Bug 24410 - Align ECDSA sign and verify descriptions with rest of specification
authorMark Watson <watsonm@netflix.com>
Fri, 28 Feb 2014 16:57:25 -0800
changeset 145 aa2535681aa5
parent 144 53c3341698aa
child 146 ddfa59fb4f9f
Bug 24410 - Align ECDSA sign and verify descriptions with rest of specification
spec/Overview-WebCryptoAPI.xml
spec/Overview.html
--- a/spec/Overview-WebCryptoAPI.xml	Fri Feb 28 16:22:07 2014 -0800
+++ b/spec/Overview-WebCryptoAPI.xml	Fri Feb 28 16:57:25 2014 -0800
@@ -4873,36 +4873,36 @@
                 <ol>
                   <li>
                     <p>
-                      If <var>key</var> does not refer to an ECDSA private key, terminate the
-                      algorithm with an error.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Let <var>hash</var> be initialized to an instance of the underlying hash
-                      algorithm indicated by <var>hash</var>
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Let <var>bytes</var> be the sequence of bytes to be processed.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Perform the hash algorithm of <var>hash</var>, using <var>bytes</var> as input.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      If the context object's internal state is not <code>"complete"</code>, return
-                      an empty <code>ArrayBuffer</code>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Let <var>M</var> be the result of finalizing the hash algorithm of
-                      <var>hash</var>.
+                      If the <a href="#dfn-Key-type">type</a> property of <var>key</var>
+                      is not a case-sensitive string match for <code>"private"</code>,
+                      terminate this algorithm with an error.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      If any of the properties of <a href="#dfn-EcdsaParams">EcdsaParams</a> are
+                      not present in <var>normalizedAlgorithm</var>, terminate this algorithm with
+                      an error.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Let <var>hashAlgorithm</var> be the <a href="#dfn-EcdsaParams-hash">hash</a>
+                      property of
+                      <var>normalizedAlgorithm</var>.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      If <var>hashAlgorithm</var> does not describe a
+                      <a href="#algorithms">registered algorithm</a> that supports the digest
+                      operation, terminate this algorithm with an error.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Let <var>M</var> be the result of performing the digest operation specified by
+                      <var>hashAlgorithm</var> using <var>message</var>.
                     </p>
                   </li>
                   <li>
@@ -4959,36 +4959,36 @@
                 <ol>
                   <li>
                     <p>
-                      If <var>key</var> does not refer to an ECDSA public key, terminate the
-                      algorithm with an error.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Let <var>hash</var> be initialized to an instance of the underlying hash
-                      algorithm indicated by <var>hash</var>
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Let <var>bytes</var> be the sequence of bytes to be processed.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Perform the hash algorithm of <var>hash</var>, using <var>bytes</var> as input.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      If the context object's internal state is not <code>"complete"</code>,
-                      terminate the algorithm.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Let <var>M</var> be the result of finalizing the hash algorithm of
-                      <var>hash</var>.
+                      If the <a href="#dfn-Key-type">type</a> property of <var>key</var>
+                      is not a case-sensitive string match for <code>"public"</code>,
+                      terminate this algorithm with an error.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      If any of the properties of <a href="#dfn-EcdsaParams">EcdsaParams</a> are
+                      not present in <var>normalizedAlgorithm</var>, terminate this algorithm with
+                      an error.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Let <var>hashAlgorithm</var> be the <a href="#dfn-EcdsaParams-hash">hash</a>
+                      property of
+                      <var>normalizedAlgorithm</var>.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      If <var>hashAlgorithm</var> does not describe a
+                      <a href="#algorithms">registered algorithm</a> that supports the digest
+                      operation, terminate this algorithm with an error.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Let <var>M</var> be the result of performing the digest operation specified by
+                      <var>hashAlgorithm</var> using <var>message</var>.
                     </p>
                   </li>
                   <li>
@@ -5006,7 +5006,8 @@
                     <p>
                       Perform the ECDSA verifying process, as specified in <a
                       href="#X9.62">X9.62</a>, Section 7.4, with <var>M</var> as the received
-                      message, using <var>params</var> as the EC domain parameters, and with
+                      message, <var>signatire</var> as the received signature and using
+                      <var>params</var> as the EC domain parameters, and 
                       <var>Q</var> as the public key.
                     </p>
                   </li>
@@ -5040,10 +5041,6 @@
               and all that is required when importing is a "kty" of "EC". This also requires
               thinking through the export/wrap case.
             </p>
-            <p>
-              TODO: Fix-up the processing model, which refers to the (much outdated) CryptoOperation
-              model.
-            </p>
           </div>
         </div>
 
--- a/spec/Overview.html	Fri Feb 28 16:22:07 2014 -0800
+++ b/spec/Overview.html	Fri Feb 28 16:57:25 2014 -0800
@@ -4868,36 +4868,36 @@
                 <ol>
                   <li>
                     <p>
-                      If <var>key</var> does not refer to an ECDSA private key, terminate the
-                      algorithm with an error.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Let <var>hash</var> be initialized to an instance of the underlying hash
-                      algorithm indicated by <var>hash</var>
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Let <var>bytes</var> be the sequence of bytes to be processed.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Perform the hash algorithm of <var>hash</var>, using <var>bytes</var> as input.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      If the context object's internal state is not <code>"complete"</code>, return
-                      an empty <code>ArrayBuffer</code>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Let <var>M</var> be the result of finalizing the hash algorithm of
-                      <var>hash</var>.
+                      If the <a href="#dfn-Key-type">type</a> property of <var>key</var>
+                      is not a case-sensitive string match for <code>"private"</code>,
+                      terminate this algorithm with an error.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      If any of the properties of <a href="#dfn-EcdsaParams">EcdsaParams</a> are
+                      not present in <var>normalizedAlgorithm</var>, terminate this algorithm with
+                      an error.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Let <var>hashAlgorithm</var> be the <a href="#dfn-EcdsaParams-hash">hash</a>
+                      property of
+                      <var>normalizedAlgorithm</var>.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      If <var>hashAlgorithm</var> does not describe a
+                      <a href="#algorithms">registered algorithm</a> that supports the digest
+                      operation, terminate this algorithm with an error.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Let <var>M</var> be the result of performing the digest operation specified by
+                      <var>hashAlgorithm</var> using <var>message</var>.
                     </p>
                   </li>
                   <li>
@@ -4954,36 +4954,36 @@
                 <ol>
                   <li>
                     <p>
-                      If <var>key</var> does not refer to an ECDSA public key, terminate the
-                      algorithm with an error.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Let <var>hash</var> be initialized to an instance of the underlying hash
-                      algorithm indicated by <var>hash</var>
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Let <var>bytes</var> be the sequence of bytes to be processed.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Perform the hash algorithm of <var>hash</var>, using <var>bytes</var> as input.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      If the context object's internal state is not <code>"complete"</code>,
-                      terminate the algorithm.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Let <var>M</var> be the result of finalizing the hash algorithm of
-                      <var>hash</var>.
+                      If the <a href="#dfn-Key-type">type</a> property of <var>key</var>
+                      is not a case-sensitive string match for <code>"public"</code>,
+                      terminate this algorithm with an error.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      If any of the properties of <a href="#dfn-EcdsaParams">EcdsaParams</a> are
+                      not present in <var>normalizedAlgorithm</var>, terminate this algorithm with
+                      an error.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Let <var>hashAlgorithm</var> be the <a href="#dfn-EcdsaParams-hash">hash</a>
+                      property of
+                      <var>normalizedAlgorithm</var>.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      If <var>hashAlgorithm</var> does not describe a
+                      <a href="#algorithms">registered algorithm</a> that supports the digest
+                      operation, terminate this algorithm with an error.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Let <var>M</var> be the result of performing the digest operation specified by
+                      <var>hashAlgorithm</var> using <var>message</var>.
                     </p>
                   </li>
                   <li>
@@ -5000,7 +5000,8 @@
                   <li>
                     <p>
                       Perform the ECDSA verifying process, as specified in <a href="#X9.62">X9.62</a>, Section 7.4, with <var>M</var> as the received
-                      message, using <var>params</var> as the EC domain parameters, and with
+                      message, <var>signatire</var> as the received signature and using
+                      <var>params</var> as the EC domain parameters, and 
                       <var>Q</var> as the public key.
                     </p>
                   </li>
@@ -5034,10 +5035,6 @@
               and all that is required when importing is a "kty" of "EC". This also requires
               thinking through the export/wrap case.
             </p>
-            <p>
-              TODO: Fix-up the processing model, which refers to the (much outdated) CryptoOperation
-              model.
-            </p>
           </div>
         </div>