--- a/spec/Overview-WebCryptoAPI.xml Thu Feb 13 00:00:00 2014 -0800
+++ b/spec/Overview-WebCryptoAPI.xml Thu Feb 13 00:00:00 2014 -0800
@@ -758,6 +758,38 @@
</div>
</div>
+ <div id="key-algorithm-interface" class="section">
+ <h2>KeyAlgorithm interface</h2>
+ <p>
+ The KeyAlgorithm interface represents information about the contents of a given
+ <a href="#dfn-Key">Key</a> object.
+ </p>
+ <x:codeblock language="idl">
+[NoInterfaceObject]
+interface <a href="#dfn-KeyAlgorithm">KeyAlgorithm</a> {
+ readonly attribute DOMString <a href="#dfn-key-algorithm-name">name</a>
+};
+ </x:codeblock>
+ <div id="key-algorithm-interface-description" class="section">
+ <h3>Description</h3>
+ <p class="norm">This section is non-normative</p>
+ <p>
+ The <a href="#dfn-KeyAlgorithm">KeyAlgorithm</a> interface is a supplemental interface
+ used to reflect the static, public properties of a <a href="#dfn-Key">Key</a> back to an
+ application. These properties can be used for determination of strength (e.g.: an
+ attribute that indicates the size of the key or the parameters of its creation) as well
+ as for protocol negotiations (e.g.: a particular instance of an inner hash).
+ </p>
+ </div>
+ <div id="key-algorithm-interface-members" class="section">
+ <h3>KeyAlgorithm interface members</h3>
+ <dl>
+ <dt id="dfn-key-algorithm-name">name</dt>
+ <dd>The name of the algorithm used to generate the <a href="#dfn-Key">Key</a></dd>
+ </dl>
+ </div>
+ </div>
+
<div id="key-interface" class="section">
<h2>Key interface</h2>
<p>
@@ -835,7 +867,7 @@
</dd>
<dt id="dfn-Key-algorithm"><code>algorithm</code></dt>
<dd>
- The <a href="#dfn-Algorithm"><code>Algorithm</code></a> used to generate the key.
+ The <a href="#dfn-KeyAlgorithm"><code>KeyAlgorithm</code></a> used to generate the key.
</dd>
<dt id="dfn-Key-usages"><code>usages</code></dt>
<dd>
@@ -2671,7 +2703,18 @@
<span class="comment">// The length, in bits, of the RSA modulus</span>
unsigned long modulusLength;
<span class="comment">// The RSA public exponent</span>
- BigInteger publicExponent;
+ <a href="#dfn-BigInteger">BigInteger</a> publicExponent;
+};
+ </x:codeblock>
+ </div>
+ <div id="RsaKeyAlgorithm-interface" class="section">
+ <h4>RsaKeyAlgorithm interface</h4>
+ <x:codeblock language="idl">
+interface <dfn id="dfn-RsaKeyAlgorithm">RsaKeyAlgorithm</dfn> : <a href="#dfn-KeyAlgorithm">KeyAlgorithm</a> {
+ <span class="comment">// The length, in bits, of the RSA modulus</span>
+ unsigned long <dfn id="dfn-RsaKeyAlgorithm-modulusLength">modulusLength</dfn>;
+ <span class="comment">// The RSA public exponent</span>
+ <a href="#dfn-BigInteger">BigInteger</a> <dfn id="dfn-RsaKeyAlgorithm-publicExponent">publicExponent</dfn>;
};
</x:codeblock>
</div>
@@ -2891,9 +2934,6 @@
to <code>"public"</code>
</p>
</li>
- <li>
- <p>Return <var>key</var>.</p>
- </li>
</ol>
</dd>
<dt>If <var>format</var> is <code>"pkcs8"</code>:</dt>
@@ -3056,13 +3096,27 @@
<li>
<p>
Let <var>algorithm</var> be a new
- <a href="#dfn-Algorithm">Algorithm</a>.
+ <a href="#dfn-RsaKeyAlgorithm">RsaKeyAlgorithm</a>.
</p>
</li>
<li>
<p>
- Set the <a href="#dfn-Algorithm-name">name</a> property of <var>
- algorithm</var> to <code>"RSAES-PKCS1-v1_5"</code>
+ Set the <a href="#dfn-KeyAlgorithm-name">name</a> property of
+ <var>algorithm</var> to <code>"RSAES-PKCS1-v1_5"</code>
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-RsaKeyAlgorithm-modulusLength">modulusLength</a>
+ property of <var>algorithm</var> to the length, in bits, of the RSA public
+ modulus.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-RsaKeyAlgorithm-publicExponent">publicExponent</a>
+ property of <var>algorithm</var> to the <a href="#dfn-BigInteger">BigInteger</a>
+ representation of the RSA public exponent.
</p>
</li>
<li>
@@ -3075,10 +3129,6 @@
<p>Return <var>key</var>.</p>
</li>
</ol>
- <div class="ednote">
- Specify additional fields for the Key.algorithm to indicate the
- modulus size and exponent.
- </div>
</dd>
<dt>Export Key</dt>
<dd></dd>
@@ -3117,22 +3167,22 @@
<tbody>
<tr>
<td>sign</td>
- <td><a href="#dfn-RsaSsaParams">RsaSsaParams</a></td>
+ <td>None</td>
<td>ArrayBuffer</td>
</tr>
<tr>
<td>verify</td>
- <td><a href="#dfn-RsaSsaParams">RsaSsaParams</a></td>
+ <td>None</td>
<td>boolean</td>
</tr>
<tr>
<td>generateKey</td>
- <td><a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a></td>
+ <td><a href="#dfn-RsaHashedKeyGenParams">RsaHashedKeyGenParams</a></td>
<td><a href="#dfn-KeyPair">KeyPair</a></td>
</tr>
<tr>
<td>importKey</td>
- <td>None</td>
+ <td><a href="#dfn-RsaHashedImportParams">RsaHashedImportParams</a></td>
<td><a href="#dfn-Key">Key</a></td>
</tr>
<tr>
@@ -3143,15 +3193,40 @@
</tbody>
</table>
</div>
- <div id="RsaSsaParams-dictionary" class="section">
- <h4>RsaSsaParams dictionary</h4>
+ <div id="RsaHashedKeyGenParams-dictionary" class="section">
+ <h4>RsaHashedKeyGenParams dictionary</h4>
<x:codeblock language="idl">
-dictionary <dfn id="dfn-RsaSsaParams">RsaSsaParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
+dictionary <dfn id="dfn-RsaHashedKeyGenParams">RsaHashedKeyGenParams</dfn> : <a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a> {
<span class="comment">// The hash algorithm to use</span>
- AlgorithmIdentifier hash;
+ <a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> <dfn id="dfn-RsaHashedKeyGenParams-hash">hash</dfn>;
};
</x:codeblock>
</div>
+ <div id="RsaHashedKeyAlgorithm-interface" class="section">
+ <h4>RsaHashedKeyAlgorithm interface</h4>
+ <x:codeblock language="idl">
+[NoInterfaceObject]
+interface <dfn id="dfn-RsaHashedKeyAlgorithm">RsaHashedKeyAlgorithm</dfn> : <a href="#dfn-RsaKeyAlgorithm">RsaKeyAlgorithm</a> {
+ <span class="comment">// The hash algorithm that is used with this key</span>
+ readonly attribute <a href="#dfn-KeyAlgorithm">KeyAlgorithm</a> <dfn id="dfn-RsaHashedKeyAlgorithm-hash">hash</dfn>;
+};
+ </x:codeblock>
+ </div>
+ <div id="RsaHashedImportParams-dictionary" class="section">
+ <h4>RsaHashedImportParams dictionary</h4>
+ <x:codeblock language="idl">
+dictionary <dfn id="dfn-RsaHashedImportParams">RsaHashedImportParams</dfn> {
+ <span class="comment">// The hash algorithm to use</span>
+ <a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> <dfn id="dfn-RsaHashedImportParams-hash">hash</dfn>;
+};
+ </x:codeblock>
+ <div class="ednote">
+ <p>
+ Should this be folded into RsaHashedKeyGenParams and rely on the optional nature of the
+ dictionary fields?
+ </p>
+ </div>
+ </div>
<div id="rsassa-pkcs1-operations" class="section">
<h4>Operations</h4>
<dt>Sign</dt>
@@ -3165,13 +3240,6 @@
</li>
<li>
<p>
- If any of the members of <a href="#dfn-RsaSsaParams">RsaSsaParams</a> are not
- present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate
- this algorithm with an error.
- </p>
- </li>
- <li>
- <p>
Perform the signature generation operation defined in Section 8.2 of
[<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by
<var>key</var> as the signer's private key and the contents of
@@ -3208,13 +3276,6 @@
</li>
<li>
<p>
- If any of the members of <a href="#dfn-RsaSsaParams">RsaSsaParams</a> are
- not present in <var>normalizedAlgorithm</var>, or have incorrect types,
- terminate this algorithm with an error.
- </p>
- </li>
- <li>
- <p>
Perform the signature verification operation defined in Section 8.2 of
[<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by
<var>key</var> as the signer's RSA public key and the contents of
@@ -3245,7 +3306,7 @@
<ol>
<li>
<p>
- If any of the members of <a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a>
+ If any of the members of <a href="#dfn-RsaHashedKeyGenParams">RsaHashedKeyGenParams</a>
are not present in <var>normalizedAlgorithm</var>, or have incorrect types,
terminate this algorithm with an error.
</p>
@@ -3256,73 +3317,83 @@
href="#RFC3447">RFC3447</a></cite>], with RSA modulus length
<var>normalizedAlgorithm</var><code>.modulusLength</code> and RSA public
exponent <var>normalizedAlgorithm</var><code>.publicExponent</code>.
- <ul>
- <li>
- <p>
- If generation of the key pair fails, terminate this algorithm with an
- error.
- </p>
- </li>
- <li>
- <p>
- Otherwise,
- <ol>
- <li>
- <p>
- Let <var>result</var> be a new <a
- href="#dfn-KeyPair"><code>KeyPair</code></a> object
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey</code> be a new <a
- href="#dfn-Key"><code>Key</code></a> object representing the
- public key of the generated key pair.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey.extractable</code> be
- <code>true</code>
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey.keyUsages</code> be the
- intersection of <var>usages</var> and <code>[ "verify" ]</code>.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.privateKey</code> be a new <a
- href="#dfn-Key"><code>Key</code></a> object representing the
- private key of the generated key pair.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.privateKey.extractable</code> be
- <var>extractable</var>.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.privateKey.keyUsages</code> be the
- intersection of <var>usages</var> and <code>[ "sign" ]</code>.
- </p>
- </li>
- <li>
- <p>
- Return <var>result</var>.
- </p>
- </li>
- </ol>
- </p>
- </li>
- </ul>
+ </p>
+ </li>
+ <li>
+ <p>
+ If generation of the key pair fails, terminate this algorithm with an
+ error.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <a
+ href="#dfn-KeyPair"><code>KeyPair</code></a> object
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var><code>.publicKey</code> be a new <a
+ href="#dfn-Key"><code>Key</code></a> object representing the
+ public key of the generated key pair.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var><code>.publicKey.extractable</code> be
+ <code>true</code>
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var><code>.publicKey.keyUsages</code> be the
+ intersection of <var>usages</var> and <code>[ "verify" ]</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var><code>.privateKey</code> be a new <a
+ href="#dfn-Key"><code>Key</code></a> object representing the
+ private key of the generated key pair.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var><code>.privateKey.extractable</code> be
+ <var>extractable</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var><code>.privateKey.keyUsages</code> be the
+ intersection of <var>usages</var> and <code>[ "sign" ]</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Return <var>result</var>.
</p>
</li>
</ol>
+ <div class="ednote">
+ <p>
+ TODO: Specify how both the publicKey.algorithm and privateKey.algorithm
+ are instances of <a href="#dfn-RsaHashedKeyAlgorithm">RsaHashedKeyAlgorithm</a>
+ </p>
+ <p>
+ TODO: Specify that the operation should fail if KeyUsages other than
+ <code>"sign"</code> and <code>"verify"</code> are used.
+ </p>
+ <p>
+ TODO: Specify how the normalizedAlgorithm needs to be an instance of
+ the relevant RsaHashed*Params dictionary, with particular attention to the fact
+ that WebIDL violations should be handled asynchronously.
+ </p>
+ <p>
+ TODO: Specify the mapping between key.algorithm.hash and the appropriate Hash
+ functions (and back to OID).
+ </p>
+ </div>
</dd>
<dt>Import Key</dt>
<dd></dd>
@@ -3369,12 +3440,12 @@
</tr>
<tr>
<td>generateKey</td>
- <td><a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a></td>
+ <td><a href="#dfn-RsaHashedKeyGenParams">RsaHashedKeyGenParams</a></td>
<td><a href="#dfn-KeyPair">KeyPair</a></td>
</tr>
<tr>
<td>importKey</td>
- <td>None</td>
+ <td><a href="#dfn-RsaHashedImportParams">RsaHashedImportParams</a></td>
<td><a href="#dfn-Key">Key</a></td>
</tr>
<tr>
@@ -3385,12 +3456,10 @@
</tbody>
</table>
</div>
- <div id="rsa-pss-params" class="section">
+ <div id="RsaPssParams-dictionary" class="section">
<h4>RsaPssParams dictionary</h4>
<x:codeblock language="idl">
dictionary <dfn id="dfn-RsaPssParams">RsaPssParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
- <span class="comment">// The hash function to apply to the message</span>
- AlgorithmIdentifier hash;
<span class="comment">// The desired length of the random salt</span>
unsigned long saltLength;
};
@@ -3420,7 +3489,7 @@
href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var>
as the signer's private key, K, and the contents of <var>message</var> as the
message to be signed, M, and using the hash function specified in
- <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option, MGF1
+ <var>key</var><code>.algorithm.hash</code> as the Hash option, MGF1
(defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as
the MGF option and <var>normalizedAlgorithm</var><code>.saltLength</code> as the
salt length option for the EMM-PSS-ENCODE operation.
@@ -3465,7 +3534,7 @@
href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var>
as the signer's RSA public key and the contents of <var>message</var> as M and
the contents of <var>signature</var> as S and using the hash function specified
- in <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option, MGF1
+ in <var>key</var><code>.algorithm.hash</code> as the Hash option, MGF1
(defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as
the MGF option and <var>normalizedAlgorithm</var><code>.saltLength</code> as the
salt length option for the EMSA-PSS-VERIFY operation.
@@ -3488,6 +3557,7 @@
</li>
</ol>
</dd>
+
<dt>Generate Key</dt>
<dd>
<ol>
@@ -3577,6 +3647,26 @@
<dt>Export Key</dt>
<dd></dd>
</div>
+
+ <div class="ednote">
+ <p>
+ TODO: Specify how both the publicKey.algorithm and privateKey.algorithm
+ are instances of <a href="#dfn-RsaHashedKeyAlgorithm">RsaHashedKeyAlgorithm</a>
+ </p>
+ <p>
+ TODO: Specify that the operation should fail if KeyUsages other than
+ <code>"sign"</code> and <code>"verify"</code> are used.
+ </p>
+ <p>
+ TODO: Specify how the normalizedAlgorithm needs to be an instance of
+ the relevant RsaHashed*Params dictionary, with particular attention to the fact
+ that WebIDL violations should be handled asynchronously.
+ </p>
+ <p>
+ TODO: Specify the mapping between key.algorithm.hash and the appropriate Hash
+ functions (and back to OID).
+ </p>
+ </div>
</div>
<div id="rsa-oaep" class="section">
@@ -3617,12 +3707,12 @@
</tr>
<tr>
<td>generateKey</td>
- <td><a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a></td>
+ <td><a href="#dfn-RsaHashedKeyGenParams">RsaHashedKeyGenParams</a></td>
<td><a href="#dfn-KeyPair">KeyPair</a></td>
</tr>
<tr>
<td>importKey</td>
- <td>None</td>
+ <td><a href="#dfn-RsaHashedImportParams">RsaHashedImportParams</a></td>
<td><a href="#dfn-Key">Key</a></td>
</tr>
<tr>
@@ -3648,8 +3738,6 @@
<h4>RsaOaepParams dictionary</h4>
<x:codeblock language="idl">
dictionary <dfn id="dfn-RsaOaepParams">RsaOaepParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
- <span class="comment">// The hash function to apply to the message</span>
- AlgorithmIdentifier hash;
<span class="comment">// The optional label/application data to associate with the message</span>
CryptoOperationData? label;
};
@@ -3844,6 +3932,25 @@
<dd></dd>
</dl>
</div>
+ <div class="ednote">
+ <p>
+ TODO: Specify how both the publicKey.algorithm and privateKey.algorithm
+ are instances of <a href="#dfn-RsaHashedKeyAlgorithm">RsaHashedKeyAlgorithm</a>
+ </p>
+ <p>
+ TODO: Specify that the operation should fail if KeyUsages other than
+ <code>"sign"</code> and <code>"verify"</code> are used.
+ </p>
+ <p>
+ TODO: Specify how the normalizedAlgorithm needs to be an instance of
+ the relevant RsaHashed*Params dictionary, with particular attention to the fact
+ that WebIDL violations should be handled asynchronously.
+ </p>
+ <p>
+ TODO: Specify the mapping between key.algorithm.hash and the appropriate Hash
+ functions (and back to OID).
+ </p>
+ </div>
</div>
<div id="ecdsa" class="section">
@@ -3909,6 +4016,15 @@
};
</x:codeblock>
</div>
+ <div id="EcKeyAlgorithm-interface" class="section">
+ <x:codeblock language="idl">
+[NoInterfaceObject]
+interface <dfn id="dfn-EcKeyAlgorithm">EcKeyAlgorithm</dfn> : <a href="#dfn-KeyAlgorithm">KeyAlgorithm</a> {
+ <span class="comment">// The named curve that the key uses</span>
+ readonly attribute <a href="#dfn-NamedCurve">NamedCurve</a> namedCurve;
+};
+ </x:codeblock>
+ </div>
<div id="EcKeyGenParams-dictionary" class="section">
<h4>EcKeyGenParams dictionary</h4>
<x:codeblock language="idl">
@@ -3916,7 +4032,7 @@
dictionary <dfn id="dfn-EcKeyGenParams">EcKeyGenParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// A named curve</span>
- NamedCurve namedCurve;
+ <a href="#dfn-NamedCurve">NamedCurve</a> namedCurve;
};
</x:codeblock>
<p>
@@ -4095,10 +4211,26 @@
</ol>
</dd>
<dt>Generate Key</dt>
- <dd>
- </dd>
+ <dd></dd>
+ <dt>Import Key</dt>
+ <dd></dd>
+ <dt>Export Key</dt>
+ <dd></dd>
</dl>
</div>
+ <div class="ednote">
+ <p>
+ TODO: Figure out what to do if "alg" is present on a JWK when importing, as "alg"
+ also (potentially) indicates an inner hash algorithm (e.g. "ES256" indicates a
+ namedCurve of "P-256", but also a hash of "SHA-256"). However, "alg" is optional,
+ and all that is required when importing is a "kty" of "EC". This also requires
+ thinking through the export/wrap case.
+ </p>
+ <p>
+ TODO: Fix-up the processing model, which refers to the (much outdated) CryptoOperation
+ model.
+ </p>
+ </div>
</div>
<div id="ecdh" class="section">
@@ -4318,6 +4450,15 @@
</div>
</li>
</ol>
+ <div class="ednote">
+ <p>
+ Define how the finite field member <var>result</var> is converted to a bit-string.
+ </p>
+ <p>
+ Define how a key for the <var>normalizedDerivedKeyAlgorithm</var> is derived from
+ a given bit string (when not feeding into another KDF, such as Concat).
+ </p>
+ </div>
</dd>
<dt>Derive Bits</dt>
<dd>
@@ -4356,13 +4497,13 @@
</ol>
</p>
</li>
- <li>
- <div class="ednote">
- Define how the finite field member <var>result</var> is converted to a bit
- string.
- </div>
- </li>
</ol>
+ <div class="ednote">
+ <p>
+ Define how the finite field member <var>result</var> is converted to a bit
+ string.
+ </p>
+ </div>
</dd>
</div>
@@ -4447,6 +4588,15 @@
};
</x:codeblock>
</div>
+ <div id="AesKeyAlgorithm-interface" class="section">
+ <x:codeblock language="idl">
+[NoInterfaceObject]
+interface <dfn id="dfn-AesKeyAlgorithm">AesKeyAlgorithm</dfn> : <a href="#dfn-KeyAlgorithm">KeyAlgorithm</a> {
+ <span class="comment">// The length, in bits, of the key.</span>
+ readonly attribute unsigned short length;
+};
+ </x:codeblock>
+ </div>
<div id="aes-keygen-params" class="section">
<h4>AesKeyGenParams dictionary</h4>
<x:codeblock language="idl">
@@ -4464,7 +4614,6 @@
<li>Generate Key</li>
<li>Import Key</li>
<li>Export Key</li>
-
</ul>
</div>
</div>
@@ -4887,22 +5036,22 @@
<tbody>
<tr>
<td>sign</td>
- <td><a href="#dfn-HmacParams">HmacParams</a></td>
+ <td>None</td>
<td>ArrayBuffer</td>
</tr>
<tr>
<td>verify</td>
- <td><a href="#dfn-HmacParams">HmacParams</a></td>
+ <td>None</td>
<td>boolean</td>
</tr>
<tr>
<td>generateKey</td>
- <td><a href="#dfn-HmacKeyParams">HmacKeyParams</a></td>
+ <td><a href="#dfn-HmacKeyParams">HmacKeyGenParams</a></td>
<td><a href="#dfn-Key">Key</a></td>
</tr>
<tr>
<td>importKey</td>
- <td><a href="#dfn-HmacParams">HmacParams</a></td>
+ <td><a href="#dfn-HmacParams">HmacImportParams</a></td>
<td><a href="#dfn-Key">Key</a></td>
</tr>
<tr>
@@ -4913,19 +5062,28 @@
</tbody>
</table>
</div>
- <div id="hmac-params" class="section">
- <h4>HmacParams dictionary</h4>
+ <div id="hmac-importparams" class="section">
+ <h4>HmacImportParams dictionary</h4>
<x:codeblock language="idl">
-dictionary <dfn id="dfn-HmacParams">HmacParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
+dictionary <dfn id="dfn-HmacImportParams">HmacImportParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// The inner hash function to use.</span>
AlgorithmIdentifier hash;
};
</x:codeblock>
</div>
- <div id="hmac-key-params" class="section">
+ <div id="hmac-keyalgorithm" class="section">
+ <h4>HmacKeyAlgorithm interface</h4>
+ <x:codeblock language="idl">
+dictionary <dfn id="dfn-HmacKeyAlgorithm">HmacKeyAlgorithm</dfn> : <a href="#dfn-KeyAlgorithm">KeyAlgorithm</a> {
+ <span class="comment">// The inner hash function to use.</span>
+ KeyAlgorithm hash;
+};
+ </x:codeblock>
+ </div>
+ <div id="hmac-keygen-params" class="section">
<h4>HmacKeyParams dictionary</h4>
<x:codeblock language="idl">
-dictionary <dfn id="dfn-HmacKeyParams">HmacKeyParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
+dictionary <dfn id="dfn-HmacKeyGenParams">HmacKeyGenParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// The inner hash function to use.</span>
AlgorithmIdentifier hash;
<span class="comment">// The length (in bytes) of the key to generate. If unspecified, the
@@ -5010,6 +5168,18 @@
};
</x:codeblock>
</div>
+ <div id="dh-DhKeyAlgorithm" class="section">
+ <h4>DhKeyAlgorithm interface</h4>
+ <x:codeblock language="idl">
+[NoInterfaceObject]
+interface <dfn id="dfn-DhKeyAlgorithm">DhKeyAlgorithm</dfn> : <a href="#dfn-KeyAlgorithm">KeyAlgorithm</a> {
+ <span class="comment">// The prime p.</span>
+ readonly attribute BigInteger prime;
+ <span class="comment">// The base g.</span>
+ readonly attribute BigInteger generator;
+};
+ </x:codeblock>
+ </div>
<div id="dh-DhKeyDeriveParams" class="section">
<h4>DhKeyDeriveParams dictionary</h4>
<x:codeblock language="idl">
@@ -5029,6 +5199,14 @@
<li>Export Key</li>
</ul>
</div>
+ <div class="ednote">
+ <p>
+ TODO: This interface is broken for import/export. Generate is defined in terms of
+ PKCS#3 - meaning it takes base/g and prime/p - whereas the dhpublicnumber used by
+ X.509/RFC 3279 uses the X9.42 form - meaning it takes base/g, prime/p, and subprime/q.
+ The inconsistency here needs to be resolved before this can be reliably implemented.
+ </p>
+ </div>
</div>
<div id="sha" class="section">
<h3>SHA</h3>
@@ -5347,6 +5525,14 @@
Return <var>result</var>.
</li>
</ol>
+ <div class="ednote">
+ <p>
+ WARNING: This section is broken for purpose. Further, normalization at this degree is
+ is no longer required, as the algorithm is never reflected back to the caller. Instead,
+ specify how specific algorithms can/should validate the parameters - and how to perform
+ DOMString substitutions.
+ </p>
+ </div>
</div>
<div id="examples-section" class="section">
<h2>JavaScript Example Code</h2>
--- a/spec/Overview.html Thu Feb 13 00:00:00 2014 -0800
+++ b/spec/Overview.html Thu Feb 13 00:00:00 2014 -0800
@@ -44,7 +44,7 @@
communications.
</p>
- <div class="ednote"><div class="ednoteHeader">Editorial note</div><p>There are 21 further editorial notes in the document.</p></div>
+ <div class="ednote"><div class="ednoteHeader">Editorial note</div><p>There are 28 further editorial notes in the document.</p></div>
</div>
<div class="section">
@@ -134,7 +134,7 @@
<div id="toc">
<h2>Table of Contents</h2>
- <div class="toc"><ul><li><a href="#introduction">1. Introduction</a></li><li><a href="#use-cases">2. Use Cases</a><ul><li><a href="#multifactor-authentication">2.1. Multi-factor Authentication</a></li><li><a href="#protected-document">2.2. Protected Document Exchange</a></li><li><a href="#cloud-storage">2.3. Cloud Storage</a></li><li><a href="#document-signing">2.4. Document Signing</a></li><li><a href="#data-integrity-protection">2.5. Data Integrity Protection</a></li><li><a href="#secure-messaging">2.6. Secure Messaging</a></li><li><a href="#jose">2.7. Javascript Object Signing and Encryption (JOSE)</a></li></ul></li><li><a href="#conformance">3. Conformance</a></li><li><a href="#scope">4. Scope</a><ul><li><a href="#scope-abstraction">4.1. Level of abstraction</a></li><li><a href="#scope-algorithms">4.2. Cryptographic algorithms</a></li><li><a href="#scope-operations">4.3. Operations</a></li><li><a href="#scope-out-of-scope">4.4. Out of scope</a></li></ul></li><li><a href="#security">5. Security considerations</a><ul><li><a href="#security-implementers">5.1. Security considerations for implementers</a></li><li><a href="#security-developers">5.2. Security considerations for authors</a></li></ul></li><li><a href="#privacy">6. Privacy considerations</a></li><li><a href="#dependencies">7. Dependencies</a></li><li><a href="#terminology">8. Terminology</a></li><li><a href="#RandomSource-interface">9. RandomSource interface</a><ul><li><a href="#RandomSource-description">9.1. Description</a></li><li><a href="#RandomSource-interface-methods">9.2. Methods and Parameters</a><ul><li><a href="#RandomSource-method-getRandomValues">9.2.1. The getRandomValues method</a></li></ul></li></ul></li><li><a href="#algorithm-dictionary">10. Algorithm dictionary</a><ul><li><a href="#algorithm-dictionary-members">10.1. Algorithm Dictionary Members</a></li></ul></li><li><a href="#key-interface">11. Key interface</a><ul><li><a href="#key-interface-description">11.1. Description</a></li><li><a href="#key-interface-types">11.2. Key interface data types</a></li><li><a href="#key-interface-members">11.3. Key interface members</a></li><li><a href="#key-interface-clone">11.4. Structured clone algorithm</a></li></ul></li><li><a href="#crypto-interface">12. Crypto interface</a></li><li><a href="#subtlecrypto-interface">13. SubtleCrypto interface</a><ul><li><a href="#subtlecrypto-interface-description">13.1. Description</a></li><li><a href="#subtlecrypto-interface-datatypes">13.2. Data Types</a></li><li><a href="#subtlecrypto-interface-methods">13.3. Methods and Parameters</a><ul><li><a href="#SubtleCrypto-method-encrypt">13.3.1. The encrypt method</a></li><li><a href="#SubtleCrypto-method-decrypt">13.3.2. The decrypt method</a></li><li><a href="#SubtleCrypto-method-sign">13.3.3. The sign method</a></li><li><a href="#SubtleCrypto-method-verify">13.3.4. The verify method</a></li><li><a href="#SubtleCrypto-method-digest">13.3.5. The digest method</a></li><li><a href="#SubtleCrypto-method-generateKey">13.3.6. The generateKey method</a></li><li><a href="#SubtleCrypto-method-deriveKey">13.3.7. The deriveKey method</a></li><li><a href="#SubtleCrypto-method-deriveBits">13.3.8. The deriveBits method</a></li><li><a href="#SubtleCrypto-method-importKey">13.3.9. The importKey method</a></li><li><a href="#SubtleCrypto-method-exportKey">13.3.10. The exportKey method</a></li><li><a href="#SubtleCrypto-method-wrapKey">13.3.11. The wrapKey method</a></li><li><a href="#SubtleCrypto-method-unwrapKey">13.3.12. The unwrapKey method</a></li></ul></li></ul></li><li><a href="#WorkerCrypto-interface">14. WorkerCrypto interface</a><ul><li><a href="#WorkerCrypto-description">14.1. Description</a></li></ul></li><li><a href="#big-integer">15. BigInteger</a></li><li><a href="#keypair">16. KeyPair</a></li><li><a href="#algorithms">17. Algorithms</a><ul><li><a href="#algorithms-index">17.1. Registered algorithms</a></li><li><a href="#recommended-algorithms">17.2. Recommended algorithms</a></li><li><a href="#defining-an-algorithm">17.3. Defining an algorithm</a><ul><li><a href="#recognized-algorithm-name">17.3.1. Recognized algorithm name</a></li><li><a href="#supported-operations">17.3.2. Supported operations</a></li><li><a href="#algorithm-specific-params">17.3.3. Algorithm-specific parameters</a></li><li><a href="#algorithm-result">17.3.4. Algorithm results</a></li><li><a href="#algorithm-alias">17.3.5. Algorithm aliases</a></li></ul></li><li><a href="#rsaes-pkcs1">17.4. RSAES-PKCS1-v1_5</a><ul><li><a href="#rsaes-pkcs1-description">17.4.1. Description</a></li><li><a href="#rsaes-pkcs1-registration">17.4.2. Registration</a></li><li><a href="#RsaKeyGenParams-dictionary">17.4.3. RsaKeyGenParams dictionary</a></li><li><a href="#rsaes-pkcs1-operations">17.4.4. Operations</a></li></ul></li><li><a href="#rsassa-pkcs1">17.5. RSASSA-PKCS1-v1_5</a><ul><li><a href="#rsassa-pkcs1-description">17.5.1. Description</a></li><li><a href="#rsassa-pkcs1-registration">17.5.2. Registration</a></li><li><a href="#RsaSsaParams-dictionary">17.5.3. RsaSsaParams dictionary</a></li><li><a href="#rsassa-pkcs1-operations">17.5.4. Operations</a></li></ul></li><li><a href="#rsa-pss">17.6. RSA-PSS</a><ul><li><a href="#rsa-pss-description">17.6.1. Description</a></li><li><a href="#rsa-pss-registration">17.6.2. Registration</a></li><li><a href="#rsa-pss-params">17.6.3. RsaPssParams dictionary</a></li><li><a href="#rsa-pss-operations">17.6.4. Operations</a></li></ul></li><li><a href="#rsa-oaep">17.7. RSA-OAEP</a><ul><li><a href="#rsa-oaep-description">17.7.1. Description</a></li><li><a href="#rsa-oaep-registration">17.7.2. Registration</a></li><li><a href="#rsa-oaep-params">17.7.3. RsaOaepParams dictionary</a></li><li><a href="#rsa-oaep-operations">17.7.4. Operations</a></li></ul></li><li><a href="#ecdsa">17.8. ECDSA</a><ul><li><a href="#ecdsa-description">17.8.1. Description</a></li><li><a href="#ecdsa-registration">17.8.2. Registration</a></li><li><a href="#EcdsaParams-dictionary">17.8.3. EcdsaParams dictionary</a></li><li><a href="#EcKeyGenParams-dictionary">17.8.4. EcKeyGenParams dictionary</a></li><li><a href="#ecdsa-operations">17.8.5. Operations</a></li></ul></li><li><a href="#ecdh">17.9. ECDH</a><ul><li><a href="#ecdh-description">17.9.1. Description</a></li><li><a href="#ecdh-registration">17.9.2. Registration</a></li><li><a href="#dh-EcdhKeyDeriveParams">17.9.3. EcdhKeyDeriveParams dictionary</a></li><li><a href="#ecdh-operations">17.9.4. Operations</a></li></ul></li><li><a href="#aes-ctr">17.10. AES-CTR</a><ul><li><a href="#aes-ctr-description">17.10.1. Description</a></li><li><a href="#aes-ctr-registration">17.10.2. Registration</a></li><li><a href="#aes-ctr-params">17.10.3. AesCtrParams dictionary</a></li><li><a href="#aes-keygen-params">17.10.4. AesKeyGenParams dictionary</a></li><li><a href="#aes-ctr-operations">17.10.5. Operations</a></li></ul></li><li><a href="#aes-cbc">17.11. AES-CBC</a><ul><li><a href="#aes-cbc-description">17.11.1. Description</a></li><li><a href="#aes-cbc-registration">17.11.2. Registration</a></li><li><a href="#aes-cbc-params">17.11.3. AesCbcParams dictionary</a></li><li><a href="#aes-cbc-operations">17.11.4. Operations</a></li></ul></li><li><a href="#aes-cmac">17.12. AES-CMAC</a><ul><li><a href="#aes-cmac-description">17.12.1. Description</a></li><li><a href="#aes-cmac-registration">17.12.2. Registration</a></li><li><a href="#aes-cmac-operations">17.12.3. Operations</a></li></ul></li><li><a href="#aes-gcm">17.13. AES-GCM</a><ul><li><a href="#aes-gcm-description">17.13.1. Description</a></li><li><a href="#aes-gcm-registration">17.13.2. Registration</a></li><li><a href="#aes-gcm-params">17.13.3. AesGcmParams dictionary</a></li><li><a href="#aes-gcm-operations">17.13.4. Operations</a></li></ul></li><li><a href="#aes-cfb">17.14. AES-CFB</a><ul><li><a href="#aes-cfb-description">17.14.1. Description</a></li><li><a href="#aes-cfb-registration">17.14.2. Registration</a></li><li><a href="#aes-cfb-params">17.14.3. AesCfbParams dictionary</a></li><li><a href="#aes-cfb-operations">17.14.4. Operations</a></li></ul></li><li><a href="#aes-kw">17.15. AES-KW</a><ul><li><a href="#aes-kw-description">17.15.1. Description</a></li><li><a href="#aes-kw-registration">17.15.2. Registration</a></li><li><a href="#aes-kw-operations">17.15.3. Operations</a></li></ul></li><li><a href="#hmac">17.16. HMAC</a><ul><li><a href="#hmac-description">17.16.1. Description</a></li><li><a href="#hmac-registration">17.16.2. Registration</a></li><li><a href="#hmac-params">17.16.3. HmacParams dictionary</a></li><li><a href="#hmac-key-params">17.16.4. HmacKeyParams dictionary</a></li><li><a href="#hmac-operations">17.16.5. Operations</a></li></ul></li><li><a href="#dh">17.17. Diffie-Hellman</a><ul><li><a href="#dh-description">17.17.1. Description</a></li><li><a href="#dh-registration">17.17.2. Registration</a></li><li><a href="#dh-DhKeyGenParams">17.17.3. DhKeyGenParams dictionary</a></li><li><a href="#dh-DhKeyDeriveParams">17.17.4. DhKeyDeriveParams dictionary</a></li><li><a href="#dh-operations">17.17.5. Operations</a></li></ul></li><li><a href="#sha">17.18. SHA</a><ul><li><a href="#sha-description">17.18.1. Description</a></li><li><a href="#sha-registration">17.18.2. Registration</a></li><li><a href="#sha-operations">17.18.3. Operations</a></li></ul></li><li><a href="#concatkdf">17.19. Concat KDF</a><ul><li><a href="#concatkdf-description">17.19.1. Description</a></li><li><a href="#concatkdf-registration">17.19.2. Registration</a></li><li><a href="#concat-params">17.19.3. ConcatParams dictionary</a></li><li><a href="#concat-operations">17.19.4. Operations</a></li></ul></li><li><a href="#hkdf-ctr">17.20. HKDF-CTR</a><ul><li><a href="#hkdf-ctr-description">17.20.1. Description</a></li><li><a href="#hkdf-ctr-registration">17.20.2. Registration</a></li><li><a href="#hkdf-ctr-params">17.20.3. HkdfCtrParams dictionary</a></li><li><a href="#hkdf2-ctr-operations">17.20.4. Operations</a></li></ul></li><li><a href="#pbkdf2">17.21. PBKDF2</a><ul><li><a href="#pbkdf2-description">17.21.1. Description</a></li><li><a href="#pbkdf2-registration">17.21.2. Registration</a></li><li><a href="#pbkdf2-params">17.21.3. Pbkdf2Params dictionary</a></li><li><a href="#pbkdf2-operations">17.21.4. Operations</a></li></ul></li></ul></li><li><a href="#algorithm-normalizing-rules">18. Algorithm normalizing rules</a></li><li><a href="#examples-section">19. JavaScript Example Code</a><ul><li><a href="#examples-signing">19.1. Generate a signing key pair, sign some data</a></li><li><a href="#examples-symmetric-encryption">19.2. Symmetric Encryption</a></li></ul></li><li><a href="#iana-section">20. IANA Considerations</a><ul><li><a href="#iana-section-jws-jwa">20.1. JSON Web Signature and Encryption Algorithms Registration</a></li><li><a href="#iana-section-jwk">20.2. JSON Web Key Parameters Registry</a></li></ul></li><li><a href="#acknowledgements-section">21. Acknowledgements</a></li><li><a href="#references">22. References</a><ul><li><a href="#normative-references">22.1. Normative References</a></li><li><a href="#informative-references">22.2. Informative References</a></li></ul></li></ul><ul><li><a href="#jwk-mapping">A. Mapping between JSON Web Key / JSON Web Algorithm</a><ul><li><a href="#jwk-mapping-alg">A.1. Algorithm mappings</a></li><li><a href="#jwk-mapping-usage">A.2. Usage mapping</a></li></ul></li><li><a href="#spki-mapping">B. Mapping between Algorithm and SubjectPublicKeyInfo</a></li><li><a href="#pkcs8-mapping">C. Mapping between Algorithm and PKCS#8 PrivateKeyInfo</a></li></ul></div>
+ <div class="toc"><ul><li><a href="#introduction">1. Introduction</a></li><li><a href="#use-cases">2. Use Cases</a><ul><li><a href="#multifactor-authentication">2.1. Multi-factor Authentication</a></li><li><a href="#protected-document">2.2. Protected Document Exchange</a></li><li><a href="#cloud-storage">2.3. Cloud Storage</a></li><li><a href="#document-signing">2.4. Document Signing</a></li><li><a href="#data-integrity-protection">2.5. Data Integrity Protection</a></li><li><a href="#secure-messaging">2.6. Secure Messaging</a></li><li><a href="#jose">2.7. Javascript Object Signing and Encryption (JOSE)</a></li></ul></li><li><a href="#conformance">3. Conformance</a></li><li><a href="#scope">4. Scope</a><ul><li><a href="#scope-abstraction">4.1. Level of abstraction</a></li><li><a href="#scope-algorithms">4.2. Cryptographic algorithms</a></li><li><a href="#scope-operations">4.3. Operations</a></li><li><a href="#scope-out-of-scope">4.4. Out of scope</a></li></ul></li><li><a href="#security">5. Security considerations</a><ul><li><a href="#security-implementers">5.1. Security considerations for implementers</a></li><li><a href="#security-developers">5.2. Security considerations for authors</a></li></ul></li><li><a href="#privacy">6. Privacy considerations</a></li><li><a href="#dependencies">7. Dependencies</a></li><li><a href="#terminology">8. Terminology</a></li><li><a href="#RandomSource-interface">9. RandomSource interface</a><ul><li><a href="#RandomSource-description">9.1. Description</a></li><li><a href="#RandomSource-interface-methods">9.2. Methods and Parameters</a><ul><li><a href="#RandomSource-method-getRandomValues">9.2.1. The getRandomValues method</a></li></ul></li></ul></li><li><a href="#algorithm-dictionary">10. Algorithm dictionary</a><ul><li><a href="#algorithm-dictionary-members">10.1. Algorithm Dictionary Members</a></li></ul></li><li><a href="#key-algorithm-interface">11. KeyAlgorithm interface</a><ul><li><a href="#key-algorithm-interface-description">11.1. Description</a></li><li><a href="#key-algorithm-interface-members">11.2. KeyAlgorithm interface members</a></li></ul></li><li><a href="#key-interface">12. Key interface</a><ul><li><a href="#key-interface-description">12.1. Description</a></li><li><a href="#key-interface-types">12.2. Key interface data types</a></li><li><a href="#key-interface-members">12.3. Key interface members</a></li><li><a href="#key-interface-clone">12.4. Structured clone algorithm</a></li></ul></li><li><a href="#crypto-interface">13. Crypto interface</a></li><li><a href="#subtlecrypto-interface">14. SubtleCrypto interface</a><ul><li><a href="#subtlecrypto-interface-description">14.1. Description</a></li><li><a href="#subtlecrypto-interface-datatypes">14.2. Data Types</a></li><li><a href="#subtlecrypto-interface-methods">14.3. Methods and Parameters</a><ul><li><a href="#SubtleCrypto-method-encrypt">14.3.1. The encrypt method</a></li><li><a href="#SubtleCrypto-method-decrypt">14.3.2. The decrypt method</a></li><li><a href="#SubtleCrypto-method-sign">14.3.3. The sign method</a></li><li><a href="#SubtleCrypto-method-verify">14.3.4. The verify method</a></li><li><a href="#SubtleCrypto-method-digest">14.3.5. The digest method</a></li><li><a href="#SubtleCrypto-method-generateKey">14.3.6. The generateKey method</a></li><li><a href="#SubtleCrypto-method-deriveKey">14.3.7. The deriveKey method</a></li><li><a href="#SubtleCrypto-method-deriveBits">14.3.8. The deriveBits method</a></li><li><a href="#SubtleCrypto-method-importKey">14.3.9. The importKey method</a></li><li><a href="#SubtleCrypto-method-exportKey">14.3.10. The exportKey method</a></li><li><a href="#SubtleCrypto-method-wrapKey">14.3.11. The wrapKey method</a></li><li><a href="#SubtleCrypto-method-unwrapKey">14.3.12. The unwrapKey method</a></li></ul></li></ul></li><li><a href="#WorkerCrypto-interface">15. WorkerCrypto interface</a><ul><li><a href="#WorkerCrypto-description">15.1. Description</a></li></ul></li><li><a href="#big-integer">16. BigInteger</a></li><li><a href="#keypair">17. KeyPair</a></li><li><a href="#algorithms">18. Algorithms</a><ul><li><a href="#algorithms-index">18.1. Registered algorithms</a></li><li><a href="#recommended-algorithms">18.2. Recommended algorithms</a></li><li><a href="#defining-an-algorithm">18.3. Defining an algorithm</a><ul><li><a href="#recognized-algorithm-name">18.3.1. Recognized algorithm name</a></li><li><a href="#supported-operations">18.3.2. Supported operations</a></li><li><a href="#algorithm-specific-params">18.3.3. Algorithm-specific parameters</a></li><li><a href="#algorithm-result">18.3.4. Algorithm results</a></li><li><a href="#algorithm-alias">18.3.5. Algorithm aliases</a></li></ul></li><li><a href="#rsaes-pkcs1">18.4. RSAES-PKCS1-v1_5</a><ul><li><a href="#rsaes-pkcs1-description">18.4.1. Description</a></li><li><a href="#rsaes-pkcs1-registration">18.4.2. Registration</a></li><li><a href="#RsaKeyGenParams-dictionary">18.4.3. RsaKeyGenParams dictionary</a></li><li><a href="#RsaKeyAlgorithm-interface">18.4.4. RsaKeyAlgorithm interface</a></li><li><a href="#rsaes-pkcs1-operations">18.4.5. Operations</a></li></ul></li><li><a href="#rsassa-pkcs1">18.5. RSASSA-PKCS1-v1_5</a><ul><li><a href="#rsassa-pkcs1-description">18.5.1. Description</a></li><li><a href="#rsassa-pkcs1-registration">18.5.2. Registration</a></li><li><a href="#RsaHashedKeyGenParams-dictionary">18.5.3. RsaHashedKeyGenParams dictionary</a></li><li><a href="#RsaHashedKeyAlgorithm-interface">18.5.4. RsaHashedKeyAlgorithm interface</a></li><li><a href="#RsaHashedImportParams-dictionary">18.5.5. RsaHashedImportParams dictionary</a></li><li><a href="#rsassa-pkcs1-operations">18.5.6. Operations</a></li></ul></li><li><a href="#rsa-pss">18.6. RSA-PSS</a><ul><li><a href="#rsa-pss-description">18.6.1. Description</a></li><li><a href="#rsa-pss-registration">18.6.2. Registration</a></li><li><a href="#RsaPssParams-dictionary">18.6.3. RsaPssParams dictionary</a></li><li><a href="#rsa-pss-operations">18.6.4. Operations</a></li></ul></li><li><a href="#rsa-oaep">18.7. RSA-OAEP</a><ul><li><a href="#rsa-oaep-description">18.7.1. Description</a></li><li><a href="#rsa-oaep-registration">18.7.2. Registration</a></li><li><a href="#rsa-oaep-params">18.7.3. RsaOaepParams dictionary</a></li><li><a href="#rsa-oaep-operations">18.7.4. Operations</a></li></ul></li><li><a href="#ecdsa">18.8. ECDSA</a><ul><li><a href="#ecdsa-description">18.8.1. Description</a></li><li><a href="#ecdsa-registration">18.8.2. Registration</a></li><li><a href="#EcdsaParams-dictionary">18.8.3. EcdsaParams dictionary</a></li><li><a href="#EcKeyAlgorithm-interface">18.8.4. </a></li><li><a href="#EcKeyGenParams-dictionary">18.8.5. EcKeyGenParams dictionary</a></li><li><a href="#ecdsa-operations">18.8.6. Operations</a></li></ul></li><li><a href="#ecdh">18.9. ECDH</a><ul><li><a href="#ecdh-description">18.9.1. Description</a></li><li><a href="#ecdh-registration">18.9.2. Registration</a></li><li><a href="#dh-EcdhKeyDeriveParams">18.9.3. EcdhKeyDeriveParams dictionary</a></li><li><a href="#ecdh-operations">18.9.4. Operations</a></li></ul></li><li><a href="#aes-ctr">18.10. AES-CTR</a><ul><li><a href="#aes-ctr-description">18.10.1. Description</a></li><li><a href="#aes-ctr-registration">18.10.2. Registration</a></li><li><a href="#aes-ctr-params">18.10.3. AesCtrParams dictionary</a></li><li><a href="#AesKeyAlgorithm-interface">18.10.4. </a></li><li><a href="#aes-keygen-params">18.10.5. AesKeyGenParams dictionary</a></li><li><a href="#aes-ctr-operations">18.10.6. Operations</a></li></ul></li><li><a href="#aes-cbc">18.11. AES-CBC</a><ul><li><a href="#aes-cbc-description">18.11.1. Description</a></li><li><a href="#aes-cbc-registration">18.11.2. Registration</a></li><li><a href="#aes-cbc-params">18.11.3. AesCbcParams dictionary</a></li><li><a href="#aes-cbc-operations">18.11.4. Operations</a></li></ul></li><li><a href="#aes-cmac">18.12. AES-CMAC</a><ul><li><a href="#aes-cmac-description">18.12.1. Description</a></li><li><a href="#aes-cmac-registration">18.12.2. Registration</a></li><li><a href="#aes-cmac-operations">18.12.3. Operations</a></li></ul></li><li><a href="#aes-gcm">18.13. AES-GCM</a><ul><li><a href="#aes-gcm-description">18.13.1. Description</a></li><li><a href="#aes-gcm-registration">18.13.2. Registration</a></li><li><a href="#aes-gcm-params">18.13.3. AesGcmParams dictionary</a></li><li><a href="#aes-gcm-operations">18.13.4. Operations</a></li></ul></li><li><a href="#aes-cfb">18.14. AES-CFB</a><ul><li><a href="#aes-cfb-description">18.14.1. Description</a></li><li><a href="#aes-cfb-registration">18.14.2. Registration</a></li><li><a href="#aes-cfb-params">18.14.3. AesCfbParams dictionary</a></li><li><a href="#aes-cfb-operations">18.14.4. Operations</a></li></ul></li><li><a href="#aes-kw">18.15. AES-KW</a><ul><li><a href="#aes-kw-description">18.15.1. Description</a></li><li><a href="#aes-kw-registration">18.15.2. Registration</a></li><li><a href="#aes-kw-operations">18.15.3. Operations</a></li></ul></li><li><a href="#hmac">18.16. HMAC</a><ul><li><a href="#hmac-description">18.16.1. Description</a></li><li><a href="#hmac-registration">18.16.2. Registration</a></li><li><a href="#hmac-importparams">18.16.3. HmacImportParams dictionary</a></li><li><a href="#hmac-keyalgorithm">18.16.4. HmacKeyAlgorithm interface</a></li><li><a href="#hmac-keygen-params">18.16.5. HmacKeyParams dictionary</a></li><li><a href="#hmac-operations">18.16.6. Operations</a></li></ul></li><li><a href="#dh">18.17. Diffie-Hellman</a><ul><li><a href="#dh-description">18.17.1. Description</a></li><li><a href="#dh-registration">18.17.2. Registration</a></li><li><a href="#dh-DhKeyGenParams">18.17.3. DhKeyGenParams dictionary</a></li><li><a href="#dh-DhKeyAlgorithm">18.17.4. DhKeyAlgorithm interface</a></li><li><a href="#dh-DhKeyDeriveParams">18.17.5. DhKeyDeriveParams dictionary</a></li><li><a href="#dh-operations">18.17.6. Operations</a></li></ul></li><li><a href="#sha">18.18. SHA</a><ul><li><a href="#sha-description">18.18.1. Description</a></li><li><a href="#sha-registration">18.18.2. Registration</a></li><li><a href="#sha-operations">18.18.3. Operations</a></li></ul></li><li><a href="#concatkdf">18.19. Concat KDF</a><ul><li><a href="#concatkdf-description">18.19.1. Description</a></li><li><a href="#concatkdf-registration">18.19.2. Registration</a></li><li><a href="#concat-params">18.19.3. ConcatParams dictionary</a></li><li><a href="#concat-operations">18.19.4. Operations</a></li></ul></li><li><a href="#hkdf-ctr">18.20. HKDF-CTR</a><ul><li><a href="#hkdf-ctr-description">18.20.1. Description</a></li><li><a href="#hkdf-ctr-registration">18.20.2. Registration</a></li><li><a href="#hkdf-ctr-params">18.20.3. HkdfCtrParams dictionary</a></li><li><a href="#hkdf2-ctr-operations">18.20.4. Operations</a></li></ul></li><li><a href="#pbkdf2">18.21. PBKDF2</a><ul><li><a href="#pbkdf2-description">18.21.1. Description</a></li><li><a href="#pbkdf2-registration">18.21.2. Registration</a></li><li><a href="#pbkdf2-params">18.21.3. Pbkdf2Params dictionary</a></li><li><a href="#pbkdf2-operations">18.21.4. Operations</a></li></ul></li></ul></li><li><a href="#algorithm-normalizing-rules">19. Algorithm normalizing rules</a></li><li><a href="#examples-section">20. JavaScript Example Code</a><ul><li><a href="#examples-signing">20.1. Generate a signing key pair, sign some data</a></li><li><a href="#examples-symmetric-encryption">20.2. Symmetric Encryption</a></li></ul></li><li><a href="#iana-section">21. IANA Considerations</a><ul><li><a href="#iana-section-jws-jwa">21.1. JSON Web Signature and Encryption Algorithms Registration</a></li><li><a href="#iana-section-jwk">21.2. JSON Web Key Parameters Registry</a></li></ul></li><li><a href="#acknowledgements-section">22. Acknowledgements</a></li><li><a href="#references">23. References</a><ul><li><a href="#normative-references">23.1. Normative References</a></li><li><a href="#informative-references">23.2. Informative References</a></li></ul></li></ul><ul><li><a href="#jwk-mapping">A. Mapping between JSON Web Key / JSON Web Algorithm</a><ul><li><a href="#jwk-mapping-alg">A.1. Algorithm mappings</a></li><li><a href="#jwk-mapping-usage">A.2. Usage mapping</a></li></ul></li><li><a href="#spki-mapping">B. Mapping between Algorithm and SubjectPublicKeyInfo</a></li><li><a href="#pkcs8-mapping">C. Mapping between Algorithm and PKCS#8 PrivateKeyInfo</a></li></ul></div>
</div>
<div id="sections">
@@ -766,8 +766,40 @@
</div>
</div>
+ <div id="key-algorithm-interface" class="section">
+ <h2>11. KeyAlgorithm interface</h2>
+ <p>
+ The KeyAlgorithm interface represents information about the contents of a given
+ <a href="#dfn-Key">Key</a> object.
+ </p>
+ <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
+[NoInterfaceObject]
+interface <a href="#dfn-KeyAlgorithm">KeyAlgorithm</a> {
+ readonly attribute DOMString <a href="#dfn-key-algorithm-name">name</a>
+};
+ </code></pre></div></div>
+ <div id="key-algorithm-interface-description" class="section">
+ <h3>11.1. Description</h3>
+ <p class="norm">This section is non-normative</p>
+ <p>
+ The <a href="#dfn-KeyAlgorithm">KeyAlgorithm</a> interface is a supplemental interface
+ used to reflect the static, public properties of a <a href="#dfn-Key">Key</a> back to an
+ application. These properties can be used for determination of strength (e.g.: an
+ attribute that indicates the size of the key or the parameters of its creation) as well
+ as for protocol negotiations (e.g.: a particular instance of an inner hash).
+ </p>
+ </div>
+ <div id="key-algorithm-interface-members" class="section">
+ <h3>11.2. KeyAlgorithm interface members</h3>
+ <dl>
+ <dt id="dfn-key-algorithm-name">name</dt>
+ <dd>The name of the algorithm used to generate the <a href="#dfn-Key">Key</a></dd>
+ </dl>
+ </div>
+ </div>
+
<div id="key-interface" class="section">
- <h2>11. Key interface</h2>
+ <h2>12. Key interface</h2>
<p>
The Key object represents an opaque reference to keying material that is managed by the
user agent.
@@ -785,7 +817,7 @@
};
</code></pre></div></div>
<div id="key-interface-description" class="section">
- <h3>11.1. Description</h3>
+ <h3>12.1. Description</h3>
<p class="norm">This section is non-normative</p>
<p>
This specification provides a uniform interface for many different kinds of keying
@@ -804,7 +836,7 @@
</div>
<div id="key-interface-types" class="section">
- <h3>11.2. Key interface data types</h3>
+ <h3>12.2. Key interface data types</h3>
<dl>
<dt id="dfn-KeyType"><code>KeyType</code></dt>
<dd>
@@ -831,7 +863,7 @@
</div>
<div id="key-interface-members" class="section">
- <h3>11.3. Key interface members</h3>
+ <h3>12.3. Key interface members</h3>
<dl>
<dt id="dfn-Key-type"><code>type</code></dt>
<dd>
@@ -843,7 +875,7 @@
</dd>
<dt id="dfn-Key-algorithm"><code>algorithm</code></dt>
<dd>
- The <a href="#dfn-Algorithm"><code>Algorithm</code></a> used to generate the key.
+ The <a href="#dfn-KeyAlgorithm"><code>KeyAlgorithm</code></a> used to generate the key.
</dd>
<dt id="dfn-Key-usages"><code>usages</code></dt>
<dd>
@@ -854,7 +886,7 @@
</div>
<div id="key-interface-clone" class="section">
- <h3>11.4. Structured clone algorithm</h3>
+ <h3>12.4. Structured clone algorithm</h3>
<p>
When a user agent is required to obtain a <a href="#structured-clone">structured clone</a>
of a <a href="#dfn-Key">Key</a> object, it must run the following steps.
@@ -896,7 +928,7 @@
</div>
<div id="crypto-interface" class="section">
- <h2>12. Crypto interface</h2>
+ <h2>13. Crypto interface</h2>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
interface <dfn id="dfn-Crypto">Crypto</dfn> {
readonly attribute <a href="#dfn-SubtleCrypto">SubtleCrypto</a> subtle;
@@ -911,7 +943,7 @@
</div>
<div id="subtlecrypto-interface" class="section">
- <h2>13. SubtleCrypto interface</h2>
+ <h2>14. SubtleCrypto interface</h2>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
typedef DOMString <a href="#dfn-KeyFormat"><code>KeyFormat</code></a>;
@@ -981,7 +1013,7 @@
</ul>
</div>
<div id="subtlecrypto-interface-description" class="section">
- <h3>13.1. Description</h3>
+ <h3>14.1. Description</h3>
<p class="norm">This section is non-normative.</p>
<p>
The <a href="#dfn-SubtleCrypto">SubtleCrypto</a> interface provides a set of
@@ -1010,7 +1042,7 @@
</div>
<div id="subtlecrypto-interface-datatypes" class="section">
- <h3>13.2. Data Types</h3>
+ <h3>14.2. Data Types</h3>
<dl>
<dt id="dfn-KeyFormat"><code>KeyFormat</code></dt>
<dd>Specifies a serialization format for a key. The <dfn id="dfn-RecognizedKeyFormats">recognized key format values</dfn> are:
@@ -1029,9 +1061,9 @@
</div>
<div id="subtlecrypto-interface-methods" class="section">
- <h3>13.3. Methods and Parameters</h3>
+ <h3>14.3. Methods and Parameters</h3>
<div id="SubtleCrypto-method-encrypt" class="section">
- <h4>13.3.1. The encrypt method</h4>
+ <h4>14.3.1. The encrypt method</h4>
<p>
The <dfn id="dfn-SubtleCrypto-method-encrypt"><code>encrypt</code></dfn>
method returns a new Promise object that will encrypt data using
@@ -1095,7 +1127,7 @@
</div>
<div id="SubtleCrypto-method-decrypt" class="section">
- <h4>13.3.2. The decrypt method</h4>
+ <h4>14.3.2. The decrypt method</h4>
<p>
The <dfn id="dfn-SubtleCrypto-method-decrypt"><code>decrypt</code></dfn>
method returns a new Promise object that will decrypt data using the specified
@@ -1158,7 +1190,7 @@
</div>
<div id="SubtleCrypto-method-sign" class="section">
- <h4>13.3.3. The sign method</h4>
+ <h4>14.3.3. The sign method</h4>
<p>
The <dfn id="dfn-SubtleCrypto-method-sign"><code>sign</code></dfn> method
returns a new Promise object that will sign data using the specified
@@ -1220,7 +1252,7 @@
</div>
<div id="SubtleCrypto-method-verify" class="section">
- <h4>13.3.4. The verify method</h4>
+ <h4>14.3.4. The verify method</h4>
<p>
The <dfn id="dfn-SubtleCrypto-method-verify"><code>verify</code></dfn> method
returns a new CryptoOperation object that will verify data using the specified
@@ -1283,7 +1315,7 @@
</div>
<div id="SubtleCrypto-method-digest" class="section">
- <h4>13.3.5. The digest method</h4>
+ <h4>14.3.5. The digest method</h4>
<p>
The <dfn id="dfn-SubtleCrypto-method-digest"><code>digest</code></dfn> method returns
a new Promise object that will digest data using the specified
@@ -1337,7 +1369,7 @@
</div>
<div id="SubtleCrypto-method-generateKey" class="section">
- <h4>13.3.6. The generateKey method</h4>
+ <h4>14.3.6. The generateKey method</h4>
<p>
When invoked, <dfn id="dfn-SubtleCrypto-method-generateKey">
<code>generateKey</code></dfn> <span class="RFC2119">MUST</span> perform the
@@ -1418,7 +1450,7 @@
</div>
<div id="SubtleCrypto-method-deriveKey" class="section">
- <h4>13.3.7. The deriveKey method</h4>
+ <h4>14.3.7. The deriveKey method</h4>
<p>
When invoked, <dfn id="dfn-SubtleCrypto-method-deriveKey"><code>deriveKey</code></dfn>
<span class="RFC2119">MUST</span> perform the following steps:
@@ -1535,7 +1567,7 @@
</div>
<div id="SubtleCrypto-method-deriveBits" class="section">
- <h4>13.3.8. The deriveBits method</h4>
+ <h4>14.3.8. The deriveBits method</h4>
<p>
When invoked, <dfn id="dfn-SubtleCrypto-method-deriveBits"><code>deriveBits</code></dfn>
<span class="RFC2119">MUST</span> perform the following steps:
@@ -1619,7 +1651,7 @@
</div>
<div id="SubtleCrypto-method-importKey" class="section">
- <h4>13.3.9. The <dfn id="dfn-SubtleCrypto-method-importKey">importKey</dfn> method</h4>
+ <h4>14.3.9. The <dfn id="dfn-SubtleCrypto-method-importKey">importKey</dfn> method</h4>
<p>
When invoked, the <dfn id="dfn-SubtleCrypto-method-importKey">importKey</dfn> method
<span class="RFC2119">MUST</span> perform the following steps:
@@ -1745,7 +1777,7 @@
</div>
<div id="SubtleCrypto-method-exportKey" class="section">
- <h4>13.3.10. The <dfn id="dfn-SubtleCrypto-method-exportKey">exportKey</dfn> method</h4>
+ <h4>14.3.10. The <dfn id="dfn-SubtleCrypto-method-exportKey">exportKey</dfn> method</h4>
<p>
When invoked, the <dfn id="dfn-SubtleCrypto-method-exportKey">exportKey</dfn> method
<span class="RFC2119">MUST</span> perform the following steps:
@@ -1813,7 +1845,7 @@
</div>
<div id="SubtleCrypto-method-wrapKey" class="section">
- <h4>13.3.11. The wrapKey method</h4>
+ <h4>14.3.11. The wrapKey method</h4>
<p>
When invoked, the <dfn id="dfn-SubtleCrypto-method-wrapKey">wrapKey</dfn> method <span class="RFC2119">MUST</span> perform the following steps:
</p>
@@ -1919,7 +1951,7 @@
</div>
<div id="SubtleCrypto-method-unwrapKey" class="section">
- <h4>13.3.12. The unwrapKey method</h4>
+ <h4>14.3.12. The unwrapKey method</h4>
<p>
When invoked, the <dfn id="dfn-SubtleCrypto-method-unwrapKey">unwrapKey</dfn> method
<span class="RFC2119">MUST</span> perform the following steps:
@@ -2073,7 +2105,7 @@
</div>
<div id="WorkerCrypto-interface" class="section">
- <h2>14. WorkerCrypto interface</h2>
+ <h2>15. WorkerCrypto interface</h2>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
interface <dfn id="dfn-WorkerCrypto">WorkerCrypto</dfn> {
};
@@ -2085,7 +2117,7 @@
};
</code></pre></div></div>
<div id="WorkerCrypto-description" class="section">
- <h3>14.1. Description</h3>
+ <h3>15.1. Description</h3>
<p>
The <a href="#dfn-WorkerCrypto">WorkerCrypto</a> interface provides cryptographic
functionality for background scripts, as specified by Web Workers [
@@ -2103,7 +2135,7 @@
</div>
<div id="big-integer" class="section">
- <h2>15. BigInteger</h2>
+ <h2>16. BigInteger</h2>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
typedef Uint8Array <dfn id="dfn-BigInteger">BigInteger</dfn>;
</code></pre></div></div>
@@ -2123,7 +2155,7 @@
</div>
<div id="keypair" class="section">
- <h2>16. KeyPair</h2>
+ <h2>17. KeyPair</h2>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
interface <dfn id="dfn-KeyPair">KeyPair</dfn> {
<a href="#dfn-Key">Key</a> publicKey;
@@ -2137,7 +2169,7 @@
</div>
<div id="algorithms" class="section">
- <h2>17. Algorithms</h2>
+ <h2>18. Algorithms</h2>
<div class="ednote"><div class="ednoteHeader">Editorial note</div>
<p>
Note: All algorithms listed should be considered as "features at risk",
@@ -2152,7 +2184,7 @@
</p>
</div>
<div id="algorithms-index" class="section">
- <h3>17.1. Registered algorithms</h3>
+ <h3>18.1. Registered algorithms</h3>
<table>
<thead>
<tr>
@@ -2506,7 +2538,7 @@
</table>
</div>
<div id="recommended-algorithms" class="section">
- <h3>17.2. Recommended algorithms</h3>
+ <h3>18.2. Recommended algorithms</h3>
<p class="norm">This section is non-normative</p>
<p>
As the API is meant to be extensible in order to keep up with future developments within
@@ -2549,7 +2581,7 @@
</p>
</div>
<div id="defining-an-algorithm" class="section">
- <h3>17.3. Defining an algorithm</h3>
+ <h3>18.3. Defining an algorithm</h3>
<p>
Each algorithm that is to be exposed via the Web Cryptography API
<span class="RFC2119">SHOULD</span> be registered via the Web Cryptography working group,
@@ -2558,7 +2590,7 @@
<span class="RFC2119">MUST</span> be processed as if the sections had been defined.
</p>
<div id="recognized-algorithm-name" class="section">
- <h4>17.3.1. Recognized algorithm name</h4>
+ <h4>18.3.1. Recognized algorithm name</h4>
<p>
Each registered algorithm <span class="RFC2119">MUST</span> have a canonical name
for which applications can refer to the algorithm. The canonical name
@@ -2569,14 +2601,14 @@
</p>
</div>
<div id="supported-operations" class="section">
- <h4>17.3.2. Supported operations</h4>
+ <h4>18.3.2. Supported operations</h4>
<p>
Each registered algorithm <span class="RFC2119">MUST</span> define the operations
that it supports.
</p>
</div>
<div id="algorithm-specific-params" class="section">
- <h4>17.3.3. Algorithm-specific parameters</h4>
+ <h4>18.3.3. Algorithm-specific parameters</h4>
<p>
Each registered algorithm <span class="RFC2119">MUST</span> define the expected
parameters, if any, that should be exposed via the <a href="#dfn-Algorithm">Algorithm</a>
@@ -2584,7 +2616,7 @@
</p>
</div>
<div id="algorithm-result" class="section">
- <h4>17.3.4. Algorithm results</h4>
+ <h4>18.3.4. Algorithm results</h4>
<p>
Each registered algorithm <span class="RFC2119">MUST</span> define the contents
of the result of performing the underlying cryptographic operation for every
@@ -2592,7 +2624,7 @@
</p>
</div>
<div id="algorithm-alias" class="section">
- <h4>17.3.5. <dfn id="dfn-algorithm-alias">Algorithm aliases</dfn></h4>
+ <h4>18.3.5. <dfn id="dfn-algorithm-alias">Algorithm aliases</dfn></h4>
<p>
Each registered algorithm <span class="RFC2119">MAY</span> define one or more aliases
that may define a fully normalized <a href="#dfn-Algorithm">Algorithm</a> object.
@@ -2605,9 +2637,9 @@
</div>
<div id="rsaes-pkcs1" class="section">
- <h3>17.4. RSAES-PKCS1-v1_5</h3>
+ <h3>18.4. RSAES-PKCS1-v1_5</h3>
<div id="rsaes-pkcs1-description" class="section">
- <h4>17.4.1. Description</h4>
+ <h4>18.4.1. Description</h4>
<p>
The <code>"RSAES-PKCS1-v1_5"</code> algorithm identifier is used to perform encryption
and decryption ordering to the RSAES-PKCS1-v1_5 algorithm specified in
@@ -2615,7 +2647,7 @@
</p>
</div>
<div id="rsaes-pkcs1-registration" class="section">
- <h4>17.4.2. Registration</h4>
+ <h4>18.4.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
this algorithm is <code>"RSAES-PKCS1-v1_5"</code>.
@@ -2668,18 +2700,29 @@
</table>
</div>
<div id="RsaKeyGenParams-dictionary" class="section">
- <h4>17.4.3. RsaKeyGenParams dictionary</h4>
+ <h4>18.4.3. RsaKeyGenParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-RsaKeyGenParams">RsaKeyGenParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// The length, in bits, of the RSA modulus</span>
unsigned long modulusLength;
<span class="comment">// The RSA public exponent</span>
- BigInteger publicExponent;
+ <a href="#dfn-BigInteger">BigInteger</a> publicExponent;
+};
+ </code></pre></div></div>
+ </div>
+ <div id="RsaKeyAlgorithm-interface" class="section">
+ <h4>18.4.4. RsaKeyAlgorithm interface</h4>
+ <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
+interface <dfn id="dfn-RsaKeyAlgorithm">RsaKeyAlgorithm</dfn> : <a href="#dfn-KeyAlgorithm">KeyAlgorithm</a> {
+ <span class="comment">// The length, in bits, of the RSA modulus</span>
+ unsigned long <dfn id="dfn-RsaKeyAlgorithm-modulusLength">modulusLength</dfn>;
+ <span class="comment">// The RSA public exponent</span>
+ <a href="#dfn-BigInteger">BigInteger</a> <dfn id="dfn-RsaKeyAlgorithm-publicExponent">publicExponent</dfn>;
};
</code></pre></div></div>
</div>
<div id="rsaes-pkcs1-operations" class="section">
- <h4>17.4.4. Operations</h4>
+ <h4>18.4.5. Operations</h4>
<dl>
<dt>Encrypt</dt>
<dd>
@@ -2887,9 +2930,6 @@
to <code>"public"</code>
</p>
</li>
- <li>
- <p>Return <var>key</var>.</p>
- </li>
</ol>
</dd>
<dt>If <var>format</var> is <code>"pkcs8"</code>:</dt>
@@ -3051,13 +3091,27 @@
<li>
<p>
Let <var>algorithm</var> be a new
- <a href="#dfn-Algorithm">Algorithm</a>.
+ <a href="#dfn-RsaKeyAlgorithm">RsaKeyAlgorithm</a>.
</p>
</li>
<li>
<p>
- Set the <a href="#dfn-Algorithm-name">name</a> property of <var>
- algorithm</var> to <code>"RSAES-PKCS1-v1_5"</code>
+ Set the <a href="#dfn-KeyAlgorithm-name">name</a> property of
+ <var>algorithm</var> to <code>"RSAES-PKCS1-v1_5"</code>
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-RsaKeyAlgorithm-modulusLength">modulusLength</a>
+ property of <var>algorithm</var> to the length, in bits, of the RSA public
+ modulus.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-RsaKeyAlgorithm-publicExponent">publicExponent</a>
+ property of <var>algorithm</var> to the <a href="#dfn-BigInteger">BigInteger</a>
+ representation of the RSA public exponent.
</p>
</li>
<li>
@@ -3070,10 +3124,6 @@
<p>Return <var>key</var>.</p>
</li>
</ol>
- <div class="ednote"><div class="ednoteHeader">Editorial note</div>
- Specify additional fields for the Key.algorithm to indicate the
- modulus size and exponent.
- </div>
</dd>
<dt>Export Key</dt>
<dd></dd>
@@ -3086,9 +3136,9 @@
</div>
<div id="rsassa-pkcs1" class="section">
- <h3>17.5. RSASSA-PKCS1-v1_5</h3>
+ <h3>18.5. RSASSA-PKCS1-v1_5</h3>
<div id="rsassa-pkcs1-description" class="section">
- <h4>17.5.1. Description</h4>
+ <h4>18.5.1. Description</h4>
<p>
The <code>"RSASSA-PKCS1-v1_5"</code> algorithm identifier is used to perform
signing and verification using the RSASSA-PKCS1-v1_5 algorithm specified in
@@ -3096,7 +3146,7 @@
</p>
</div>
<div id="rsassa-pkcs1-registration" class="section">
- <h4>17.5.2. Registration</h4>
+ <h4>18.5.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
this algorithm is <code>"RSASSA-PKCS1-v1_5"</code>.
@@ -3112,22 +3162,22 @@
<tbody>
<tr>
<td>sign</td>
- <td><a href="#dfn-RsaSsaParams">RsaSsaParams</a></td>
+ <td>None</td>
<td>ArrayBuffer</td>
</tr>
<tr>
<td>verify</td>
- <td><a href="#dfn-RsaSsaParams">RsaSsaParams</a></td>
+ <td>None</td>
<td>boolean</td>
</tr>
<tr>
<td>generateKey</td>
- <td><a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a></td>
+ <td><a href="#dfn-RsaHashedKeyGenParams">RsaHashedKeyGenParams</a></td>
<td><a href="#dfn-KeyPair">KeyPair</a></td>
</tr>
<tr>
<td>importKey</td>
- <td>None</td>
+ <td><a href="#dfn-RsaHashedImportParams">RsaHashedImportParams</a></td>
<td><a href="#dfn-Key">Key</a></td>
</tr>
<tr>
@@ -3138,17 +3188,42 @@
</tbody>
</table>
</div>
- <div id="RsaSsaParams-dictionary" class="section">
- <h4>17.5.3. RsaSsaParams dictionary</h4>
+ <div id="RsaHashedKeyGenParams-dictionary" class="section">
+ <h4>18.5.3. RsaHashedKeyGenParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
-dictionary <dfn id="dfn-RsaSsaParams">RsaSsaParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
+dictionary <dfn id="dfn-RsaHashedKeyGenParams">RsaHashedKeyGenParams</dfn> : <a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a> {
<span class="comment">// The hash algorithm to use</span>
- AlgorithmIdentifier hash;
+ <a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> <dfn id="dfn-RsaHashedKeyGenParams-hash">hash</dfn>;
};
</code></pre></div></div>
</div>
+ <div id="RsaHashedKeyAlgorithm-interface" class="section">
+ <h4>18.5.4. RsaHashedKeyAlgorithm interface</h4>
+ <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
+[NoInterfaceObject]
+interface <dfn id="dfn-RsaHashedKeyAlgorithm">RsaHashedKeyAlgorithm</dfn> : <a href="#dfn-RsaKeyAlgorithm">RsaKeyAlgorithm</a> {
+ <span class="comment">// The hash algorithm that is used with this key</span>
+ readonly attribute <a href="#dfn-KeyAlgorithm">KeyAlgorithm</a> <dfn id="dfn-RsaHashedKeyAlgorithm-hash">hash</dfn>;
+};
+ </code></pre></div></div>
+ </div>
+ <div id="RsaHashedImportParams-dictionary" class="section">
+ <h4>18.5.5. RsaHashedImportParams dictionary</h4>
+ <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
+dictionary <dfn id="dfn-RsaHashedImportParams">RsaHashedImportParams</dfn> {
+ <span class="comment">// The hash algorithm to use</span>
+ <a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> <dfn id="dfn-RsaHashedImportParams-hash">hash</dfn>;
+};
+ </code></pre></div></div>
+ <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+ <p>
+ Should this be folded into RsaHashedKeyGenParams and rely on the optional nature of the
+ dictionary fields?
+ </p>
+ </div>
+ </div>
<div id="rsassa-pkcs1-operations" class="section">
- <h4>17.5.4. Operations</h4>
+ <h4>18.5.6. Operations</h4>
<dt>Sign</dt>
<dd>
<ol>
@@ -3160,13 +3235,6 @@
</li>
<li>
<p>
- If any of the members of <a href="#dfn-RsaSsaParams">RsaSsaParams</a> are not
- present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate
- this algorithm with an error.
- </p>
- </li>
- <li>
- <p>
Perform the signature generation operation defined in Section 8.2 of
[<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by
<var>key</var> as the signer's private key and the contents of
@@ -3203,13 +3271,6 @@
</li>
<li>
<p>
- If any of the members of <a href="#dfn-RsaSsaParams">RsaSsaParams</a> are
- not present in <var>normalizedAlgorithm</var>, or have incorrect types,
- terminate this algorithm with an error.
- </p>
- </li>
- <li>
- <p>
Perform the signature verification operation defined in Section 8.2 of
[<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by
<var>key</var> as the signer's RSA public key and the contents of
@@ -3240,7 +3301,7 @@
<ol>
<li>
<p>
- If any of the members of <a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a>
+ If any of the members of <a href="#dfn-RsaHashedKeyGenParams">RsaHashedKeyGenParams</a>
are not present in <var>normalizedAlgorithm</var>, or have incorrect types,
terminate this algorithm with an error.
</p>
@@ -3250,70 +3311,80 @@
Generate an RSA key pair, as defined in [<cite><a href="#RFC3447">RFC3447</a></cite>], with RSA modulus length
<var>normalizedAlgorithm</var><code>.modulusLength</code> and RSA public
exponent <var>normalizedAlgorithm</var><code>.publicExponent</code>.
- <ul>
- <li>
- <p>
- If generation of the key pair fails, terminate this algorithm with an
- error.
- </p>
- </li>
- <li>
- <p>
- Otherwise,
- <ol>
- <li>
- <p>
- Let <var>result</var> be a new <a href="#dfn-KeyPair"><code>KeyPair</code></a> object
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the
- public key of the generated key pair.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey.extractable</code> be
- <code>true</code>
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey.keyUsages</code> be the
- intersection of <var>usages</var> and <code>[ "verify" ]</code>.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.privateKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the
- private key of the generated key pair.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.privateKey.extractable</code> be
- <var>extractable</var>.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.privateKey.keyUsages</code> be the
- intersection of <var>usages</var> and <code>[ "sign" ]</code>.
- </p>
- </li>
- <li>
- <p>
- Return <var>result</var>.
- </p>
- </li>
- </ol>
- </p>
- </li>
- </ul>
+ </p>
+ </li>
+ <li>
+ <p>
+ If generation of the key pair fails, terminate this algorithm with an
+ error.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <a href="#dfn-KeyPair"><code>KeyPair</code></a> object
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var><code>.publicKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the
+ public key of the generated key pair.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var><code>.publicKey.extractable</code> be
+ <code>true</code>
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var><code>.publicKey.keyUsages</code> be the
+ intersection of <var>usages</var> and <code>[ "verify" ]</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var><code>.privateKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the
+ private key of the generated key pair.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var><code>.privateKey.extractable</code> be
+ <var>extractable</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var><code>.privateKey.keyUsages</code> be the
+ intersection of <var>usages</var> and <code>[ "sign" ]</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Return <var>result</var>.
</p>
</li>
</ol>
+ <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+ <p>
+ TODO: Specify how both the publicKey.algorithm and privateKey.algorithm
+ are instances of <a href="#dfn-RsaHashedKeyAlgorithm">RsaHashedKeyAlgorithm</a>
+ </p>
+ <p>
+ TODO: Specify that the operation should fail if KeyUsages other than
+ <code>"sign"</code> and <code>"verify"</code> are used.
+ </p>
+ <p>
+ TODO: Specify how the normalizedAlgorithm needs to be an instance of
+ the relevant RsaHashed*Params dictionary, with particular attention to the fact
+ that WebIDL violations should be handled asynchronously.
+ </p>
+ <p>
+ TODO: Specify the mapping between key.algorithm.hash and the appropriate Hash
+ functions (and back to OID).
+ </p>
+ </div>
</dd>
<dt>Import Key</dt>
<dd></dd>
@@ -3323,9 +3394,9 @@
</div>
<div id="rsa-pss" class="section">
- <h3>17.6. RSA-PSS</h3>
+ <h3>18.6. RSA-PSS</h3>
<div id="rsa-pss-description" class="section">
- <h4>17.6.1. Description</h4>
+ <h4>18.6.1. Description</h4>
<p>
The <code>"RSA-PSS"</code> algorithm identifier is used to perform signing
and verification using the RSASSA-PSS algorithm specified in
@@ -3334,7 +3405,7 @@
</p>
</div>
<div id="rsa-pss-registration" class="section">
- <h4>17.6.2. Registration</h4>
+ <h4>18.6.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
this algorithm is <code>"RSA-PSS"</code>.
@@ -3360,12 +3431,12 @@
</tr>
<tr>
<td>generateKey</td>
- <td><a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a></td>
+ <td><a href="#dfn-RsaHashedKeyGenParams">RsaHashedKeyGenParams</a></td>
<td><a href="#dfn-KeyPair">KeyPair</a></td>
</tr>
<tr>
<td>importKey</td>
- <td>None</td>
+ <td><a href="#dfn-RsaHashedImportParams">RsaHashedImportParams</a></td>
<td><a href="#dfn-Key">Key</a></td>
</tr>
<tr>
@@ -3376,19 +3447,17 @@
</tbody>
</table>
</div>
- <div id="rsa-pss-params" class="section">
- <h4>17.6.3. RsaPssParams dictionary</h4>
+ <div id="RsaPssParams-dictionary" class="section">
+ <h4>18.6.3. RsaPssParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-RsaPssParams">RsaPssParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
- <span class="comment">// The hash function to apply to the message</span>
- AlgorithmIdentifier hash;
<span class="comment">// The desired length of the random salt</span>
unsigned long saltLength;
};
</code></pre></div></div>
</div>
<div id="rsa-pss-operations" class="section">
- <h4>17.6.4. Operations</h4>
+ <h4>18.6.4. Operations</h4>
<dt>Sign</dt>
<dd>
<ol>
@@ -3410,7 +3479,7 @@
Perform the signature generation operation defined in Section 8.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var>
as the signer's private key, K, and the contents of <var>message</var> as the
message to be signed, M, and using the hash function specified in
- <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option, MGF1
+ <var>key</var><code>.algorithm.hash</code> as the Hash option, MGF1
(defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as
the MGF option and <var>normalizedAlgorithm</var><code>.saltLength</code> as the
salt length option for the EMM-PSS-ENCODE operation.
@@ -3454,7 +3523,7 @@
Perform the signature verification operation defined in Section 8.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var>
as the signer's RSA public key and the contents of <var>message</var> as M and
the contents of <var>signature</var> as S and using the hash function specified
- in <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option, MGF1
+ in <var>key</var><code>.algorithm.hash</code> as the Hash option, MGF1
(defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as
the MGF option and <var>normalizedAlgorithm</var><code>.saltLength</code> as the
salt length option for the EMSA-PSS-VERIFY operation.
@@ -3477,6 +3546,7 @@
</li>
</ol>
</dd>
+
<dt>Generate Key</dt>
<dd>
<ol>
@@ -3562,12 +3632,32 @@
<dt>Export Key</dt>
<dd></dd>
</div>
+
+ <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+ <p>
+ TODO: Specify how both the publicKey.algorithm and privateKey.algorithm
+ are instances of <a href="#dfn-RsaHashedKeyAlgorithm">RsaHashedKeyAlgorithm</a>
+ </p>
+ <p>
+ TODO: Specify that the operation should fail if KeyUsages other than
+ <code>"sign"</code> and <code>"verify"</code> are used.
+ </p>
+ <p>
+ TODO: Specify how the normalizedAlgorithm needs to be an instance of
+ the relevant RsaHashed*Params dictionary, with particular attention to the fact
+ that WebIDL violations should be handled asynchronously.
+ </p>
+ <p>
+ TODO: Specify the mapping between key.algorithm.hash and the appropriate Hash
+ functions (and back to OID).
+ </p>
+ </div>
</div>
<div id="rsa-oaep" class="section">
- <h3>17.7. RSA-OAEP</h3>
+ <h3>18.7. RSA-OAEP</h3>
<div id="rsa-oaep-description" class="section">
- <h4>17.7.1. Description</h4>
+ <h4>18.7.1. Description</h4>
<p>
The <code>"RSA-OAEP"</code> algorithm identifier is used to perform encryption
and decryption ordering to the RSAES-OAEP algorithm specified in
@@ -3576,7 +3666,7 @@
</p>
</div>
<div id="rsa-oaep-registration" class="section">
- <h4>17.7.2. Registration</h4>
+ <h4>18.7.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
this algorithm is <code>"RSA-OAEP"</code>.
@@ -3602,12 +3692,12 @@
</tr>
<tr>
<td>generateKey</td>
- <td><a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a></td>
+ <td><a href="#dfn-RsaHashedKeyGenParams">RsaHashedKeyGenParams</a></td>
<td><a href="#dfn-KeyPair">KeyPair</a></td>
</tr>
<tr>
<td>importKey</td>
- <td>None</td>
+ <td><a href="#dfn-RsaHashedImportParams">RsaHashedImportParams</a></td>
<td><a href="#dfn-Key">Key</a></td>
</tr>
<tr>
@@ -3630,18 +3720,16 @@
</div>
<div id="rsa-oaep-params" class="section">
- <h4>17.7.3. RsaOaepParams dictionary</h4>
+ <h4>18.7.3. RsaOaepParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-RsaOaepParams">RsaOaepParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
- <span class="comment">// The hash function to apply to the message</span>
- AlgorithmIdentifier hash;
<span class="comment">// The optional label/application data to associate with the message</span>
CryptoOperationData? label;
};
</code></pre></div></div>
</div>
<div id="rsa-oaep-operations" class="section">
- <h4>17.7.4. Operations</h4>
+ <h4>18.7.4. Operations</h4>
<dl>
<dt>Encrypt</dt>
<dd>
@@ -3823,12 +3911,31 @@
<dd></dd>
</dl>
</div>
+ <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+ <p>
+ TODO: Specify how both the publicKey.algorithm and privateKey.algorithm
+ are instances of <a href="#dfn-RsaHashedKeyAlgorithm">RsaHashedKeyAlgorithm</a>
+ </p>
+ <p>
+ TODO: Specify that the operation should fail if KeyUsages other than
+ <code>"sign"</code> and <code>"verify"</code> are used.
+ </p>
+ <p>
+ TODO: Specify how the normalizedAlgorithm needs to be an instance of
+ the relevant RsaHashed*Params dictionary, with particular attention to the fact
+ that WebIDL violations should be handled asynchronously.
+ </p>
+ <p>
+ TODO: Specify the mapping between key.algorithm.hash and the appropriate Hash
+ functions (and back to OID).
+ </p>
+ </div>
</div>
<div id="ecdsa" class="section">
- <h3>17.8. ECDSA</h3>
+ <h3>18.8. ECDSA</h3>
<div id="ecdsa-description" class="section">
- <h4>17.8.1. Description</h4>
+ <h4>18.8.1. Description</h4>
<p>
The <code>"ECDSA"</code> algorithm identifier is used to perform signing
and verification using the ECDSA algorithm specified in
@@ -3836,7 +3943,7 @@
</p>
</div>
<div id="ecdsa-registration" class="section">
- <h4>17.8.2. Registration</h4>
+ <h4>18.8.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
this algorithm is <code>"ECDSA"</code>.
@@ -3880,7 +3987,7 @@
</table>
</div>
<div id="EcdsaParams-dictionary" class="section">
- <h4>17.8.3. EcdsaParams dictionary</h4>
+ <h4>18.8.3. EcdsaParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-EcdsaParams">EcdsaParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// The hash algorithm to use</span>
@@ -3888,14 +3995,23 @@
};
</code></pre></div></div>
</div>
+ <div id="EcKeyAlgorithm-interface" class="section">
+ <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
+[NoInterfaceObject]
+interface <dfn id="dfn-EcKeyAlgorithm">EcKeyAlgorithm</dfn> : <a href="#dfn-KeyAlgorithm">KeyAlgorithm</a> {
+ <span class="comment">// The named curve that the key uses</span>
+ readonly attribute <a href="#dfn-NamedCurve">NamedCurve</a> namedCurve;
+};
+ </code></pre></div></div>
+ </div>
<div id="EcKeyGenParams-dictionary" class="section">
- <h4>17.8.4. EcKeyGenParams dictionary</h4>
+ <h4>18.8.5. EcKeyGenParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
typedef DOMString <a href="#dfn-NamedCurve">NamedCurve</a>;
dictionary <dfn id="dfn-EcKeyGenParams">EcKeyGenParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// A named curve</span>
- NamedCurve namedCurve;
+ <a href="#dfn-NamedCurve">NamedCurve</a> namedCurve;
};
</code></pre></div></div>
<p>
@@ -3914,7 +4030,7 @@
</div>
<div id="ecdsa-operations" class="section">
- <h4>17.8.5. Operations</h4>
+ <h4>18.8.6. Operations</h4>
<dl>
<dt>Sign</dt>
<dd>
@@ -4073,23 +4189,39 @@
</ol>
</dd>
<dt>Generate Key</dt>
- <dd>
- </dd>
+ <dd></dd>
+ <dt>Import Key</dt>
+ <dd></dd>
+ <dt>Export Key</dt>
+ <dd></dd>
</dl>
</div>
+ <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+ <p>
+ TODO: Figure out what to do if "alg" is present on a JWK when importing, as "alg"
+ also (potentially) indicates an inner hash algorithm (e.g. "ES256" indicates a
+ namedCurve of "P-256", but also a hash of "SHA-256"). However, "alg" is optional,
+ and all that is required when importing is a "kty" of "EC". This also requires
+ thinking through the export/wrap case.
+ </p>
+ <p>
+ TODO: Fix-up the processing model, which refers to the (much outdated) CryptoOperation
+ model.
+ </p>
+ </div>
</div>
<div id="ecdh" class="section">
- <h3>17.9. ECDH</h3>
+ <h3>18.9. ECDH</h3>
<div id="ecdh-description" class="section">
- <h4>17.9.1. Description</h4>
+ <h4>18.9.1. Description</h4>
<p>
This describes using Elliptic Curve Diffie-Hellman (ECDH) for key generation and key
agreement, as specified by <a href="#X9.63">X9.63</a>.
</p>
</div>
<div id="ecdh-registration" class="section">
- <h4>17.9.2. Registration</h4>
+ <h4>18.9.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
this algorithm is <code>"ECDH"</code>.
@@ -4133,7 +4265,7 @@
</table>
</div>
<div id="dh-EcdhKeyDeriveParams" class="section">
- <h4>17.9.3. EcdhKeyDeriveParams dictionary</h4>
+ <h4>18.9.3. EcdhKeyDeriveParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
typedef Uint8Array <dfn id="dfn-ECPoint">ECPoint</dfn>;
@@ -4149,7 +4281,7 @@
</p>
</div>
<div id="ecdh-operations" class="section">
- <h4>17.9.4. Operations</h4>
+ <h4>18.9.4. Operations</h4>
<dt>Generate Key</dt>
<dd>
<ol>
@@ -4292,6 +4424,15 @@
</div>
</li>
</ol>
+ <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+ <p>
+ Define how the finite field member <var>result</var> is converted to a bit-string.
+ </p>
+ <p>
+ Define how a key for the <var>normalizedDerivedKeyAlgorithm</var> is derived from
+ a given bit string (when not feeding into another KDF, such as Concat).
+ </p>
+ </div>
</dd>
<dt>Derive Bits</dt>
<dd>
@@ -4329,27 +4470,27 @@
</ol>
</p>
</li>
- <li>
- <div class="ednote"><div class="ednoteHeader">Editorial note</div>
- Define how the finite field member <var>result</var> is converted to a bit
- string.
- </div>
- </li>
</ol>
+ <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+ <p>
+ Define how the finite field member <var>result</var> is converted to a bit
+ string.
+ </p>
+ </div>
</dd>
</div>
</div>
<div id="aes-ctr" class="section">
- <h3>17.10. AES-CTR</h3>
+ <h3>18.10. AES-CTR</h3>
<div id="aes-ctr-description" class="section">
- <h4>17.10.1. Description</h4>
+ <h4>18.10.1. Description</h4>
<p>
</p>
</div>
<div id="aes-ctr-registration" class="section">
- <h4>17.10.2. Registration</h4>
+ <h4>18.10.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
this algorithm is <code>"AES-CTR"</code>.
@@ -4403,7 +4544,7 @@
</div>
<div id="aes-ctr-params" class="section">
- <h4>17.10.3. AesCtrParams dictionary</h4>
+ <h4>18.10.3. AesCtrParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-AesCtrParams">AesCtrParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// The initial value of the counter block. counter <span class="RFC2119">MUST</span> be 16 bytes
@@ -4420,8 +4561,17 @@
};
</code></pre></div></div>
</div>
+ <div id="AesKeyAlgorithm-interface" class="section">
+ <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
+[NoInterfaceObject]
+interface <dfn id="dfn-AesKeyAlgorithm">AesKeyAlgorithm</dfn> : <a href="#dfn-KeyAlgorithm">KeyAlgorithm</a> {
+ <span class="comment">// The length, in bits, of the key.</span>
+ readonly attribute unsigned short length;
+};
+ </code></pre></div></div>
+ </div>
<div id="aes-keygen-params" class="section">
- <h4>17.10.4. AesKeyGenParams dictionary</h4>
+ <h4>18.10.5. AesKeyGenParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-AesKeyGenParams">AesKeyGenParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// The length, in bits, of the key.</span>
@@ -4430,22 +4580,21 @@
</code></pre></div></div>
</div>
<div id="aes-ctr-operations" class="section">
- <h4>17.10.5. Operations</h4>
+ <h4>18.10.6. Operations</h4>
<ul>
<li>Encrypt</li>
<li>Decrypt</li>
<li>Generate Key</li>
<li>Import Key</li>
<li>Export Key</li>
-
</ul>
</div>
</div>
<div id="aes-cbc" class="section">
- <h3>17.11. AES-CBC</h3>
+ <h3>18.11. AES-CBC</h3>
<div id="aes-cbc-description" class="section">
- <h4>17.11.1. Description</h4>
+ <h4>18.11.1. Description</h4>
<p class="norm">This section is non-normative.</p>
<p>
The <code>"AES-CBC"</code> algorithm identifier is used to perform
@@ -4462,7 +4611,7 @@
</p>
</div>
<div id="aes-cbc-registration" class="section">
- <h4>17.11.2. Registration</h4>
+ <h4>18.11.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
this algorithm is <code>"AES-CBC"</code>.
@@ -4515,7 +4664,7 @@
</table>
</div>
<div id="aes-cbc-params" class="section">
- <h4>17.11.3. AesCbcParams dictionary</h4>
+ <h4>18.11.3. AesCbcParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-AesCbcParams">AesCbcParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// The initialization vector. <span class="RFC2119">MUST</span> be 16 bytes.</span>
@@ -4524,7 +4673,7 @@
</code></pre></div></div>
</div>
<div id="aes-cbc-operations" class="section">
- <h4>17.11.4. Operations</h4>
+ <h4>18.11.4. Operations</h4>
<ul>
<li>Encrypt</li>
<li>Decrypt</li>
@@ -4536,9 +4685,9 @@
</div>
<div id="aes-cmac" class="section">
- <h3>17.12. AES-CMAC</h3>
+ <h3>18.12. AES-CMAC</h3>
<div id="aes-cmac-description" class="section">
- <h4>17.12.1. Description</h4>
+ <h4>18.12.1. Description</h4>
<p class="norm">This section is non-normative.</p>
<p>
The <code>"AES-CMAC"</code> algorithm identifier is used to perform
@@ -4547,7 +4696,7 @@
</p>
</div>
<div id="aes-cmac-registration" class="section">
- <h4>17.12.2. Registration</h4>
+ <h4>18.12.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
this algorithm is <code>"AES-CMAC"</code>.
@@ -4591,7 +4740,7 @@
</table>
</div>
<div id="aes-cmac-operations" class="section">
- <h4>17.12.3. Operations</h4>
+ <h4>18.12.3. Operations</h4>
<ul>
<li>Sign</li>
<li>Verify</li>
@@ -4603,12 +4752,12 @@
</div>
<div id="aes-gcm" class="section">
- <h3>17.13. AES-GCM</h3>
+ <h3>18.13. AES-GCM</h3>
<div id="aes-gcm-description" class="section">
- <h4>17.13.1. Description</h4>
+ <h4>18.13.1. Description</h4>
</div>
<div id="aes-gcm-registration" class="section">
- <h4>17.13.2. Registration</h4>
+ <h4>18.13.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
this algorithm is <code>"AES-GCM"</code>.
@@ -4661,7 +4810,7 @@
</table>
</div>
<div id="aes-gcm-params" class="section">
- <h4>17.13.3. AesGcmParams dictionary</h4>
+ <h4>18.13.3. AesGcmParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-AesGcmParams">AesGcmParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// The initialization vector to use. May be up to 2^56 bytes long.</span>
@@ -4674,7 +4823,7 @@
</code></pre></div></div>
</div>
<div id="aes-gcm-operations" class="section">
- <h4>17.13.4. Operations</h4>
+ <h4>18.13.4. Operations</h4>
<ul>
<li>Encrypt</li>
<li>Decrypt</li>
@@ -4686,9 +4835,9 @@
</div>
<div id="aes-cfb" class="section">
- <h3>17.14. AES-CFB</h3>
+ <h3>18.14. AES-CFB</h3>
<div id="aes-cfb-description" class="section">
- <h4>17.14.1. Description</h4>
+ <h4>18.14.1. Description</h4>
<p class="norm">This section is non-normative.</p>
<p>
The <code>"AES-CFB"</code> algorithm identifier is used to perform
@@ -4698,7 +4847,7 @@
</p>
</div>
<div id="aes-cfb-registration" class="section">
- <h4>17.14.2. Registration</h4>
+ <h4>18.14.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
this algorithm is <code>"AES-CFB"</code>.
@@ -4751,7 +4900,7 @@
</table>
</div>
<div id="aes-cfb-params" class="section">
- <h4>17.14.3. AesCfbParams dictionary</h4>
+ <h4>18.14.3. AesCfbParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-AesCfbParams">AesCfbParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// The initialization vector. <span class="RFC2119">MUST</span> be 16 bytes.</span>
@@ -4760,7 +4909,7 @@
</code></pre></div></div>
</div>
<div id="aes-cfb-operations" class="section">
- <h4>17.14.4. Operations</h4>
+ <h4>18.14.4. Operations</h4>
<ul>
<li>Encrypt</li>
<li>Decrypt</li>
@@ -4772,9 +4921,9 @@
</div>
<div id="aes-kw" class="section">
- <h3>17.15. AES-KW</h3>
+ <h3>18.15. AES-KW</h3>
<div id="aes-kw-description" class="section">
- <h4>17.15.1. Description</h4>
+ <h4>18.15.1. Description</h4>
<p class="norm">This section is non-normative.</p>
<p>
The <code>"AES-KW"</code> algorithm identifier is used to perform
@@ -4783,7 +4932,7 @@
</p>
</div>
<div id="aes-kw-registration" class="section">
- <h4>17.15.2. Registration</h4>
+ <h4>18.15.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
this algorithm is <code>"AES-KW"</code>.
@@ -4827,7 +4976,7 @@
</table>
</div>
<div id="aes-kw-operations" class="section">
- <h4>17.15.3. Operations</h4>
+ <h4>18.15.3. Operations</h4>
<ul>
<li>Warp</li>
<li>Unwrap</li>
@@ -4839,12 +4988,12 @@
</div>
<div id="hmac" class="section">
- <h3>17.16. HMAC</h3>
+ <h3>18.16. HMAC</h3>
<div id="hmac-description" class="section">
- <h4>17.16.1. Description</h4>
+ <h4>18.16.1. Description</h4>
</div>
<div id="hmac-registration" class="section">
- <h4>17.16.2. Registration</h4>
+ <h4>18.16.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
this algorithm is <code>"HMAC"</code>.
@@ -4860,22 +5009,22 @@
<tbody>
<tr>
<td>sign</td>
- <td><a href="#dfn-HmacParams">HmacParams</a></td>
+ <td>None</td>
<td>ArrayBuffer</td>
</tr>
<tr>
<td>verify</td>
- <td><a href="#dfn-HmacParams">HmacParams</a></td>
+ <td>None</td>
<td>boolean</td>
</tr>
<tr>
<td>generateKey</td>
- <td><a href="#dfn-HmacKeyParams">HmacKeyParams</a></td>
+ <td><a href="#dfn-HmacKeyParams">HmacKeyGenParams</a></td>
<td><a href="#dfn-Key">Key</a></td>
</tr>
<tr>
<td>importKey</td>
- <td><a href="#dfn-HmacParams">HmacParams</a></td>
+ <td><a href="#dfn-HmacParams">HmacImportParams</a></td>
<td><a href="#dfn-Key">Key</a></td>
</tr>
<tr>
@@ -4886,19 +5035,28 @@
</tbody>
</table>
</div>
- <div id="hmac-params" class="section">
- <h4>17.16.3. HmacParams dictionary</h4>
+ <div id="hmac-importparams" class="section">
+ <h4>18.16.3. HmacImportParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
-dictionary <dfn id="dfn-HmacParams">HmacParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
+dictionary <dfn id="dfn-HmacImportParams">HmacImportParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// The inner hash function to use.</span>
AlgorithmIdentifier hash;
};
</code></pre></div></div>
</div>
- <div id="hmac-key-params" class="section">
- <h4>17.16.4. HmacKeyParams dictionary</h4>
+ <div id="hmac-keyalgorithm" class="section">
+ <h4>18.16.4. HmacKeyAlgorithm interface</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
-dictionary <dfn id="dfn-HmacKeyParams">HmacKeyParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
+dictionary <dfn id="dfn-HmacKeyAlgorithm">HmacKeyAlgorithm</dfn> : <a href="#dfn-KeyAlgorithm">KeyAlgorithm</a> {
+ <span class="comment">// The inner hash function to use.</span>
+ KeyAlgorithm hash;
+};
+ </code></pre></div></div>
+ </div>
+ <div id="hmac-keygen-params" class="section">
+ <h4>18.16.5. HmacKeyParams dictionary</h4>
+ <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
+dictionary <dfn id="dfn-HmacKeyGenParams">HmacKeyGenParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// The inner hash function to use.</span>
AlgorithmIdentifier hash;
<span class="comment">// The length (in bytes) of the key to generate. If unspecified, the
@@ -4909,7 +5067,7 @@
</code></pre></div></div>
</div>
<div id="hmac-operations" class="section">
- <h4>17.16.5. Operations</h4>
+ <h4>18.16.6. Operations</h4>
<ul>
<li>Sign</li>
<li>Verify</li>
@@ -4920,16 +5078,16 @@
</div>
</div>
<div id="dh" class="section">
- <h3>17.17. Diffie-Hellman</h3>
+ <h3>18.17. Diffie-Hellman</h3>
<div id="dh-description" class="section">
- <h4>17.17.1. Description</h4>
+ <h4>18.17.1. Description</h4>
<p>
This describes using Diffie-Hellman for key generation and key agreement, as specified
by <a href="#PKCS3">PKCS #3</a>.
</p>
</div>
<div id="dh-registration" class="section">
- <h4>17.17.2. Registration</h4>
+ <h4>18.17.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
this algorithm is <code>"DH"</code>.
@@ -4973,7 +5131,7 @@
</table>
</div>
<div id="dh-DhKeyGenParams" class="section">
- <h4>17.17.3. DhKeyGenParams dictionary</h4>
+ <h4>18.17.3. DhKeyGenParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-DhKeyGenParams">DhKeyGenParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// The prime p.</span>
@@ -4983,8 +5141,20 @@
};
</code></pre></div></div>
</div>
+ <div id="dh-DhKeyAlgorithm" class="section">
+ <h4>18.17.4. DhKeyAlgorithm interface</h4>
+ <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
+[NoInterfaceObject]
+interface <dfn id="dfn-DhKeyAlgorithm">DhKeyAlgorithm</dfn> : <a href="#dfn-KeyAlgorithm">KeyAlgorithm</a> {
+ <span class="comment">// The prime p.</span>
+ readonly attribute BigInteger prime;
+ <span class="comment">// The base g.</span>
+ readonly attribute BigInteger generator;
+};
+ </code></pre></div></div>
+ </div>
<div id="dh-DhKeyDeriveParams" class="section">
- <h4>17.17.4. DhKeyDeriveParams dictionary</h4>
+ <h4>18.17.5. DhKeyDeriveParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-DhKeyDeriveParams">DhKeyDeriveParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// The peer's public value.</span>
@@ -4993,7 +5163,7 @@
</code></pre></div></div>
</div>
<div id="dh-operations" class="section">
- <h4>17.17.5. Operations</h4>
+ <h4>18.17.6. Operations</h4>
<ul>
<li>Generate Key</li>
<li>Derive Key</li>
@@ -5002,18 +5172,26 @@
<li>Export Key</li>
</ul>
</div>
+ <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+ <p>
+ TODO: This interface is broken for import/export. Generate is defined in terms of
+ PKCS#3 - meaning it takes base/g and prime/p - whereas the dhpublicnumber used by
+ X.509/RFC 3279 uses the X9.42 form - meaning it takes base/g, prime/p, and subprime/q.
+ The inconsistency here needs to be resolved before this can be reliably implemented.
+ </p>
+ </div>
</div>
<div id="sha" class="section">
- <h3>17.18. SHA</h3>
+ <h3>18.18. SHA</h3>
<div id="sha-description" class="section">
- <h4>17.18.1. Description</h4>
+ <h4>18.18.1. Description</h4>
<p>
This describes the SHA-1 and SHA-2 families, as specified by
[<a href="#FIPS180-4">FIPS 180-4</a>].
</p>
</div>
<div id="sha-registration" class="section">
- <h4>17.18.2. Registration</h4>
+ <h4>18.18.2. Registration</h4>
<p>
The following algorithms are added as <a href="#recognized-algorithm-name">
recognized algorithm names</a>:
@@ -5048,16 +5226,16 @@
</table>
</div>
<div id="sha-operations" class="section">
- <h4>17.18.3. Operations</h4>
+ <h4>18.18.3. Operations</h4>
<ul>
<li>Digest</li>
</ul>
</div>
</div>
<div id="concatkdf" class="section">
- <h3>17.19. Concat KDF</h3>
+ <h3>18.19. Concat KDF</h3>
<div id="concatkdf-description" class="section">
- <h4>17.19.1. Description</h4>
+ <h4>18.19.1. Description</h4>
<p>
The <code>"CONCAT"</code> algorithm identifier is used to perform key derivation
using the key derivation algorithm defined in Section 5.8.1 of NIST SP 800-56A
@@ -5065,7 +5243,7 @@
</p>
</div>
<div id="concatkdf-registration" class="section">
- <h4>17.19.2. Registration</h4>
+ <h4>18.19.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
this algorithm is <code>"CONCAT"</code>.
@@ -5093,7 +5271,7 @@
</table>
</div>
<div id="concat-params" class="section">
- <h4>17.19.3. ConcatParams dictionary</h4>
+ <h4>18.19.3. ConcatParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-ConcatParams">ConcatParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// The digest method to use to derive the keying material.</span>
@@ -5116,7 +5294,7 @@
</code></pre></div></div>
</div>
<div id="concat-operations" class="section">
- <h4>17.19.4. Operations</h4>
+ <h4>18.19.4. Operations</h4>
<ul>
<li>Derive Key</li>
<li>Derive Bits</li>
@@ -5124,9 +5302,9 @@
</div>
</div>
<div id="hkdf-ctr" class="section">
- <h3>17.20. HKDF-CTR</h3>
+ <h3>18.20. HKDF-CTR</h3>
<div id="hkdf-ctr-description" class="section">
- <h4>17.20.1. Description</h4>
+ <h4>18.20.1. Description</h4>
<p class="norm">This section is non-normative.</p>
<p>
The <code>"HKDF-CTR"</code> algorithm identifier is used to
@@ -5138,7 +5316,7 @@
</p>
</div>
<div id="hkdf-ctr-registration" class="section">
- <h4>17.20.2. Registration</h4>
+ <h4>18.20.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a>
for this algorithm is <code>"HKDF-CTR"</code>.
@@ -5166,7 +5344,7 @@
</table>
</div>
<div id="hkdf-ctr-params" class="section">
- <h4>17.20.3. HkdfCtrParams dictionary</h4>
+ <h4>18.20.3. HkdfCtrParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-HkdfCtrParams">HkdfCtrParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// The algorithm to use with HMAC (eg: <a href="#sha-256">SHA-256</a>)</span>
@@ -5190,7 +5368,7 @@
</div>
</div>
<div id="hkdf2-ctr-operations" class="section">
- <h4>17.20.4. Operations</h4>
+ <h4>18.20.4. Operations</h4>
<ul>
<li>Derive Key</li>
<li>Derive Bits</li>
@@ -5199,12 +5377,12 @@
</div>
<div id="pbkdf2" class="section">
- <h3>17.21. PBKDF2</h3>
+ <h3>18.21. PBKDF2</h3>
<div id="pbkdf2-description" class="section">
- <h4>17.21.1. Description</h4>
+ <h4>18.21.1. Description</h4>
</div>
<div id="pbkdf2-registration" class="section">
- <h4>17.21.2. Registration</h4>
+ <h4>18.21.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
this algorithm is <code>"PBKDF2"</code>.
@@ -5232,7 +5410,7 @@
</table>
</div>
<div id="pbkdf2-params" class="section">
- <h4>17.21.3. Pbkdf2Params dictionary</h4>
+ <h4>18.21.3. Pbkdf2Params dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-Pbkdf2Params">Pbkdf2Params</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
CryptoOperationData salt;
@@ -5251,7 +5429,7 @@
</div>
</div>
<div id="pbkdf2-operations" class="section">
- <h4>17.21.4. Operations</h4>
+ <h4>18.21.4. Operations</h4>
<ul>
<li>Derive Key</li>
<li>Derive Bits</li>
@@ -5261,7 +5439,7 @@
</div>
<div id="algorithm-normalizing-rules" class="section">
- <h2>18. Algorithm normalizing rules</h2>
+ <h2>19. Algorithm normalizing rules</h2>
<p>
The <a href="#dfn-AlgorithmIdentifier"><code>AlgorithmIdentifier</code></a> typedef
permits algorithms to be specified as either a <code>dictionary</code> or a DOMString. In
@@ -5320,11 +5498,19 @@
Return <var>result</var>.
</li>
</ol>
+ <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+ <p>
+ WARNING: This section is broken for purpose. Further, normalization at this degree is
+ is no longer required, as the algorithm is never reflected back to the caller. Instead,
+ specify how specific algorithms can/should validate the parameters - and how to perform
+ DOMString substitutions.
+ </p>
+ </div>
</div>
<div id="examples-section" class="section">
- <h2>19. JavaScript Example Code</h2>
+ <h2>20. JavaScript Example Code</h2>
<div id="examples-signing" class="section">
- <h3>19.1. Generate a signing key pair, sign some data</h3>
+ <h3>20.1. Generate a signing key pair, sign some data</h3>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">ECMAScript</span></div><div class="blockContent"><pre class="code"><code class="es-code">
<span class="comment">// Algorithm Object</span>
@@ -5359,7 +5545,7 @@
</code></pre></div></div>
</div>
<div id="examples-symmetric-encryption" class="section">
- <h3>19.2. Symmetric Encryption</h3>
+ <h3>20.2. Symmetric Encryption</h3>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">ECMAScript</span></div><div class="blockContent"><pre class="code"><code class="es-code">
var clearDataArrayBufferView = convertPlainTextToArrayBufferView("Plain Text Data");
<span class="comment">// TODO: create example utility function that converts text -> ArrayBufferView</span>
@@ -5387,9 +5573,9 @@
</div>
</div>
<div id="iana-section" class="section">
- <h2>20. IANA Considerations</h2>
+ <h2>21. IANA Considerations</h2>
<div id="iana-section-jws-jwa" class="section">
- <h3>20.1. JSON Web Signature and Encryption Algorithms Registration</h3>
+ <h3>21.1. JSON Web Signature and Encryption Algorithms Registration</h3>
<p>
This section registers the following algorithm identifiers in the IANA JSON Web
Signature and Encryption Algorithms Registry for use with JSON Web Key. Note that the
@@ -5511,7 +5697,7 @@
</ul>
</div>
<div id="iana-section-jwk" class="section">
- <h3>20.2. JSON Web Key Parameters Registry</h3>
+ <h3>21.2. JSON Web Key Parameters Registry</h3>
<ul>
<li>Parameter Name: "ext"</li>
<li>Used with "kty" Value(s): *</li>
@@ -5522,7 +5708,7 @@
</div>
</div>
<div id="acknowledgements-section" class="section">
- <h2>21. Acknowledgements</h2>
+ <h2>22. Acknowledgements</h2>
<p>
The editors would like to thank Adam Barth, Alex Russell, Ali Asad, Arun Ranganathan,
Brian Smith, Brian Warner, Channy Yun, Eric Roman, Glenn Adams, Jim Schaad, Kai Engert,
@@ -5545,9 +5731,9 @@
</p>
</div>
<div id="references" class="section">
- <h2>22. References</h2>
+ <h2>23. References</h2>
<div id="normative-references" class="section">
- <h3>22.1. Normative References</h3>
+ <h3>23.1. Normative References</h3>
<dl>
<dt id="DOM4">DOM4</dt>
<dd>
@@ -5629,7 +5815,7 @@
</dl>
</div>
<div id="informative-references" class="section">
- <h3>22.2. Informative References</h3>
+ <h3>23.2. Informative References</h3>
<dl>
<dt id="CDSA">CDSA</dt>
<dd>