch">
- <dt>If <code>algorithm</code> is not null:</dt>
- <dd>
- <ol>
- <li>
- <p>
- Let <var>normalizedAlgorithm</var> be the result of processing
- <code>algorithm</code> according to the
- <a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
- </p>
- </li>
- <li>
- <p>
- If <var>normalizedAlgorithm</var> does not describe a
- <a href="#algorithms">registered algorithm</a> that supports the importKey
- operation, throw a <code>NotSupportedError</code> and
- <a href="#terminate-the-algorithm">terminate the algorithm</a>.
- </p>
- </li>
- </ol>
- </dd>
- <dt>Otherwise:</dt>
- <dd>
- Let <var>normalizedAlgorithm</var> be null.
- </dd>
- </dl>
- </li>
- <li>
- <p>
- If <code>format</code> is not a <a href="#dfn-RecognizedKeyFormats">recognized key
- format value</a>, throw a <code>NotSupportedError</code> and
- <a href="#terminate-the-algorithm">terminate the algorithm</a>
- </p>
- </li>
- <li>
- <p>
- If <code>keyUsages</code> includes a value that is not a
- <a href="#dfn-RecognizedKeyUsage">recognized key usage value</a>, throw a
- <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate
- the algorithm</a>
- </p>
- </li>
- <li>
- <p>
- Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var>
- its associated resolver.
- </p>
- </li>
- <li>
- <p>
- Return <var>promise</var> and continue executing the remaining steps asynchronously.
+ <p>
+ Let <var>format</var>, <var>keyData</var>, <var>algorithm</var>,
+ <var>extractable</var> and <var>usages</var>,
+ be the <code>format</code>, <code>keyData</code>, <code>algorithm</code>,
+ <code>extractable</code> and <code>keyUsages</code>
+ parameters passed to the
+ <a href="#dfn-SubtleCrypto-method-importKey">importKey</a> method,
+ respectively.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>promise</var> be a new Promise object and <var>resolver</var> its
+ associated resolver object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Return <var>promise</var> and asynchronously perform the remaining steps.
</p>
</li>
<li>
<p>
If an error occurs, run these substeps and then terminate the algorithm:
</p>
- <div class="ednote">
- Determine whether to reject the algorithm with a DOMError or a
- <code>null</code> result.
- </div>
<ol>
<li>
<p>
@@ -1723,15 +1844,67 @@
</p>
</li>
</ol>
- </li>
- <li>
- <p>
- Let <var>result</var> be the <a href="#dfn-Key"><code>Key</code></a> object that
- results from performing the Import Key operation defined by
- <var>normalizedAlgorithm</var> using <code>keyData</code> as <var>keyData</var>,
- <code>format</code> as <var>format</var>, <code>extractable</code> as
- <var>extractable</var> and <code>usages</code> as <var>usages</var>.
- </p>
+ <div class="ednote">
+ Determine whether to reject the algorithm with a DOMError or a
+ <code>null</code> result.
+ </div>
+ </li>
+
+ <li>
+ <dl class="switch">
+ <dt>If <var>algorithm</var> is not null:</dt>
+ <dd>
+ <ol>
+ <li>
+ <p>
+ Let <var>normalizedAlgorithm</var> be the result of processing
+ <var>algorithm</var> according to the
+ <a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>normalizedAlgorithm</var> does not describe a
+ <a href="#algorithms">registered algorithm</a> that supports the import key
+ operation, terminate this algorithm with an error.
+ </p>
+ </li>
+ </ol>
+ </dd>
+ <dt>Otherwise:</dt>
+ <dd>
+ Let <var>normalizedAlgorithm</var> be null.
+ </dd>
+ </dl>
+ </li>
+ <li>
+ <p>
+ If <var>format</var> is not a case-sensitive string match for
+ a <a href="#dfn-RecognizedKeyFormats">recognized key
+ format value</a>, terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>usages</var> includes a value that is not a case-sensitive string match
+ for a
+ <a href="#dfn-RecognizedKeyUsage">recognized key usage value</a>,
+ terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be the <a href="#dfn-Key">Key</a> object that
+ results from performing the import key operation specified by
+ <var>normalizedAlgorithm</var> using <var>keyData</var>,
+ <var>format</var>, <var>extractable</var> and <var>usages</var>.
+ </p>
+ <div class="ednote">
+ <p>
+ TODO: Specify how to identify the correct algorithm for the case
+ where <var>normalizedAlgorithm</var> is null, or remove that case.
+ </p>
+ </div>
</li>
<li>
<p>
@@ -1751,57 +1924,64 @@
<ol>
<li>
<p>
- If <code>format</code> is not a <a href="#dfn-RecognizedKeyFormats">recognized key
- format value</a>, throw a <code>NotSupportedError</code> and <a
- href="#terminate-the-algorithm">terminate the algorithm</a>
- </p>
- </li>
- <li>
- <p>
- Let <var>promise</var> be a new <code>Promise</code> object and
- <var>resolver</var> its associated resolver.
- </p>
- </li>
- <li>
- <p>
- Return <var>promise</var> and continue executing the remaining steps
- asynchronously.
+ Let <var>format</var> and <var>key</var> be the <code>format</code>
+ and <code>key</code> parameters passed to the
+ <a href="#dfn-SubtleCrypto-method-importKey">importKey</a> method,
+ respectively.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>promise</var> be a new Promise object and <var>resolver</var> its
+ associated resolver object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Return <var>promise</var> and asynchronously perform the remaining steps.
</p>
</li>
<li>
<p>
If an error occurs, run these substeps and then terminate the algorithm:
</p>
- <div class="ednote">
- Determine whether to reject the algorithm with a DOMError or a <code>null</code>
- result.
- </div>
<ol>
<li>
<p>
- Let <var>result</var> be <code>null</code>.
- </p>
- </li>
- <li>
- <p>
- Execute <var>resolver</var>'s <code>reject(value)</code> algorithm, with
- <var>result</var> as the <code>value</code> argument.
+ Let <var>result</var> be <code>null</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Execute <var>resolver</var>'s <code>reject(value)</code> algorithm, with
+ <var>result</var> as the <code>value</code> argument.
</p>
</li>
</ol>
- </li>
- <li>
- <p>
- If the <a href="#dfn-Key-extractable">extractable</a> property of <code>key</code>
+ <div class="ednote">
+ Determine whether to reject the algorithm with a DOMError or a
+ <code>null</code> result.
+ </div>
+ </li>
+
+ <li>
+ <p>
+ If <var>format</var> is not a case-sensitive string match for a
+ <a href="#dfn-RecognizedKeyFormats">recognized key
+ format value</a>, terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ If the <a href="#dfn-Key-extractable">extractable</a> property of <var>key</var>
is false, terminate this algorithm with an error.
</p>
</li>
<li>
<p>
- Let <var>result</var> be the result of performing the Export Key operation specified
- by the algorithm identified by the <a href="#dfn-Key-algorithm">algorithm</a>
- property of <code>key</code> using <code>key</code> as <var>key</var> and
- <code>format</code> as <var>format</var>.
+ Let <var>result</var> be the result of performing the export key operation
+ specified by the <a href="#dfn-Key-algorithm">algorithm</a>
+ property of <var>key</var> using <var>key</var> and <var>format</var>.
</p>
</li>
<li>
@@ -1822,46 +2002,28 @@
<ol>
<li>
<p>
- Let <var>normalizedAlgorithm</var> be the result of processing
- <code>wrapAlgorithm</code> according to the
- <a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
- </p>
- </li>
- <li>
- <p>
- If <var>normalizedAlgorithm</var> does not describe a
- <a href="#algorithms">registered algorithm</a> that supports the wrapKey
- operation, throw a <code>NotSupportedError</code> and
- <a href="#terminate-the-algorithm">terminate the algorithm</a>.
- </p>
- </li>
- <li>
- <p>
- If <code>format</code> is not a <a href="#dfn-RecognizedKeyFormats">recognized key
- format value</a>, throw a <code>NotSupportedError</code> and <a
- href="#terminate-the-algorithm">terminate the algorithm</a>
- </p>
- </li>
- <li>
- <p>
- Let <var>promise</var> be a new <code>Promise</code> object and
- <var>resolver</var> its associated resolver.
- </p>
- </li>
- <li>
- <p>
- Return <var>promise</var> and continue executing the remaining steps
- asynchronously.
+ Let <var>format</var>, <var>key</var>, <var>wrappingKey</var> and
+ <var>wrapAlgorithm</var> be the <code>format</code>, <code>key</code>,
+ <code>wrappingKey</code> and <code>wrapAlgorithm</code> parameters passed to the
+ <a href="#dfn-SubtleCrypto-method-wrapKey">wrapKey</a> method,
+ respectively.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>promise</var> be a new Promise object and <var>resolver</var> its
+ associated resolver object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Return <var>promise</var> and asynchronously perform the remaining steps.
</p>
</li>
<li>
<p>
If an error occurs, run these substeps and then terminate the algorithm:
</p>
- <div class="ednote">
- Determine whether to reject the algorithm with a DOMError or a <code>null</code>
- result.
- </div>
<ol>
<li>
<p>
@@ -1875,48 +2037,73 @@
</p>
</li>
</ol>
- </li>
- <li>
- <p>
- If the <a href="#dfn-Key-usages">usages</a> property of <code>wrappingKey</code>
+ <div class="ednote">
+ Determine whether to reject the algorithm with a DOMError or a
+ <code>null</code> result.
+ </div>
+ </li>
+
+ <li>
+ <p>
+ Let <var>normalizedAlgorithm</var> be the result of processing
+ <var>wrapAlgorithm</var> according to the
+ <a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>normalizedAlgorithm</var> does not describe a
+ <a href="#algorithms">registered algorithm</a> that supports the encrypt or wrap
+ key operation, terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>format</var> is not a case-sensitive string match for algorithm a
+ <a href="#dfn-RecognizedKeyFormats">recognized key
+ format value</a>, terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ If the <a href="#dfn-Key-usages">usages</a> property of <var>wrappingKey</var>
does not contain an entry that is a case-sensitive string match for
<code>"wrapKey"</code>, terminate this algorithm with an error.
</p>
</li>
<li>
<p>
- If the <a href="#dfn-Key-extractable">extractable</a> property of <code>key</code>
+ If the <a href="#dfn-Key-extractable">extractable</a> property of <var>key</var>
is false, terminate this algorithm with an error.
</p>
</li>
<li>
<p>
- Let <var>bytes</var> be the result of performing the Export Key operation specified
- by the algorithm identfied by the <a href="#dfn-Key-algorithm">algorithm</a>
- property of <code>key</code> using <code>key</code> as <var>key</var> and
- <code>format</code> as <var>format</var>.
- </p>
- </li>
- <li>
- <p>
- If the Export Key operation failed, terminate this algorithm with an error.
+ Let <var>bytes</var> be the result of performing the export key operation specified
+ the <a href="#dfn-Key-algorithm">algorithm</a>
+ property of <var>key</var> using <var>key</var> and <var>format</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ If the export key operation failed, terminate this algorithm with an error.
</p>
</li>
<li>
<dl class="switch">
- <dt>If <var>normalizedAlgorithm</var> specifies a Wrap Key operation:</dt>
+ <dt>If <var>normalizedAlgorithm</var> supports the wrap key operation:</dt>
<dd>
<p>
- Let <var>result</var> be the result of performing the Wrap Key operation
- specified by <var>normalizedAlgorithm</var> with <code>wrappingKey</code>
+ Let <var>result</var> be the result of performing the wrap key operation
+ specified by <var>normalizedAlgorithm</var> with <var>wrappingKey</var>
as <var>key</var> and <var>bytes</var> as <var>plaintext</var>.
</p>
</dd>
- <dt>Otherwise, if <var>normalizedAlgorithm</var> specifies an Encrypt operation:</dt>
+ <dt>Otherwise, if <var>normalizedAlgorithm</var> supports the encrypt operation:</dt>
<dd>
<p>
- Let <var>result</var> be the result of performing the Encrypt operation
- specified by <var>normalizedAlgorithm</var> with <code>wrappingKey</code>
+ Let <var>result</var> be the result of performing the encrypt operation
+ specified by <var>normalizedAlgorithm</var> with <var>wrappingKey</var>
as <var>key</var> and <var>bytes</var> as <var>plaintext</var>.
</p>
</dd>
@@ -1926,7 +2113,7 @@
</li>
<li>
<p>
- If the Wrap Key or Encrypt algorithm failed, terminate this algorithm with an error.
+ If the wrap key or encrypt operation failed, terminate this algorithm with an error.
</p>
</li>
<li>
@@ -1945,81 +2132,34 @@
<span class="RFC2119">MUST</span> perform the following steps:
</p>
<ol>
- <li>
- <p>
- Let <var>normalizedUnwrapAlgorithm</var> be the result of processing
- <code>unwrapAlgorithm</code> according to the
- <a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
- </p>
- </li>
- <li>
- <p>
- If <var>normalizedUnwrapAlgorithm</var> does not describe a
- <a href="#algorithms">registered algorithm</a> that supports the unwrapKey
- operation, throw a <code>NotSupportedError</code> and
- <a href="#terminate-the-algorithm">terminate the algorithm</a>.
- </p>
- </li>
- <li>
- <dl class="switch">
- <dt>If <code>unwrappedKeyAlgorithm</code> is not null:</dt>
- <dd>
- <ol>
- <li>
- <p>
- Let <var>normalizedKeyAlgorithm</var> be the result of processing
- <code>unwrappedKeyAlgorithm</code> according to the
- <a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
- </p>
- </li>
- <li>
- <p>
- If <var>normalizedKeyAlgorithm</var> does not describe a
- <a href="#algorithms">registered algorithm</a> that supports the importKey
- operation, throw a <code>NotSupportedError</code> and
- <a href="#terminate-the-algorithm">terminate the algorithm</a>.
- </p>
- </li>
- </ol>
- </dd>
- <dt>Otherwise:</dt>
- <dd>Let <var>normalizedKeyAlgorithm</var> be <code>null</code>.</dd>
- </dl>
- </li>
- <li>
- <p>
- If <code>format</code> is not a <a href="#dfn-RecognizedKeyFormats">recognized key
- format value</a>, throw a <code>NotSupportedError</code> and <a
- href="#terminate-the-algorithm">terminate the algorithm</a>
- </p>
- </li>
- <li>
- <p>
- If <code>keyUsages</code> includes a value that is not a
- <a href="#dfn-RecognizedKeyUsage">recognized key usage value</a>, throw a
- <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate
- the algorithm</a>
- </p>
- </li>
- <li>
- <p>
- Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var>
- its associated resolver.
- </p>
- </li>
- <li>
- <p>
- Return <var>promise</var> and continue executing the remaining steps asynchronously.
+ <li>
+ <p>
+ Let <var>format</var>, <var>wrappedKey</var>, <var>unwrappingKey</var>,
+ <var>unwrapAlgorithm</var>, <var>unwrappedKeyAlgorithm</var>,
+ <var>extractable</var> and <var>usages</var>,
+ be the <code>format</code>, <code>wrappedKey</code>, <code>unwrappingKey</code>,
+ <code>unwrapAlgorithm</code>, <code>unwrappedKeyAlgorithm</code>,
+ <code>extractable</code> and <code>keyUsages</code>
+ parameters passed to the
+ <a href="#dfn-SubtleCrypto-method-unwrapKey">unwrapKey</a> method,
+ respectively.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>promise</var> be a new Promise object and <var>resolver</var> its
+ associated resolver object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Return <var>promise</var> and asynchronously perform the remaining steps.
</p>
</li>
<li>
<p>
If an error occurs, run these substeps and then terminate the algorithm:
</p>
- <div class="ednote">
- Determine whether to reject the algorithm with a DOMError or a
- <code>null</code> result.
- </div>
<ol>
<li>
<p>
@@ -2033,31 +2173,88 @@
</p>
</li>
</ol>
- </li>
- <li>
- <p>
- If the <a href="#dfn-Key-usages">usages</a> property of <code>unwrappingKey</code>
- does not contain an entry that is a case-sensitive string match for
- <code>"unwrapKey"</code>, terminate this algorithm with an error.
+ <div class="ednote">
+ Determine whether to reject the algorithm with a DOMError or a
+ <code>null</code> result.
+ </div>
+ </li>
+ <li>
+ <p>
+ Let <var>normalizedUnwrapAlgorithm</var> be the result of processing
+ <var>unwrapAlgorithm</var> according to the
+ <a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>normalizedUnwrapAlgorithm</var> does not describe a
+ <a href="#algorithms">registered algorithm</a> that supports the unwrapKey
+ operation, terminate this algorithm with an error.
</p>
</li>
<li>
<dl class="switch">
- <dt>If <var>normalizedUnwrapAlgorithm</var> specifies a Unwrap Key operation:</dt>
+ <dt>If <var>unwrappedKeyAlgorithm</var> is not null:</dt>
<dd>
- Let <var>bytes</var> be the result of performing the Unwrap Key operation
+ <ol>
+ <li>
+ <p>
+ Let <var>normalizedKeyAlgorithm</var> be the result of processing
+ <var>unwrappedKeyAlgorithm</var> according to the
+ <a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>normalizedKeyAlgorithm</var> does not describe a
+ <a href="#algorithms">registered algorithm</a> that supports the importKey
+ operation, terminate this algorithm with an error.
+ </p>
+ </li>
+ </ol>
+ </dd>
+ <dt>Otherwise:</dt>
+ <dd>Let <var>normalizedKeyAlgorithm</var> be <code>null</code>.</dd>
+ </dl>
+ </li>
+ <li>
+ <p>
+ If the <a href="#dfn-Key-usages">usages</a> property of <var>unwrappingKey</var>
+ does not contain an entry that is a case-sensitive string match for
+ <code>"unwrapKey"</code>, terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>format</var> is not a case-sensitive string match for a
+ <a href="#dfn-RecognizedKeyFormats">recognized key
+ format value</a>, terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>usages</var> includes a value that is not a case-sensitive string match
+ for a <a href="#dfn-RecognizedKeyUsage">recognized key usage value</a>, terminate
+ this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <dl class="switch">
+ <dt>If <var>normalizedUnwrapAlgorithm</var> supports an unwrap key operation:</dt>
+ <dd>
+ Let <var>bytes</var> be the result of performing the unwrap key operation
specified by <var>normalizedUnwrapAlgorithm</var> with
- <code>unwrappingKey</code> as <var>key</var> and <code>wrappedKey</code> as
+ <var>unwrappingKey</var> as <var>key</var> and <var>wrappedKey</var> as
<var>ciphertext</var>.
</dd>
<dt>
- Otherwise, if <var>normalizedUnwrapAlgorithm</var> specifies a Decrypt
+ Otherwise, if <var>normalizedUnwrapAlgorithm</var> supports a decrypt
operation:
</dt>
<dd>
- Let <var>bytes</var> be the result of performing the Decrypt operation
+ Let <var>bytes</var> be the result of performing the decrypt operation
specified by <var>normalizedUnwrapAlgorithm</var> with
- <code>unwrappingKey</code> as <var>key</var> and <code>wrappedKey</code> as
+ <var>unwrappingKey</var> as <var>key</var> and <var>wrappedKey</var> as
<var>ciphertext</var>.
</dd>
<dt>Otherwise:</dt>
@@ -2066,16 +2263,16 @@
</li>
<li>
<p>
- If the Unwrap Key or Decrypt operation failed, terminate this algorithm with an error.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var> be the result of performing the Import Key operation
- specified by <var>normalizedKeyAlgorithm</var> with <code>format</code> as
- <var>format</var>, <code>keyUsages</code> as <var>usages</var>,
- <code>extractable</code> as <var>extractable</var> and <var>bytes</var> as
- <var>keyData</var>.
+ If the unwrap key or decrypt operation failed, terminate this algorithm with an
+ error.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be the result of performing the import key operation
+ specified by <var>normalizedKeyAlgorithm</var> using
+ <var>format</var>, <var>usages</var> and <var>extractable</var> and with
+ <var>bytes</var> as <var>keyData</var>.
<div class="ednote">
<p>
TODO: Specify how to identify the correct algorithm for the case
@@ -2086,7 +2283,7 @@
</li>
<li>
<p>
- If the Import Key algorithm failed, terminate this algorithm with an error.
+ If the import key algorithm failed, terminate this algorithm with an error.
</p>
</li>
<li>
--- a/spec/Overview.html Wed Feb 19 16:45:04 2014 -0800
+++ b/spec/Overview.html Thu Feb 20 11:12:07 2014 -0800
@@ -28,7 +28,7 @@
<link rel="stylesheet" href="//www.w3.org/StyleSheets/TR/W3C-ED" type="text/css" /></head>
<body>
- <div class="head"><div><a href="http://www.w3.org/"><img src="//www.w3.org/Icons/w3c_home" width="72" height="48" alt="W3C" /></a></div><h1>Web Cryptography API</h1><h2>W3C Editor’s Draft <em>19 February 2014</em></h2><dl><dt>Latest Editor’s Draft:</dt><dd><a href="http://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html">http://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html</a></dd><dt>Latest Published Version:</dt><dd><a href="http://www.w3.org/TR/WebCryptoAPI/">http://www.w3.org/TR/WebCryptoAPI/</a></dd><dt>Previous Version(s):</dt><dd><a href="https://dvcs.w3.org/hg/webcrypto-api/raw-file/0fe9b34c13fb/spec/Overview.html">https://dvcs.w3.org/hg/webcrypto-api/raw-file/0fe9b34c13fb/spec/Overview.html</a></dd><dt>Editors:</dt><dd><a href="http://www.google.com/">Ryan Sleevi</a>, Google, Inc. <sleevi@google.com></dd><dd><a href="http://www.netflix.com/">Mark Watson</a>, Netflix <watsonm@netflix.com></dd><dt>Participate:</dt><dd><p>Send feedback to <a href="mailto:public-webcrypto@w3.org?subject=%5BWebCryptoAPI%5D">public-webcrypto@w3.org</a> (<a href="http://lists.w3.org/Archives/Public/public-webcrypto/">archives</a>), or <a href="https://www.w3.org/Bugs/Public/enter_bug.cgi?product=Web%20Cryptography&component=Web%20Cryptography%20API%20Document">file a bug</a>
+ <div class="head"><div><a href="http://www.w3.org/"><img src="//www.w3.org/Icons/w3c_home" width="72" height="48" alt="W3C" /></a></div><h1>Web Cryptography API</h1><h2>W3C Editor’s Draft <em>20 February 2014</em></h2><dl><dt>Latest Editor’s Draft:</dt><dd><a href="http://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html">http://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html</a></dd><dt>Latest Published Version:</dt><dd><a href="http://www.w3.org/TR/WebCryptoAPI/">http://www.w3.org/TR/WebCryptoAPI/</a></dd><dt>Previous Version(s):</dt><dd><a href="https://dvcs.w3.org/hg/webcrypto-api/raw-file/0fe9b34c13fb/spec/Overview.html">https://dvcs.w3.org/hg/webcrypto-api/raw-file/0fe9b34c13fb/spec/Overview.html</a></dd><dt>Editors:</dt><dd><a href="http://www.google.com/">Ryan Sleevi</a>, Google, Inc. <sleevi@google.com></dd><dd><a href="http://www.netflix.com/">Mark Watson</a>, Netflix <watsonm@netflix.com></dd><dt>Participate:</dt><dd><p>Send feedback to <a href="mailto:public-webcrypto@w3.org?subject=%5BWebCryptoAPI%5D">public-webcrypto@w3.org</a> (<a href="http://lists.w3.org/Archives/Public/public-webcrypto/">archives</a>), or <a href="https://www.w3.org/Bugs/Public/enter_bug.cgi?product=Web%20Cryptography&component=Web%20Cryptography%20API%20Document">file a bug</a>
(see <a href="https://www.w3.org/Bugs/Public/buglist.cgi?product=Web%20Cryptography&component=Web%20Cryptography%20API%20Document&resolution=---">existing bugs</a>).</p></dd></dl><p class="copyright"><a href="http://www.w3.org/Consortium/Legal/ipr-notice#Copyright">Copyright</a> © view <a href="http://www.w3.org/"><abbr title="World Wide Web Consortium">W3C</abbr></a><sup>®</sup> (<a href="http://www.csail.mit.edu/"><abbr title="Massachusetts Institute of Technology">MIT</abbr></a>, <a href="http://www.ercim.org/"><abbr title="European Research Consortium for Informatics and Mathematics">ERCIM</abbr></a>, <a href="http://www.keio.ac.jp/">Keio</a>), All Rights Reserved. W3C <a href="http://www.w3.org/Consortium/Legal/ipr-notice#Legal_Disclaimer">liability</a>, <a href="http://www.w3.org/Consortium/Legal/ipr-notice#W3C_Trademarks">trademark</a> and <a href="http://www.w3.org/Consortium/Legal/copyright-documents">document use</a> rules apply.</p></div><hr />
<div class="section">
@@ -44,7 +44,7 @@
communications.
</p>
- <div class="ednote"><div class="ednoteHeader">Editorial note</div><p>There are 29 further editorial notes in the document.</p></div>
+ <div class="ednote"><div class="ednoteHeader">Editorial note</div><p>There are 36 further editorial notes in the document.</p></div>
</div>
<div class="section">
@@ -56,7 +56,7 @@
report can be found in the <a href="http://www.w3.org/TR/">W3C technical
reports index</a> at http://www.w3.org/TR/.
</em></p><p>
- This document is the 19 February 2014 <b>Editor’s Draft</b> of the
+ This document is the 20 February 2014 <b>Editor’s Draft</b> of the
<cite>Web Cryptography API</cite> specification.
Please send comments about this document to
@@ -1068,6 +1068,15 @@
<div id="subtlecrypto-interface-methods" class="section">
<h3>14.3. Methods and Parameters</h3>
+ <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+ <p>
+ All errors should be reported asynchronously. It is an open issue how to document that
+ this should apply to WebIDL type mapping errors. Also, WebIDL type mapping for
+ Algorithm input parameters needs to use the correct Algorithm subclass expected
+ by the WebCrypto algorithm, not the Algorithm super-class specified in the function
+ prototype.
+ </p>
+ </div>
<div id="SubtleCrypto-method-encrypt" class="section">
<h4>14.3.1. The encrypt method</h4>
<p>
@@ -1081,8 +1090,50 @@
<ol>
<li>
<p>
+ Let <var>algorithm</var>, <var>key</var> and <var>data</var> be the
+ <code>algorithm</code>, <code>key</code> and <code>data</code> parameters
+ passed to the <a href="#dfn-SubtleCrypto-method-encrypt">encrypt</a> method,
+ respectively.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>promise</var> be a new Promise object and <var>resolver</var> its
+ associated resolver object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Return <var>promise</var> and asynchronously perform the remaining steps.
+ </p>
+ </li>
+ <li>
+ <p>
+ If an error occurs, run these substeps and then terminate the algorithm:
+ </p>
+ <ol>
+ <li>
+ <p>
+ Let <var>result</var> be <code>null</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Execute <var>resolver</var>'s <code>reject(value)</code> algorithm, with
+ <var>result</var> as the <code>value</code> argument.
+ </p>
+ </li>
+ </ol>
+ <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+ Determine whether to reject the algorithm with a DOMError or a
+ <code>null</code> result.
+ </div>
+ </li>
+
+ <li>
+ <p>
Let <var>normalizedAlgorithm</var> be the result of processing
- <code>algorithm</code> according to the
+ <var>algorithm</var> according to the
<a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
</p>
</li>
@@ -1090,37 +1141,21 @@
<p>
If <var>normalizedAlgorithm</var> does not describe a
<a href="#algorithms">registered algorithm</a> that supports the encrypt
- operation, throw a <code>NotSupportedError</code> and
- <a href="#terminate-the-algorithm">terminate the algorithm</a>.
- </p>
- </li>
- <li>
- <p>
- If the <a href="#dfn-Key-usages">usages</a> property of <code>key</code> does not
+ operation, terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ If the <a href="#dfn-Key-usages">usages</a> property of <var>key</var> does not
contain an entry that is a case-sensitive string match for <code>"encrypt"</code>,
terminate this algorithm with an error.
</p>
</li>
<li>
<p>
- Create a new Promise object.
- </p>
- </li>
- <li>
- <p>
- Return the new object and asynchronously perform the remaining steps.
- </p>
- </li>
- <li>
- <p>
- Let <var>resolver</var> be the returned Promise's associated resolver object.
- </p>
- </li>
- <li>
- <p>
Let <var>ciphertext</var> be the result of performing the encrypt
- algorithm specified by <var>normalizedAlgorithm</var> with <code>key</code> as <var>key</var>
- and <code>data</code> as <var>plaintext</var>.
+ operation specified by <var>normalizedAlgorithm</var> using <var>key</var>
+ and with <var>data</var> as <var>plaintext</var>.
</p>
</li>
<li>
@@ -1144,8 +1179,50 @@
<ol>
<li>
<p>
+ Let <var>algorithm</var>, <var>key</var> and <var>data</var> be the
+ <code>algorithm</code>, <code>key</code> and <code>data</code> parameters
+ passed to the <a href="#dfn-SubtleCrypto-method-decrypt">decrypt</a> method,
+ respectively.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>promise</var> be a new Promise object and <var>resolver</var> its
+ associated resolver object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Return <var>promise</var> and asynchronously perform the remaining steps.
+ </p>
+ </li>
+ <li>
+ <p>
+ If an error occurs, run these substeps and then terminate the algorithm:
+ </p>
+ <ol>
+ <li>
+ <p>
+ Let <var>result</var> be <code>null</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Execute <var>resolver</var>'s <code>reject(value)</code> algorithm, with
+ <var>result</var> as the <code>value</code> argument.
+ </p>
+ </li>
+ </ol>
+ <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+ Determine whether to reject the algorithm with a DOMError or a
+ <code>null</code> result.
+ </div>
+ </li>
+
+ <li>
+ <p>
Let <var>normalizedAlgorithm</var> be the result of processing
- <code>algorithm</code> according to the
+ <var>algorithm</var> according to the
<a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
</p>
</li>
@@ -1153,37 +1230,21 @@
<p>
If <var>normalizedAlgorithm</var> does not describe a
<a href="#algorithms">registered algorithm</a> that supports the decrypt
- operation, throw a <code>NotSupportedError</code> and
- <a href="#terminate-the-algorithm">terminate the algorithm</a>.
- </p>
- </li>
- <li>
- <p>
- If the <a href="#dfn-Key-usages">usages</a> property of <code>key</code> does not
+ operation, terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ If the <a href="#dfn-Key-usages">usages</a> property of <var>key</var> does not
contain an entry that is a case-sensitive string match for <code>"decrypt"</code>,
terminate this algorithm with an error.
</p>
</li>
<li>
<p>
- Create a new Promise object.
- </p>
- </li>
- <li>
- <p>
- Return the new object and asynchronously perform the remaining steps.
- </p>
- </li>
- <li>
- <p>
- Let <var>resolver</var> be the returned Promise's associated resolver object.
- </p>
- </li>
- <li>
- <p>
- Let <var>plaintext</var> be the result of performing the underlying decrypt
- algorithm specified by <var>normalizedAlgorithm</var> with <code>key</code> as
- <var>key</var> and <code>data</code> as <var>ciphertext</var>.
+ Let <var>plaintext</var> be the result of performing the decrypt
+ operation specified by <var>normalizedAlgorithm</var> using <var>key</var>
+ and with <var>data</var> as <var>ciphertext</var>.
</p>
</li>
<li>
@@ -1206,8 +1267,50 @@
<ol>
<li>
<p>
+ Let <var>algorithm</var>, <var>key</var> and <var>data</var> be the
+ <code>algorithm</code>, <code>key</code> and <code>data</code> parameters
+ passed to the <a href="#dfn-SubtleCrypto-method-sign">sign</a> method,
+ respectively.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>promise</var> be a new Promise object and <var>resolver</var> its
+ associated resolver object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Return <var>promise</var> and asynchronously perform the remaining steps.
+ </p>
+ </li>
+ <li>
+ <p>
+ If an error occurs, run these substeps and then terminate the algorithm:
+ </p>
+ <ol>
+ <li>
+ <p>
+ Let <var>result</var> be <code>null</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Execute <var>resolver</var>'s <code>reject(value)</code> algorithm, with
+ <var>result</var> as the <code>value</code> argument.
+ </p>
+ </li>
+ </ol>
+ <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+ Determine whether to reject the algorithm with a DOMError or a
+ <code>null</code> result.
+ </div>
+ </li>
+
+ <li>
+ <p>
Let <var>normalizedAlgorithm</var> be the result of processing
- <code>algorithm</code> according to the
+ <var>algorithm</var> according to the
<a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
</p>
</li>
@@ -1215,37 +1318,21 @@
<p>
If <var>normalizedAlgorithm</var> does not describe a
<a href="#algorithms">registered algorithm</a> that supports the sign
- operation, throw a <code>NotSupportedError</code> and
- <a href="#terminate-the-algorithm">terminate the algorithm</a>.
- </p>
- </li>
- <li>
- <p>
- If the <a href="#dfn-Key-usages">usages</a> property of <code>key</code> does not
+ operation, terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ If the <a href="#dfn-Key-usages">usages</a> property of <var>key</var> does not
contain an entry that is a case-sensitive string match for <code>"sign"</code>,
terminate this algorithm with an error.
</p>
</li>
<li>
<p>
- Create a new Promise object.
- </p>
- </li>
- <li>
- <p>
- Return the new object and asynchronously perform the remaining steps.
- </p>
- </li>
- <li>
- <p>
- Let <var>resolver</var> be the returned Promise's associated resolver object.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var> be the result of performing the signature algorithm
- specified by <var>normalizedAlgorithm</var> with <code>key</code> as
- <var>key</var> and <code>data</code> as <var>message</var>.
+ Let <var>result</var> be the result of performing the sign operation
+ specified by <var>normalizedAlgorithm</var> uaing <var>key</var> and with
+ <var>data</var> as <var>message</var>.
</p>
</li>
<li>
@@ -1268,8 +1355,49 @@
<ol>
<li>
<p>
+ Let <var>algorithm</var>, <var>key</var>, <var>signature</var> and <var>data</var>
+ be the <code>algorithm</code>, <code>key</code>, <code>signature</code> and
+ <code>data</code> parameters passed to the
+ <a href="#dfn-SubtleCrypto-method-verify">verify</a> method, respectively.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>promise</var> be a new Promise object and <var>resolver</var> its
+ associated resolver object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Return <var>promise</var> and asynchronously perform the remaining steps.
+ </p>
+ </li>
+ <li>
+ <p>
+ If an error occurs, run these substeps and then terminate the algorithm:
+ </p>
+ <ol>
+ <li>
+ <p>
+ Let <var>result</var> be <code>null</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Execute <var>resolver</var>'s <code>reject(value)</code> algorithm, with
+ <var>result</var> as the <code>value</code> argument.
+ </p>
+ </li>
+ </ol>
+ <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+ Determine whether to reject the algorithm with a DOMError or a
+ <code>null</code> result.
+ </div>
+ </li>
+ <li>
+ <p>
Let <var>normalizedAlgorithm</var> be the result of processing
- <code>algorithm</code> according to the
+ <var>algorithm</var> according to the
<a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
</p>
</li>
@@ -1277,38 +1405,21 @@
<p>
If <var>normalizedAlgorithm</var> does not describe a
<a href="#algorithms">registered algorithm</a> that supports the verify
- operation, throw a <code>NotSupportedError</code> and
- <a href="#terminate-the-algorithm">terminate the algorithm</a>.
- </p>
- </li>
- <li>
- <p>
- If the <a href="#dfn-Key-usages">usages</a> property of <code>key</code> does not
+ operation, terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ If the <a href="#dfn-Key-usages">usages</a> property of <var>key</var> does not
contain an entry that is a case-sensitive string match for <code>"verify"</code>,
terminate this algorithm with an error.
</p>
</li>
<li>
<p>
- Create a new Promise object.
- </p>
- </li>
- <li>
- <p>
- Return the new object and asynchronously perform the remaining steps.
- </p>
- </li>
- <li>
- <p>
- Let <var>resolver</var> be the returned Promise's associated resolver object.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var> be the result of performing the signature verification
- algorithm specified by <var>normalizedAlgorithm</var> with <code>key</code> as
- <var>key</var>, <code>signature</code> as <var>signature</var> and
- <code>data</code> as <var>message</var>.
+ Let <var>result</var> be the result of performing the verify operation
+ specified by <var>normalizedAlgorithm</var> using <var>key</var> and
+ <var>signature</var> and with <var>data</var> as <var>message</var>.
</p>
</li>
<li>
@@ -1331,8 +1442,48 @@
<ol>
<li>
<p>
+ Let <var>algorithm</var> and <var>data</var>
+ be the <code>algorithm</code> and <code>data</code> parameters passed to the
+ <a href="#dfn-SubtleCrypto-method-digest">digest</a> method, respectively.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>promise</var> be a new Promise object and <var>resolver</var> its
+ associated resolver object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Return <var>promise</var> and asynchronously perform the remaining steps.
+ </p>
+ </li>
+ <li>
+ <p>
+ If an error occurs, run these substeps and then terminate the algorithm:
+ </p>
+ <ol>
+ <li>
+ <p>
+ Let <var>result</var> be <code>null</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Execute <var>resolver</var>'s <code>reject(value)</code> algorithm, with
+ <var>result</var> as the <code>value</code> argument.
+ </p>
+ </li>
+ </ol>
+ <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+ Determine whether to reject the algorithm with a DOMError or a
+ <code>null</code> result.
+ </div>
+ </li>
+ <li>
+ <p>
Let <var>normalizedAlgorithm</var> be the result of processing
- <code>algorithm</code> according to the
+ <var>algorithm</var> according to the
<a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
</p>
</li>
@@ -1340,29 +1491,14 @@
<p>
If <var>normalizedAlgorithm</var> does not describe a
<a href="#algorithms">registered algorithm</a> that supports the digest
- operation, throw a <code>NotSupportedError</code> and
- <a href="#terminate-the-algorithm">terminate the algorithm</a>.
- </p>
- </li>
- <li>
- <p>
- Create a new Promise object.
- </p>
- </li>
- <li>
- <p>
- Return the new object and asynchronously perform the remaining steps.
- </p>
- </li>
- <li>
- <p>
- Let <var>resolver</var> be the returned Promise's associated resolver object.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var> be the result of performing the underlying cryptographic
- algorithm specified by <var>normalizedAlgorithm</var>.
+ operation, terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be the result of performing the digest
+ operation specified by <var>normalizedAlgorithm</var> using <var>data</var>
+ as <var>message</var>.
</p>
</li>
<li>
@@ -1384,46 +1520,28 @@
<ol>
<li>
<p>
- Let <var>normalizedAlgorithm</var> be the result of processing
- <code>algorithm</code> according to the
- <a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
- </p>
- </li>
- <li>
- <p>
- If <var>normalizedAlgorithm</var> does not describe a
- <a href="#algorithms">registered algorithm</a> that supports the generate
- operation, throw a <code>NotSupportedError</code> and
- <a href="#terminate-the-algorithm">terminate the algorithm</a>.
- </p>
- </li>
- <li>
- <p>
- If <code>keyUsages</code> includes a value that is not a
- <a href="#dfn-RecognizedKeyUsage">recognized key usage value</a>, throw a
- <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate
- the algorithm</a>
- </p>
- </li>
- <li>
- <p>
- Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var>
- its associated resolver.
- </p>
- </li>
- <li>
- <p>
- Return <var>promise</var> and continue executing the remaining steps asynchronously.
+ Let <var>algorithm</var>, <var>extractable</var> and <var>usages</var>
+ be the <code>algorithm</code>, <code>extractable</code> and <code>keyUsages</code>
+ parameters passed to the
+ <a href="#dfn-SubtleCrypto-method-generateKey">generateKey</a> method,
+ respectively.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>promise</var> be a new Promise object and <var>resolver</var> its
+ associated resolver object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Return <var>promise</var> and asynchronously perform the remaining steps.
</p>
</li>
<li>
<p>
If an error occurs, run these substeps and then terminate the algorithm:
</p>
- <div class="ednote"><div class="ednoteHeader">Editorial note</div>
- Determine whether to reject the algorithm with a DOMError or a
- <code>null</code> result.
- </div>
<ol>
<li>
<p>
@@ -1437,13 +1555,37 @@
</p>
</li>
</ol>
- </li>
- <li>
- <p>
- Let <var>result</var> be the result of executing the key generation algorithm
- defined by the algorithm indicated in <var>normalizedAlgorithm</var> with
- <code>extractable</code> as <var>extractable</var> and <code>keyUsages</code> as
- <var>usages</var>.
+ <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+ Determine whether to reject the algorithm with a DOMError or a
+ <code>null</code> result.
+ </div>
+ </li>
+ <li>
+ <p>
+ Let <var>normalizedAlgorithm</var> be the result of processing
+ <var>algorithm</var> according to the
+ <a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>normalizedAlgorithm</var> does not describe a
+ <a href="#algorithms">registered algorithm</a> that supports the generate
+ key operation, terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>usages</var> includes a value that is not a case-sensitive string match
+ for a <a href="#dfn-RecognizedKeyUsage">recognized key usage value</a>,
+ terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be the result of executing the generate key operation
+ specified by <var>normalizedAlgorithm</var> using
+ <var>extractable</var> and <var>usages</var>.
</p>
</li>
<li>
@@ -1464,76 +1606,30 @@
<ol>
<li>
<p>
- Let <var>normalizedAlgorithm</var> be the result of processing
- <code>algorithm</code> according to the
- <a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
- </p>
- </li>
- <li>
- <p>
- If <var>normalizedAlgorithm</var> does not describe a
- <a href="#algorithms">registered algorithm</a> that supports the derive
- operation, throw a <code>NotSupportedError</code> and
- <a href="#terminate-the-algorithm">terminate the algorithm</a>.
- </p>
- </li>
- <li>
- <p>
- If <code>derivedKeyType</code> is null, let
- <var>normalizedDerivedKeyAlgorithm</var> be null. Otherwise,
- <ol>
- <li>
- <p>
- Let <var>normalizedDerivedKeyAlgorithm</var> be the result of processing
- <code>derivedKeyType</code> according to the
- <a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
- </p>
- </li>
- <li>
- <p>
- If <var>normalizedDerivedKeyAlgorithm</var> does not describe a
- <a href="#algorithms">registered algorithm</a> throw a
- <code>NotSupportedError</code> and
- <a href="#terminate-the-algorithm">terminate the algorithm</a>.
- </p>
- </li>
- </ol>
- </p>
- </li>
- <li>
- <p>
- If the <a href="#dfn-Key-usages">usages</a> property of <code>baseKey</code> does not
- contain an entry that is a case-sensitive string match for <code>"deriveKey"</code>,
- terminate this algorithm with an error.
- </p>
- </li>
- <li>
- <p>
- If <code>keyUsages</code> includes a value that is not a
- <a href="#dfn-RecognizedKeyUsage">recognized key usage value</a>, throw a
- <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate the
- algorithm</a>
- </p>
- </li>
- <li>
- <p>
- Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var>
- its associated resolver.
- </p>
- </li>
- <li>
- <p>
- Return <var>promise</var> and continue executing the remaining steps asynchronously.
+ Let <var>algorithm</var>, <var>baseKey</var>, <var>derivedKeyType</var>,
+ <var>extractable</var> and <var>usages</var> be the <code>algorithm</code>,
+ <code>baseKey</code>, <code>derivedKeyType</code>, <code>extractable</code> and
+ <code>keyUsages</code>
+ parameters passed to the
+ <a href="#dfn-SubtleCrypto-method-deriveKey">deriveKey</a> method,
+ respectively.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>promise</var> be a new Promise object and <var>resolver</var> its
+ associated resolver object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Return <var>promise</var> and asynchronously perform the remaining steps.
</p>
</li>
<li>
<p>
If an error occurs, run these substeps and then terminate the algorithm:
</p>
- <div class="ednote"><div class="ednoteHeader">Editorial note</div>
- Determine whether to reject the algorithm with a DOMError or a
- <code>null</code> result.
- </div>
<ol>
<li>
<p>
@@ -1547,13 +1643,71 @@
</p>
</li>
</ol>
- </li>
- <li>
- <p>
- Let <var>result</var> be the result of executing the key derivation algorithm
- defined by the algorithm indicated in <var>normalizedAlgorithm</var> using
- <code>key</code> as <var>key</var>, <code>extractable</code> as
- <var>extractable</var> and <code>keyUsages</code> as <var>usages</var>.
+ <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+ Determine whether to reject the algorithm with a DOMError or a
+ <code>null</code> result.
+ </div>
+ </li>
+ <li>
+ <p>
+ Let <var>normalizedAlgorithm</var> be the result of processing
+ <var>algorithm</var> according to the
+ <a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>normalizedAlgorithm</var> does not describe a
+ <a href="#algorithms">registered algorithm</a> that supports the derive key
+ operation, terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <dl class="switch">
+ <dt>If <var>derivedKeyType</var> is null:</dt>
+ <dd>Let <var>normalizedDerivedKeyAlgorithm</var> be null.</dd>
+ <dt>Otherwise:</dt>
+ <dd>
+ <ol>
+ <li>
+ <p>
+ Let <var>normalizedDerivedKeyAlgorithm</var> be the result of processing
+ <var>derivedKeyType</var> according to the
+ <a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>normalizedDerivedKeyAlgorithm</var> does not describe a
+ <a href="#algorithms">registered algorithm</a>, terminate this algorithm
+ with an error.
+ </p>
+ </li>
+ </ol>
+ </dd>
+ </dl>
+ </li>
+ <li>
+ <p>
+ If the <a href="#dfn-Key-usages">usages</a> property of <var>baseKey</var> does not
+ contain an entry that is a case-sensitive string match for <code>"deriveKey"</code>,
+ terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>usages</var> includes a value that is not a case-sensitive string
+ match for a
+ <a href="#dfn-RecognizedKeyUsage">recognized key usage value</a>, terminate
+ this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be the result of executing the derive key operation
+ specified by <var>normalizedAlgorithm</var> using
+ <var>key</var>, <var>normalizedDerivedKeyAlgorithm</var>, <var>extractable</var>
+ and <var>usages</var>.
</p>
</li>
<li>
@@ -1574,45 +1728,29 @@
<ol>
<li>
<p>
- Let <var>normalizedAlgorithm</var> be the result of processing
- <code>algorithm</code> according to the
- <a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
- </p>
- </li>
- <li>
- <p>
- If <var>normalizedAlgorithm</var> does not describe a
- <a href="#algorithms">registered algorithm</a> that supports the derive
- operation, throw a <code>NotSupportedError</code> and
- <a href="#terminate-the-algorithm">terminate the algorithm</a>.
- </p>
- </li>
- <li>
- <p>
- If the <a href="#dfn-Key-usages">usages</a> property of <code>baseKey</code> does not
- contain an entry that is a case-sensitive string match for <code>"deriveBits"</code>,
- terminate this algorithm with an error.
- </p>
- </li>
- <li>
- <p>
- Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var>
- its associated resolver.
- </p>
- </li>
- <li>
- <p>
- Return <var>promise</var> and continue executing the remaining steps asynchronously.
+ Let <var>algorithm</var>, <var>baseKey</var> and <var>length</var>,
+ be the <code>algorithm</code>,
+ <code>baseKey</code> and <code>length</code>
+ parameters passed to the
+ <a href="#dfn-SubtleCrypto-method-deriveBits">deriveBits</a> method,
+ respectively.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>promise</var> be a new Promise object and <var>resolver</var> its
+ associated resolver object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Return <var>promise</var> and asynchronously perform the remaining steps.
</p>
</li>
<li>
<p>
If an error occurs, run these substeps and then terminate the algorithm:
</p>
- <div class="ednote"><div class="ednoteHeader">Editorial note</div>
- Determine whether to reject the algorithm with a DOMError or a <code>null</code>
- result.
- </div>
<ol>
<li>
<p>
@@ -1626,18 +1764,37 @@
</p>
</li>
</ol>
- </li>
- <li>
- <p>
- If <var>baseKey</var>.<a href="#dfn-Key-usages"><code>usages</code></a> does not
- contain the <code>"deriveBits"</code> <a href="#dfn-KeyUsage"><code>KeyUsage</code></a>,
+ <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+ Determine whether to reject the algorithm with a DOMError or a
+ <code>null</code> result.
+ </div>
+ </li>
+ <li>
+ <p>
+ Let <var>normalizedAlgorithm</var> be the result of processing
+ <var>algorithm</var> according to the
+ <a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>normalizedAlgorithm</var> does not describe a
+ <a href="#algorithms">registered algorithm</a> that supports the derive bits
+ operation, terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ If the <a href="#dfn-Key-usages">usages</a> property of <var>baseKey</var> does not
+ contain an entry that is a case-sensitive string match for <code>"deriveBits"</code>,
terminate this algorithm with an error.
</p>
</li>
<li>
<p>
- Let <var>result</var> be the result of executing the key derivation algorithm
- defined by the algorithm indicated in <var>normalizedAlgorithm</var>.
+ Let <var>result</var> be the result of executing the derive bits operation
+ specified by <var>normalizedAlgorithm</var> using <var>baseKey</var> and
+ <var>length</var>.
</p>
</li>
<li>
@@ -1657,67 +1814,31 @@
</p>
<ol>
<li>
- <dl class="switch">
- <dt>If <code>algorithm</code> is not null:</dt>
- <dd>
- <ol>
- <li>
- <p>
- Let <var>normalizedAlgorithm</var> be the result of processing
- <code>algorithm</code> according to the
- <a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
- </p>
- </li>
- <li>
- <p>
- If <var>normalizedAlgorithm</var> does not describe a
- <a href="#algorithms">registered algorithm</a> that supports the importKey
- operation, throw a <code>NotSupportedError</code> and
- <a href="#terminate-the-algorithm">terminate the algorithm</a>.
- </p>
- </li>
- </ol>
- </dd>
- <dt>Otherwise:</dt>
- <dd>
- Let <var>normalizedAlgorithm</var> be null.
- </dd>
- </dl>
- </li>
- <li>
- <p>
- If <code>format</code> is not a <a href="#dfn-RecognizedKeyFormats">recognized key
- format value</a>, throw a <code>NotSupportedError</code> and
- <a href="#terminate-the-algorithm">terminate the algorithm</a>
- </p>
- </li>
- <li>
- <p>
- If <code>keyUsages</code> includes a value that is not a
- <a href="#dfn-RecognizedKeyUsage">recognized key usage value</a>, throw a
- <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate
- the algorithm</a>
- </p>
- </li>
- <li>
- <p>
- Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var>
- its associated resolver.
- </p>
- </li>
- <li>
- <p>
- Return <var>promise</var> and continue executing the remaining steps asynchronously.
+ <p>
+ Let <var>format</var>, <var>keyData</var>, <var>algorithm</var>,
+ <var>extractable</var> and <var>usages</var>,
+ be the <code>format</code>, <code>keyData</code>, <code>algorithm</code>,
+ <code>extractable</code> and <code>keyUsages</code>
+ parameters passed to the
+ <a href="#dfn-SubtleCrypto-method-importKey">importKey</a> method,
+ respectively.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>promise</var> be a new Promise object and <var>resolver</var> its
+ associated resolver object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Return <var>promise</var> and asynchronously perform the remaining steps.
</p>
</li>
<li>
<p>
If an error occurs, run these substeps and then terminate the algorithm:
</p>
- <div class="ednote"><div class="ednoteHeader">Editorial note</div>
- Determine whether to reject the algorithm with a DOMError or a
- <code>null</code> result.
- </div>
<ol>
<li>
<p>
@@ -1731,15 +1852,67 @@
</p>
</li>
</ol>
- </li>
- <li>
- <p>
- Let <var>result</var> be the <a href="#dfn-Key"><code>Key</code></a> object that
- results from performing the Import Key operation defined by
- <var>normalizedAlgorithm</var> using <code>keyData</code> as <var>keyData</var>,
- <code>format</code> as <var>format</var>, <code>extractable</code> as
- <var>extractable</var> and <code>usages</code> as <var>usages</var>.
- </p>
+ <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+ Determine whether to reject the algorithm with a DOMError or a
+ <code>null</code> result.
+ </div>
+ </li>
+
+ <li>
+ <dl class="switch">
+ <dt>If <var>algorithm</var> is not null:</dt>
+ <dd>
+ <ol>
+ <li>
+ <p>
+ Let <var>normalizedAlgorithm</var> be the result of processing
+ <var>algorithm</var> according to the
+ <a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>normalizedAlgorithm</var> does not describe a
+ <a href="#algorithms">registered algorithm</a> that supports the import key
+ operation, terminate this algorithm with an error.
+ </p>
+ </li>
+ </ol>
+ </dd>
+ <dt>Otherwise:</dt>
+ <dd>
+ Let <var>normalizedAlgorithm</var> be null.
+ </dd>
+ </dl>
+ </li>
+ <li>
+ <p>
+ If <var>format</var> is not a case-sensitive string match for
+ a <a href="#dfn-RecognizedKeyFormats">recognized key
+ format value</a>, terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>usages</var> includes a value that is not a case-sensitive string match
+ for a
+ <a href="#dfn-RecognizedKeyUsage">recognized key usage value</a>,
+ terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be the <a href="#dfn-Key">Key</a> object that
+ results from performing the import key operation specified by
+ <var>normalizedAlgorithm</var> using <var>keyData</var>,
+ <var>format</var>, <var>extractable</var> and <var>usages</var>.
+ </p>
+ <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+ <p>
+ TODO: Specify how to identify the correct algorithm for the case
+ where <var>normalizedAlgorithm</var> is null, or remove that case.
+ </p>
+ </div>
</li>
<li>
<p>
@@ -1759,56 +1932,64 @@
<ol>
<li>
<p>
- If <code>format</code> is not a <a href="#dfn-RecognizedKeyFormats">recognized key
- format value</a>, throw a <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate the algorithm</a>
- </p>
- </li>
- <li>
- <p>
- Let <var>promise</var> be a new <code>Promise</code> object and
- <var>resolver</var> its associated resolver.
- </p>
- </li>
- <li>
- <p>
- Return <var>promise</var> and continue executing the remaining steps
- asynchronously.
+ Let <var>format</var> and <var>key</var> be the <code>format</code>
+ and <code>key</code> parameters passed to the
+ <a href="#dfn-SubtleCrypto-method-importKey">importKey</a> method,
+ respectively.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>promise</var> be a new Promise object and <var>resolver</var> its
+ associated resolver object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Return <var>promise</var> and asynchronously perform the remaining steps.
</p>
</li>
<li>
<p>
If an error occurs, run these substeps and then terminate the algorithm:
</p>
- <div class="ednote"><div class="ednoteHeader">Editorial note</div>
- Determine whether to reject the algorithm with a DOMError or a <code>null</code>
- result.
- </div>
<ol>
<li>
<p>
- Let <var>result</var> be <code>null</code>.
- </p>
- </li>
- <li>
- <p>
- Execute <var>resolver</var>'s <code>reject(value)</code> algorithm, with
- <var>result</var> as the <code>value</code> argument.
+ Let <var>result</var> be <code>null</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Execute <var>resolver</var>'s <code>reject(value)</code> algorithm, with
+ <var>result</var> as the <code>value</code> argument.
</p>
</li>
</ol>
- </li>
- <li>
- <p>
- If the <a href="#dfn-Key-extractable">extractable</a> property of <code>key</code>
+ <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+ Determine whether to reject the algorithm with a DOMError or a
+ <code>null</code> result.
+ </div>
+ </li>
+
+ <li>
+ <p>
+ If <var>format</var> is not a case-sensitive string match for a
+ <a href="#dfn-RecognizedKeyFormats">recognized key
+ format value</a>, terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ If the <a href="#dfn-Key-extractable">extractable</a> property of <var>key</var>
is false, terminate this algorithm with an error.
</p>
</li>
<li>
<p>
- Let <var>result</var> be the result of performing the Export Key operation specified
- by the algorithm identified by the <a href="#dfn-Key-algorithm">algorithm</a>
- property of <code>key</code> using <code>key</code> as <var>key</var> and
- <code>format</code> as <var>format</var>.
+ Let <var>result</var> be the result of performing the export key operation
+ specified by the <a href="#dfn-Key-algorithm">algorithm</a>
+ property of <var>key</var> using <var>key</var> and <var>format</var>.
</p>
</li>
<li>
@@ -1828,45 +2009,28 @@
<ol>
<li>
<p>
- Let <var>normalizedAlgorithm</var> be the result of processing
- <code>wrapAlgorithm</code> according to the
- <a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
- </p>
- </li>
- <li>
- <p>
- If <var>normalizedAlgorithm</var> does not describe a
- <a href="#algorithms">registered algorithm</a> that supports the wrapKey
- operation, throw a <code>NotSupportedError</code> and
- <a href="#terminate-the-algorithm">terminate the algorithm</a>.
- </p>
- </li>
- <li>
- <p>
- If <code>format</code> is not a <a href="#dfn-RecognizedKeyFormats">recognized key
- format value</a>, throw a <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate the algorithm</a>
- </p>
- </li>
- <li>
- <p>
- Let <var>promise</var> be a new <code>Promise</code> object and
- <var>resolver</var> its associated resolver.
- </p>
- </li>
- <li>
- <p>
- Return <var>promise</var> and continue executing the remaining steps
- asynchronously.
+ Let <var>format</var>, <var>key</var>, <var>wrappingKey</var> and
+ <var>wrapAlgorithm</var> be the <code>format</code>, <code>key</code>,
+ <code>wrappingKey</code> and <code>wrapAlgorithm</code> parameters passed to the
+ <a href="#dfn-SubtleCrypto-method-wrapKey">wrapKey</a> method,
+ respectively.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>promise</var> be a new Promise object and <var>resolver</var> its
+ associated resolver object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Return <var>promise</var> and asynchronously perform the remaining steps.
</p>
</li>
<li>
<p>
If an error occurs, run these substeps and then terminate the algorithm:
</p>
- <div class="ednote"><div class="ednoteHeader">Editorial note</div>
- Determine whether to reject the algorithm with a DOMError or a <code>null</code>
- result.
- </div>
<ol>
<li>
<p>
@@ -1880,48 +2044,73 @@
</p>
</li>
</ol>
- </li>
- <li>
- <p>
- If the <a href="#dfn-Key-usages">usages</a> property of <code>wrappingKey</code>
+ <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+ Determine whether to reject the algorithm with a DOMError or a
+ <code>null</code> result.
+ </div>
+ </li>
+
+ <li>
+ <p>
+ Let <var>normalizedAlgorithm</var> be the result of processing
+ <var>wrapAlgorithm</var> according to the
+ <a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>normalizedAlgorithm</var> does not describe a
+ <a href="#algorithms">registered algorithm</a> that supports the encrypt or wrap
+ key operation, terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>format</var> is not a case-sensitive string match for algorithm a
+ <a href="#dfn-RecognizedKeyFormats">recognized key
+ format value</a>, terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ If the <a href="#dfn-Key-usages">usages</a> property of <var>wrappingKey</var>
does not contain an entry that is a case-sensitive string match for
<code>"wrapKey"</code>, terminate this algorithm with an error.
</p>
</li>
<li>
<p>
- If the <a href="#dfn-Key-extractable">extractable</a> property of <code>key</code>
+ If the <a href="#dfn-Key-extractable">extractable</a> property of <var>key</var>
is false, terminate this algorithm with an error.
</p>
</li>
<li>
<p>
- Let <var>bytes</var> be the result of performing the Export Key operation specified
- by the algorithm identfied by the <a href="#dfn-Key-algorithm">algorithm</a>
- property of <code>key</code> using <code>key</code> as <var>key</var> and
- <code>format</code> as <var>format</var>.
- </p>
- </li>
- <li>
- <p>
- If the Export Key operation failed, terminate this algorithm with an error.
+ Let <var>bytes</var> be the result of performing the export key operation specified
+ the <a href="#dfn-Key-algorithm">algorithm</a>
+ property of <var>key</var> using <var>key</var> and <var>format</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ If the export key operation failed, terminate this algorithm with an error.
</p>
</li>
<li>
<dl class="switch">
- <dt>If <var>normalizedAlgorithm</var> specifies a Wrap Key operation:</dt>
+ <dt>If <var>normalizedAlgorithm</var> supports the wrap key operation:</dt>
<dd>
<p>
- Let <var>result</var> be the result of performing the Wrap Key operation
- specified by <var>normalizedAlgorithm</var> with <code>wrappingKey</code>
+ Let <var>result</var> be the result of performing the wrap key operation
+ specified by <var>normalizedAlgorithm</var> with <var>wrappingKey</var>
as <var>key</var> and <var>bytes</var> as <var>plaintext</var>.
</p>
</dd>
- <dt>Otherwise, if <var>normalizedAlgorithm</var> specifies an Encrypt operation:</dt>
+ <dt>Otherwise, if <var>normalizedAlgorithm</var> supports the encrypt operation:</dt>
<dd>
<p>
- Let <var>result</var> be the result of performing the Encrypt operation
- specified by <var>normalizedAlgorithm</var> with <code>wrappingKey</code>
+ Let <var>result</var> be the result of performing the encrypt operation
+ specified by <var>normalizedAlgorithm</var> with <var>wrappingKey</var>
as <var>key</var> and <var>bytes</var> as <var>plaintext</var>.
</p>
</dd>
@@ -1931,7 +2120,7 @@
</li>
<li>
<p>
- If the Wrap Key or Encrypt algorithm failed, terminate this algorithm with an error.
+ If the wrap key or encrypt operation failed, terminate this algorithm with an error.
</p>
</li>
<li>
@@ -1950,80 +2139,34 @@
<span class="RFC2119">MUST</span> perform the following steps:
</p>
<ol>
- <li>
- <p>
- Let <var>normalizedUnwrapAlgorithm</var> be the result of processing
- <code>unwrapAlgorithm</code> according to the
- <a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
- </p>
- </li>
- <li>
- <p>
- If <var>normalizedUnwrapAlgorithm</var> does not describe a
- <a href="#algorithms">registered algorithm</a> that supports the unwrapKey
- operation, throw a <code>NotSupportedError</code> and
- <a href="#terminate-the-algorithm">terminate the algorithm</a>.
- </p>
- </li>
- <li>
- <dl class="switch">
- <dt>If <code>unwrappedKeyAlgorithm</code> is not null:</dt>
- <dd>
- <ol>
- <li>
- <p>
- Let <var>normalizedKeyAlgorithm</var> be the result of processing
- <code>unwrappedKeyAlgorithm</code> according to the
- <a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
- </p>
- </li>
- <li>
- <p>
- If <var>normalizedKeyAlgorithm</var> does not describe a
- <a href="#algorithms">registered algorithm</a> that supports the importKey
- operation, throw a <code>NotSupportedError</code> and
- <a href="#terminate-the-algorithm">terminate the algorithm</a>.
- </p>
- </li>
- </ol>
- </dd>
- <dt>Otherwise:</dt>
- <dd>Let <var>normalizedKeyAlgorithm</var> be <code>null</code>.</dd>
- </dl>
- </li>
- <li>
- <p>
- If <code>format</code> is not a <a href="#dfn-RecognizedKeyFormats">recognized key
- format value</a>, throw a <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate the algorithm</a>
- </p>
- </li>
- <li>
- <p>
- If <code>keyUsages</code> includes a value that is not a
- <a href="#dfn-RecognizedKeyUsage">recognized key usage value</a>, throw a
- <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate
- the algorithm</a>
- </p>
- </li>
- <li>
- <p>
- Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var>
- its associated resolver.
- </p>
- </li>
- <li>
- <p>
- Return <var>promise</var> and continue executing the remaining steps asynchronously.
+ <li>
+ <p>
+ Let <var>format</var>, <var>wrappedKey</var>, <var>unwrappingKey</var>,
+ <var>unwrapAlgorithm</var>, <var>unwrappedKeyAlgorithm</var>,
+ <var>extractable</var> and <var>usages</var>,
+ be the <code>format</code>, <code>wrappedKey</code>, <code>unwrappingKey</code>,
+ <code>unwrapAlgorithm</code>, <code>unwrappedKeyAlgorithm</code>,
+ <code>extractable</code> and <code>keyUsages</code>
+ parameters passed to the
+ <a href="#dfn-SubtleCrypto-method-unwrapKey">unwrapKey</a> method,
+ respectively.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>promise</var> be a new Promise object and <var>resolver</var> its
+ associated resolver object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Return <var>promise</var> and asynchronously perform the remaining steps.
</p>
</li>
<li>
<p>
If an error occurs, run these substeps and then terminate the algorithm:
</p>
- <div class="ednote"><div class="ednoteHeader">Editorial note</div>
- Determine whether to reject the algorithm with a DOMError or a
- <code>null</code> result.
- </div>
<ol>
<li>
<p>
@@ -2037,31 +2180,88 @@
</p>
</li>
</ol>
- </li>
- <li>
- <p>
- If the <a href="#dfn-Key-usages">usages</a> property of <code>unwrappingKey</code>
- does not contain an entry that is a case-sensitive string match for
- <code>"unwrapKey"</code>, terminate this algorithm with an error.
+ <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+ Determine whether to reject the algorithm with a DOMError or a
+ <code>null</code> result.
+ </div>
+ </li>
+ <li>
+ <p>
+ Let <var>normalizedUnwrapAlgorithm</var> be the result of processing
+ <var>unwrapAlgorithm</var> according to the
+ <a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>normalizedUnwrapAlgorithm</var> does not describe a
+ <a href="#algorithms">registered algorithm</a> that supports the unwrapKey
+ operation, terminate this algorithm with an error.
</p>
</li>
<li>
<dl class="switch">
- <dt>If <var>normalizedUnwrapAlgorithm</var> specifies a Unwrap Key operation:</dt>
+ <dt>If <var>unwrappedKeyAlgorithm</var> is not null:</dt>
<dd>
- Let <var>bytes</var> be the result of performing the Unwrap Key operation
+ <ol>
+ <li>
+ <p>
+ Let <var>normalizedKeyAlgorithm</var> be the result of processing
+ <var>unwrappedKeyAlgorithm</var> according to the
+ <a href="#algorithm-normalizing-rules">algorithm normalizing rules</a>.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>normalizedKeyAlgorithm</var> does not describe a
+ <a href="#algorithms">registered algorithm</a> that supports the importKey
+ operation, terminate this algorithm with an error.
+ </p>
+ </li>
+ </ol>
+ </dd>
+ <dt>Otherwise:</dt>
+ <dd>Let <var>normalizedKeyAlgorithm</var> be <code>null</code>.</dd>
+ </dl>
+ </li>
+ <li>
+ <p>
+ If the <a href="#dfn-Key-usages">usages</a> property of <var>unwrappingKey</var>
+ does not contain an entry that is a case-sensitive string match for
+ <code>"unwrapKey"</code>, terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>format</var> is not a case-sensitive string match for a
+ <a href="#dfn-RecognizedKeyFormats">recognized key
+ format value</a>, terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>usages</var> includes a value that is not a case-sensitive string match
+ for a <a href="#dfn-RecognizedKeyUsage">recognized key usage value</a>, terminate
+ this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <dl class="switch">
+ <dt>If <var>normalizedUnwrapAlgorithm</var> supports an unwrap key operation:</dt>
+ <dd>
+ Let <var>bytes</var> be the result of performing the unwrap key operation
specified by <var>normalizedUnwrapAlgorithm</var> with
- <code>unwrappingKey</code> as <var>key</var> and <code>wrappedKey</code> as
+ <var>unwrappingKey</var> as <var>key</var> and <var>wrappedKey</var> as
<var>ciphertext</var>.
</dd>
<dt>
- Otherwise, if <var>normalizedUnwrapAlgorithm</var> specifies a Decrypt
+ Otherwise, if <var>normalizedUnwrapAlgorithm</var> supports a decrypt
operation:
</dt>
<dd>
- Let <var>bytes</var> be the result of performing the Decrypt operation
+ Let <var>bytes</var> be the result of performing the decrypt operation
specified by <var>normalizedUnwrapAlgorithm</var> with
- <code>unwrappingKey</code> as <var>key</var> and <code>wrappedKey</code> as
+ <var>unwrappingKey</var> as <var>key</var> and <var>wrappedKey</var> as
<var>ciphertext</var>.
</dd>
<dt>Otherwise:</dt>
@@ -2070,16 +2270,16 @@
</li>
<li>
<p>
- If the Unwrap Key or Decrypt operation failed, terminate this algorithm with an error.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var> be the result of performing the Import Key operation
- specified by <var>normalizedKeyAlgorithm</var> with <code>format</code> as
- <var>format</var>, <code>keyUsages</code> as <var>usages</var>,
- <code>extractable</code> as <var>extractable</var> and <var>bytes</var> as
- <var>keyData</var>.
+ If the unwrap key or decrypt operation failed, terminate this algorithm with an
+ error.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be the result of performing the import key operation
+ specified by <var>normalizedKeyAlgorithm</var> using
+ <var>format</var>, <var>usages</var> and <var>extractable</var> and with
+ <var>bytes</var> as <var>keyData</var>.
<div class="ednote"><div class="ednoteHeader">Editorial note</div>
<p>
TODO: Specify how to identify the correct algorithm for the case
@@ -2090,7 +2290,7 @@
</li>
<li>
<p>
- If the Import Key algorithm failed, terminate this algorithm with an error.
+ If the import key algorithm failed, terminate this algorithm with an error.
</p>
</li>
<li>