Bug 24450 - JWK mapping should say what to do with keys that are invalid per JWK spec
--- a/spec/Overview-WebCryptoAPI.xml Thu Feb 20 11:12:07 2014 -0800
+++ b/spec/Overview-WebCryptoAPI.xml Thu Feb 20 12:09:54 2014 -0800
@@ -3270,6 +3270,8 @@
<li>
<p>
If the <code>"key_ops"</code> field of <var>jwk</var> is present, and
+ is invalid according to the requirements of
+ <a href="#jwk">JSON Web Key</a> or
does not contain all of the specified <var>usages</var> values,
terminate this algorithm with an error.
</p>
@@ -3288,8 +3290,8 @@
<ol>
<li>
<p>
- If <var>jwk</var> does not describe a valid JSON Web Key as
- specified in Section 6.3.2 of <a href="#jwa">JSON Web
+ If <var>jwk</var> does not meet the requirements of
+ Section 6.3.2 of <a href="#jwa">JSON Web
Algorithms</a>, terminate this algorithm with an error.
</p>
</li>
@@ -3314,8 +3316,8 @@
<ol>
<li>
<p>
- If <var>jwk</var> does not describe a valid JSON Web Key as
- specified in Section 6.3.1 of <a href="#jwa">JSON Web
+ If <var>jwk</var> does not meet the requirements of
+ Section 6.3.1 of <a href="#jwa">JSON Web
Algorithms</a>, terminate this algorithm with an error.
</p>
</li>
@@ -5305,7 +5307,7 @@
</li>
<li>
<p>
- If <var>jwk</var> does not describe a valid JSON Web Key according to
+ If <var>jwk</var> does not meet the requirements of
Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>, terminate this
algorithm with an error.
</p>
@@ -5344,6 +5346,8 @@
<li>
<p>
If the <code>"key_ops"</code> field of <var>jwk</var> is present, and
+ is invalid according to the requirements of
+ <a href="#jwk">JSON Web Key</a> or
does not contain all of the specified <var>usages</var> values,
terminate this algorithm with an error.
</p>
@@ -5810,7 +5814,7 @@
</li>
<li>
<p>
- If <var>jwk</var> does not describe a valid JSON Web Key according to
+ If <var>jwk</var> does not meet the requirements of
Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>, terminate this
algorithm with an error.
</p>
@@ -5849,6 +5853,8 @@
<li>
<p>
If the <code>"key_ops"</code> field of <var>jwk</var> is present, and
+ is invalid according to the requirements of
+ <a href="#jwk">JSON Web Key</a> or
does not contain all of the specified <var>usages</var> values,
terminate this algorithm with an error.
</p>
@@ -6248,7 +6254,7 @@
</li>
<li>
<p>
- If <var>jwk</var> does not describe a valid JSON Web Key according to
+ If <var>jwk</var> does not meet the requirements of
Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>, terminate this
algorithm with an error.
</p>
@@ -6287,6 +6293,8 @@
<li>
<p>
If the <code>"key_ops"</code> field of <var>jwk</var> is present, and
+ is invalid according to the requirements of
+ <a href="#jwk">JSON Web Key</a> or
does not contain all of the specified <var>usages</var> values,
terminate this algorithm with an error.
</p>
@@ -6794,7 +6802,7 @@
</li>
<li>
<p>
- If <var>jwk</var> does not describe a valid JSON Web Key according to
+ If <var>jwk</var> does not meet the requirements of
Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>, terminate this
algorithm with an error.
</p>
@@ -6833,6 +6841,8 @@
<li>
<p>
If the <code>"key_ops"</code> field of <var>jwk</var> is present, and
+ is invalid according to the requirements of
+ <a href="#jwk">JSON Web Key</a> or
does not contain all of the specified <var>usages</var> values,
terminate this algorithm with an error.
</p>
@@ -7269,7 +7279,7 @@
</li>
<li>
<p>
- If <var>jwk</var> does not describe a valid JSON Web Key according to
+ If <var>jwk</var> does not meet the requirements of
Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>, terminate this
algorithm with an error.
</p>
@@ -7308,6 +7318,8 @@
<li>
<p>
If the <code>"key_ops"</code> field of <var>jwk</var> is present, and
+ is invalid according to the requirements of
+ <a href="#jwk">JSON Web Key</a> or
does not contain all of the specified <var>usages</var> values,
terminate this algorithm with an error.
</p>
@@ -7711,7 +7723,7 @@
</li>
<li>
<p>
- If <var>jwk</var> does not describe a valid JSON Web Key according to
+ If <var>jwk</var> does not meet the requirements of
Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>, terminate this
algorithm with an error.
</p>
@@ -7750,6 +7762,8 @@
<li>
<p>
If the <code>"key_ops"</code> field of <var>jwk</var> is present, and
+ is invalid according to the requirements of
+ <a href="#jwk">JSON Web Key</a> or
does not contain all of the specified <var>usages</var> values,
terminate this algorithm with an error.
</p>
--- a/spec/Overview.html Thu Feb 20 11:12:07 2014 -0800
+++ b/spec/Overview.html Thu Feb 20 12:09:54 2014 -0800
@@ -3272,6 +3272,8 @@
<li>
<p>
If the <code>"key_ops"</code> field of <var>jwk</var> is present, and
+ is invalid according to the requirements of
+ <a href="#jwk">JSON Web Key</a> or
does not contain all of the specified <var>usages</var> values,
terminate this algorithm with an error.
</p>
@@ -3290,8 +3292,8 @@
<ol>
<li>
<p>
- If <var>jwk</var> does not describe a valid JSON Web Key as
- specified in Section 6.3.2 of <a href="#jwa">JSON Web
+ If <var>jwk</var> does not meet the requirements of
+ Section 6.3.2 of <a href="#jwa">JSON Web
Algorithms</a>, terminate this algorithm with an error.
</p>
</li>
@@ -3316,8 +3318,8 @@
<ol>
<li>
<p>
- If <var>jwk</var> does not describe a valid JSON Web Key as
- specified in Section 6.3.1 of <a href="#jwa">JSON Web
+ If <var>jwk</var> does not meet the requirements of
+ Section 6.3.1 of <a href="#jwa">JSON Web
Algorithms</a>, terminate this algorithm with an error.
</p>
</li>
@@ -5297,7 +5299,7 @@
</li>
<li>
<p>
- If <var>jwk</var> does not describe a valid JSON Web Key according to
+ If <var>jwk</var> does not meet the requirements of
Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>, terminate this
algorithm with an error.
</p>
@@ -5336,6 +5338,8 @@
<li>
<p>
If the <code>"key_ops"</code> field of <var>jwk</var> is present, and
+ is invalid according to the requirements of
+ <a href="#jwk">JSON Web Key</a> or
does not contain all of the specified <var>usages</var> values,
terminate this algorithm with an error.
</p>
@@ -5802,7 +5806,7 @@
</li>
<li>
<p>
- If <var>jwk</var> does not describe a valid JSON Web Key according to
+ If <var>jwk</var> does not meet the requirements of
Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>, terminate this
algorithm with an error.
</p>
@@ -5841,6 +5845,8 @@
<li>
<p>
If the <code>"key_ops"</code> field of <var>jwk</var> is present, and
+ is invalid according to the requirements of
+ <a href="#jwk">JSON Web Key</a> or
does not contain all of the specified <var>usages</var> values,
terminate this algorithm with an error.
</p>
@@ -6240,7 +6246,7 @@
</li>
<li>
<p>
- If <var>jwk</var> does not describe a valid JSON Web Key according to
+ If <var>jwk</var> does not meet the requirements of
Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>, terminate this
algorithm with an error.
</p>
@@ -6279,6 +6285,8 @@
<li>
<p>
If the <code>"key_ops"</code> field of <var>jwk</var> is present, and
+ is invalid according to the requirements of
+ <a href="#jwk">JSON Web Key</a> or
does not contain all of the specified <var>usages</var> values,
terminate this algorithm with an error.
</p>
@@ -6786,7 +6794,7 @@
</li>
<li>
<p>
- If <var>jwk</var> does not describe a valid JSON Web Key according to
+ If <var>jwk</var> does not meet the requirements of
Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>, terminate this
algorithm with an error.
</p>
@@ -6825,6 +6833,8 @@
<li>
<p>
If the <code>"key_ops"</code> field of <var>jwk</var> is present, and
+ is invalid according to the requirements of
+ <a href="#jwk">JSON Web Key</a> or
does not contain all of the specified <var>usages</var> values,
terminate this algorithm with an error.
</p>
@@ -7261,7 +7271,7 @@
</li>
<li>
<p>
- If <var>jwk</var> does not describe a valid JSON Web Key according to
+ If <var>jwk</var> does not meet the requirements of
Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>, terminate this
algorithm with an error.
</p>
@@ -7300,6 +7310,8 @@
<li>
<p>
If the <code>"key_ops"</code> field of <var>jwk</var> is present, and
+ is invalid according to the requirements of
+ <a href="#jwk">JSON Web Key</a> or
does not contain all of the specified <var>usages</var> values,
terminate this algorithm with an error.
</p>
@@ -7703,7 +7715,7 @@
</li>
<li>
<p>
- If <var>jwk</var> does not describe a valid JSON Web Key according to
+ If <var>jwk</var> does not meet the requirements of
Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>, terminate this
algorithm with an error.
</p>
@@ -7742,6 +7754,8 @@
<li>
<p>
If the <code>"key_ops"</code> field of <var>jwk</var> is present, and
+ is invalid according to the requirements of
+ <a href="#jwk">JSON Web Key</a> or
does not contain all of the specified <var>usages</var> values,
terminate this algorithm with an error.
</p>