Bug 24410 - Define the import/export operations for ECDSA
authorRyan Sleevi <sleevi@google.com
Tue, 04 Mar 2014 00:00:00 -0800
changeset 151 3bcec0b69d53
parent 150 67a291d68b5e
child 152 7f235b914784
Bug 24410 - Define the import/export operations for ECDSA
spec/Overview-WebCryptoAPI.xml
spec/Overview.html
--- a/spec/Overview-WebCryptoAPI.xml	Tue Mar 04 00:00:00 2014 -0800
+++ b/spec/Overview-WebCryptoAPI.xml	Tue Mar 04 00:00:00 2014 -0800
@@ -5034,6 +5034,7 @@
             </x:codeblock>
           </div>
           <div id="EcKeyAlgorithm-interface" class="section">
+            <h4>EcKeyAlgorithm interface</h4>
             <x:codeblock language="idl">
 [NoInterfaceObject]
 interface <dfn id="dfn-EcKeyAlgorithm">EcKeyAlgorithm</dfn> : <a href="#dfn-KeyAlgorithm">KeyAlgorithm</a> {
@@ -5380,18 +5381,791 @@
               </dd>
 
               <dt>Import Key</dt>
-              <dd></dd>
+              <dd>
+                <ol>
+                  <li>
+                    <p>Let <var>keyData</var> be the key data to be imported.</p>
+                  </li>
+                  <li>
+                    <dl class="switch">
+                      <dt>If <var>format</var> is <code>"spki"</code>:</dt>
+                      <dd>
+                        <ol>
+                          <li>
+                            <p>
+                              Let <var>spki</var> be the result of running the
+                              <a href="#concept-parse-a-spki">parse a subjectPublicKeyInfo</a>
+                              algorithm over <var>keyData</var>
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              If an error occurred while parsing, terminate this algorithm with
+                              an error.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              If the <code>algorithm</code> object identifier field of the
+                              <code>algorithm</code> AlgorithmIdentifier field of <var>spki</var> is
+                              not equal to the <code>id-ecPublicKey</code>
+                              object identifier defined in <a href="#RFC5480">RFC 5480</a>,
+                              terminate the algorithm with an error.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              If the <code>parameters</code> field of the <code>algorithm</code>
+                              AlgorithmIdentifier field of <var>spki</var> is absent,
+                              terminate the algorithm with an error.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>params</var> be the <code>parameters</code> field of the
+                              <code>algorithm</code> AlgorithmIdentifier field of <var>spki</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              If <var>params</var> is not an instance of the
+                              <code>namedCurve</code> ASN.1 type defined in <a href="#RFC5480">RFC
+                              5480</a>, terminate this algorithm with an error.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object that
+                              represents the Elliptic Curve public key identified by performing the
+                              conversion steps defined in Section 2.2 of <a href="#RFC5480">RFC
+                              5480</a>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
+                              to <code>"public"</code>
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>algorithm</var> be a new <a
+                              href="#dfn-EcKeyAlgorithm">EcKeyAlgorithm</a>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-KeyAlgorithm-name">name</a> attribute of
+                              <var>algorithm</var> to <code>"ECDSA"</code>.
+                            </p>
+                          </li>
+                          <li>
+                            <dl class="switch">
+                              <dt>
+                                If <var>params</var> is equivalent to the <code>secp256r1</code>
+                                object identifier defined in <a href="#RFC5480">RFC 5480</a>:
+                              </dt>
+                              <dd>
+                                <p>
+                                  Set the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                  attribute of <var>algorithm</var> to <code>"P-256"</code>.
+                                </p>
+                              </dd>
+                              <dt>
+                                If <var>params</var> is equivalent to the <code>secp384r1</code>
+                                object identifier defined in <a href="#RFC5480">RFC 5480</a>:
+                              </dt>
+                              <dd>
+                                <p>
+                                  Set the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                  attribute of <var>algorithm</var> to <code>"P-384"</code>.
+                                </p>
+                              </dd>
+                              <dt>
+                                If <var>params</var> is equivalent to the <code>secp521r1</code>
+                                object identifier defined in <a href="#RFC5480">RFC 5480</a>:
+                              </dt>
+                              <dd>
+                                <p>
+                                  Set the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                  attribute of <var>algorithm</var> to <code>"P-521"</code>.
+                                </p>
+                              </dd>
+                              <dt>Otherwise:</dt>
+                              <dd><p>Terminate the algorithm with an error</p></dd>
+                            </dl>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                              <var>key</var> to <var>algorithm</var>.
+                            </p>
+                          </li>
+                        </ol>
+                      </dd>
+                      <dt>If <var>format</var> is <code>"pkcs8"</code>:</dt>
+                      <dd>
+                        <ol>
+                          <li>
+                            <p>
+                              Let <var>privateKeyInfo</var> be the result of running the
+                              <a href="#concept-parse-a-privateKeyInfo">parse a privateKeyInfo</a>
+                              algorithm over <var>keyData</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              If an error occurs while parsing, terminate this algorithm with an
+                              error.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              If the <code>algorithm</code> object identifier field of the
+                              <code>privateKeyAlgorithm</code> PrivateKeyAlgorithm field of
+                              <var>privateKeyInfo</var> is not equal to the
+                              <code>id-ecPublicKey</code> object identifier defined in <a
+                              href="#RFC5480">RFC 5480</a>, terminate this algorithm with an error.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              If the <code>parameters</code> field of the
+                              <code>privateKeyAlgorithm</code> PrivateKeyAlgorithmIdentifier field
+                              of <var>privateKeyInfo</var> is not present, terminate this algorithm
+                              with an error.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>params</var> be the <code>parameters</code> field of the
+                              <code>privateKeyAlgorithm</code> PrivateKeyAlgorithmIdentifier field
+                              of <var>privateKeyInfo</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              If the <var>params</var> is not an instance of the
+                              <code>namedCurve</code> ASN.1 type defined in <a href="#RFC5480">RFC
+                              5480</a>, terminate this algorithm with an error.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>ecPrivateKey</var> be the result of performing the <a
+                              href="#concept-parse-an-asn1-structure">parse an ASN.1 structure</a>
+                              algorithm, with <var>data</var> as the <code>privateKey</code> field
+                              of <var>privateKeyInfo</var>, <var>structure</var> as the ASN.1
+                              <code>ECPrivateKey</code> structure specified in Section 3 of <a
+                              href="#RFC5915">RFC 5915</a>, and <var>exactData</var> set to true.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              If an error occurred while parsing, terminate this algorithm with
+                              an error.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              If the <code>parameters</code> field of <var>ecPrivateKey</var> is
+                              present, and is not an instance of the <code>namedCurve</code> ASN.1
+                              type defined in <a href="#RFC5480">RFC 5480</a>, or does not contain
+                              the same object identifier as the <code>parameters</code> field of the
+                              <code>privateKeyAlgorithm</code> PrivateKeyAlgorithmIdentifier field
+                              of <var>privateKeyInfo</var>, terminate this algorithm with an error.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object that
+                              represents the Elliptic Curve private key identified by performing the
+                              conversion steps defined in Section 3 of <a href="#RFC5915">RFC
+                              5915</a>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
+                              to <code>"private"</code>
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>algorithm</var> be a new <a
+                              href="#dfn-EcKeyAlgorithm">EcKeyAlgorithm</a>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-KeyAlgorithm-name">name</a> attribute of
+                              <var>algorithm</var> to <code>"ECDSA"</code>.
+                            </p>
+                          </li>
+                          <li>
+                            <dl class="switch">
+                              <dt>
+                                If <var>params</var> is equivalent to the <code>secp256r1</code>
+                                object identifier defined in <a href="#RFC5480">RFC 5480</a>:
+                              </dt>
+                              <dd>
+                                <p>
+                                  Set the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                  attribute of <var>algorithm</var> to <code>"P-256"</code>.
+                                </p>
+                              </dd>
+                              <dt>
+                                If <var>params</var> is equivalent to the <code>secp384r1</code>
+                                object identifier defined in <a href="#RFC5480">RFC 5480</a>:
+                              </dt>
+                              <dd>
+                                <p>
+                                  Set the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                  attribute of <var>algorithm</var> to <code>"P-384"</code>.
+                                </p>
+                              </dd>
+                              <dt>
+                                If <var>params</var> is equivalent to the <code>secp521r1</code>
+                                object identifier defined in <a href="#RFC5480">RFC 5480</a>:
+                              </dt>
+                              <dd>
+                                <p>
+                                  Set the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                  attribute of <var>algorithm</var> to <code>"P-521"</code>.
+                                </p>
+                              </dd>
+                              <dt>Otherwise:</dt>
+                              <dd><p>Terminate the algorithm with an error</p></dd>
+                            </dl>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                              <var>key</var> to <var>algorithm</var>.
+                            </p>
+                          </li>
+                        </ol>
+                      </dd>
+                      <dt>If <var>format</var> is <code>"jwk"</code>:</dt>
+                      <dd>
+                        <ol>
+                          <li>
+                            <p>
+                              Let <var>jwk</var> be the result of running the
+                              <a href="#concept-parse-a-jwk">parse a JWK</a> algorithm over
+                              <var>keyData</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              If an error occurred while parsing, terminate this algorithm with
+                              an error.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              If the <code>"kty"</code> field of <var>jwk</var> is not a
+                              case-sensitive string match to <code>"EC"</code>, terminate this
+                              algorithm with an error.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              If the <code>"use"</code> field of <var>jwk</var> is present, and is
+                              not a case-sensitive string match to <code>"sig"</code>, terminate
+                              this algorithm with an error.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              If the <code>"key_ops"</code> field of <var>jwk</var> is present, and
+                              is invalid according to the requirements of <a href="#JWK">JSON Web
+                              Key</a>, or it does not contain all of the specified <var>usages</var>
+                              values, terminate this algorithm with an error.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              If the <code>"ext"</code> field of <var>jwk</var> is present and
+                              has the value false and <var>extractable</var> is true,
+                              terminate this algorithm with an error.
+                            </p>
+                          </li>
+                          <li>
+                            <dl class="switch">
+                              <dt>If the <code>"d"</code> field is present:</dt>
+                              <dd>
+                                <ol>
+                                  <li>
+                                    <p>
+                                      If <var>jwk</var> does not meet the requirements of Section
+                                      6.2.2 of <a href="#JWA">JSON Web Algorithms</a>, terminate
+                                      this algorithm with an error.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object
+                                      that represents the Elliptic Curve private key identified by
+                                      interpreting <var>jwk</var> according to Section 6.2.2 of <a
+                                      href="#JWA">JSON Web Algorithms</a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Set the <a href="#dfn-Key-type">type</a> attribute of
+                                      <var>Key</var> to <code>"private"</code>.
+                                    </p>
+                                  </li>
+                                </ol>
+                              </dd>
+                              <dt>Otherwise:</dt>
+                              <dd>
+                                <ol>
+                                  <li>
+                                    <p>
+                                      If <var>jwk</var> does not meet the requirements of Section
+                                      6.2.1 of <a href="#JWA">JSON Web Algorithms</a>, terminate
+                                      this algorithm with an error.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object
+                                      that represents the Elliptic Curve public key identified by
+                                      interpreting <var>jwk</var> according to Section 6.2.1 of <a
+                                      href="#JWA">JSON Web Algorithms</a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Set the <a href="#dfn-Key-type">type</a> attribute of
+                                      <var>Key</var> to <code>"public"</code>.
+                                    </p>
+                                  </li>
+                                </ol>
+                              </dd>
+                            </dl>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>algorithm</var> be a new instance of an <a
+                              href="#EcKeyAlgorithm">EcKeyAlgorithm</a> object.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-KeyAlgorithm-name">name</a> attribute of
+                              <var>algorithm</var> to <code>"ECDSA"</code>.
+                            </p>
+                          </li>
+                          <li>
+                            <dl class="switch">
+                              <dt>
+                                If the <code>"crv"</code> field of <var>jwk</var> is a
+                                case-sensitive string match to <code>"P-256"</code>
+                              </dt>
+                              <dd>
+                                <p>
+                                  Set the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                  attribute of <var>algorithm</var> to <code>"P-256"</code>.
+                                </p>
+                              </dd>
+                              <dt>
+                                If the <code>"crv"</code> field of <var>jwk</var> is a
+                                case-sensitive string match to <code>"P-384"</code>
+                              </dt>
+                              <dd>
+                                <p>
+                                  Set the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                  attribute of <var>algorithm</var> to <code>"P-384"</code>.
+                                </p>
+                              </dd>
+                              <dt>
+                                If the <code>"crv"</code> field of <var>jwk</var> is a
+                                case-sensitive string match to <code>"P-521"</code>
+                              </dt>
+                              <dd>
+                                <p>
+                                  Set the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                  attribute of <var>algorithm</var> to <code>"P-521"</code>.
+                                </p>
+                              </dd>
+                              <dt>Otherwise:</dt>
+                              <dd><p>Terminate the algorithm with an error</p></dd>
+                            </dl>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                              <var>key</var> to <var>algorithm</var>.
+                            </p>
+                          </li>
+                        </ol>
+                      </dd>
+                      <dt>Otherwise:</dt>
+                      <dd><p>Terminate the algorithm with an error.</p></dd>
+                    </dl>
+                  </li>
+                  <li>
+                    <p>
+                      Return <var>key</var>
+                    </p>
+                  </li>
+                </ol>
+              </dd>
+
               <dt>Export Key</dt>
-              <dd></dd>
+              <dd>
+                <ol>
+                  <li>
+                    <p>
+                      Let <var>key</var> be the <a href="#dfn-Key">Key</a> to be exported.
+                    </p>
+                  </li>
+                  <li>
+                    <dl class="switch">
+                      <dt>If <var>format</var> is <code>"spki"</code>:</dt>
+                      <dd>
+                        <ol>
+                          <li>
+                            <p>
+                              If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> is
+                              not <code>"public"</code>, terminate this algorithm with an error.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be the result of <a
+                              href="#concept-encode-a-subjectPublicKeyInfo">encoding a
+                              subjectPublicKeyInfo</a> with the following properties:
+                            </p>
+                            <ul>
+                              <li>
+                                <p>
+                                  Set the <var>algorithm</var> field to an
+                                  <code>AlgorithmIdentifier</code> ASN.1 type with the following
+                                  properties:
+                                </p>
+                                <ul>
+                                  <li>
+                                    <p>
+                                      Set the <var>algorithm</var> object identifier to the OID
+                                      <code>1.2.840.10045.2.1</code>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Set the <var>parameters</var> field to an instance of the
+                                      <code>namedCurve</code> ASN.1 type as follows:
+                                    </p>
+                                    <dl class="switch">
+                                      <dt>
+                                        If the <a
+                                        href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
+                                        attribute of <var>key</var> is <code>"P-256"</code>:
+                                      </dt>
+                                      <dd>
+                                        <p>
+                                          Let the <var>namedCurve</var> be the object identifier
+                                          <code>secp256r1</code> defined in <a href="#RFC5480">RFC
+                                          5480</a>
+                                        </p>
+                                      </dd>
+                                      <dt>
+                                        If the <a
+                                        href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
+                                        attribute of <var>key</var> is <code>"P-384"</code>:
+                                      </dt>
+                                      <dd>
+                                        <p>
+                                          Let the <var>namedCurve</var> be the object identifier
+                                          <code>secp384r1</code> defined in <a href="#RFC5480">RFC
+                                          5480</a>
+                                        </p>
+                                      </dd>
+                                      <dt>
+                                        If the <a
+                                        href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
+                                        attribute of <var>key</var> is <code>"P-521"</code>:
+                                      </dt>
+                                      <dd>
+                                        <p>
+                                          Let the <var>namedCurve</var> be the object identifier
+                                          <code>secp521r1</code> defined in <a href="#RFC5480">RFC
+                                          5480</a>
+                                        </p>
+                                      </dd>
+                                      <dt>Otherwise:</dt>
+                                      <dd>
+                                        <p>Terminate this algorithm with an error</p>
+                                      </dd>
+                                    </dl>
+                                  </li>
+                                </ul>
+                              </li>
+                              <li>
+                                <p>
+                                  Set the <var>subjectPublicKey</var> field to the octet string that
+                                  represents the Elliptic Curve public key identified by
+                                  <var>key</var> according to the encoding rules specified in
+                                  Section 2.2 of <a href="#RFC5480">RFC 5480</a> and using the
+                                  uncompressed form.
+                                </p>
+                              </li>
+                            </ul>
+                          </li>
+                        </ol>
+                      </dd>
+                      <dt>If <var>format</var> is <code>"pkcs8"</code>:</dt>
+                      <dd>
+                        <ol>
+                          <li>
+                            <p>
+                              If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
+                              is not <code>"private"</code>, terminate this algorithm with an
+                              error.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be the result of <a
+                              href="#concept-encode-a-privateKeyInfo">encoding a
+                              privateKeyInfo</a> with the following properties:
+                            </p>
+                            <ul>
+                              <li>
+                                <p>
+                                  Set the <var>version</var> field to <code>0</code>.
+                                </p>
+                              </li>
+                              <li>
+                                <p>
+                                  Set the <var>privateKeyAlgorithm</var> field to an
+                                  <code>PrivateKeyAlgorithmIdentifier</code> ASN.1 type with the
+                                  following properties:
+                                </p>
+                                <ul>
+                                  <li>
+                                    <p>
+                                      Set the <var>algorithm</var> object identifier to the OID
+                                      <code>1.2.840.10045.2.1</code>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Set the <var>parameters</var> field to an instance of the
+                                      <code>namedCurve</code> ASN.1 type as follows:
+                                    </p>
+                                    <dl class="switch">
+                                      <dt>
+                                        If the <a
+                                        href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
+                                        attribute of <var>key</var> is <code>"P-256"</code>:
+                                      </dt>
+                                      <dd>
+                                        <p>
+                                          Let the <var>namedCurve</var> be the object identifier
+                                          <code>secp256r1</code> defined in <a href="#RFC5480">RFC
+                                          5480</a>
+                                        </p>
+                                      </dd>
+                                      <dt>
+                                        If the <a
+                                        href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
+                                        attribute of <var>key</var> is <code>"P-384"</code>:
+                                      </dt>
+                                      <dd>
+                                        <p>
+                                          Let the <var>namedCurve</var> be the object identifier
+                                          <code>secp384r1</code> defined in <a href="#RFC5480">RFC
+                                          5480</a>
+                                        </p>
+                                      </dd>
+                                      <dt>
+                                        If the <a
+                                        href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
+                                        attribute of <var>key</var> is <code>"P-521"</code>:
+                                      </dt>
+                                      <dd>
+                                        <p>
+                                          Let the <var>namedCurve</var> be the object identifier
+                                          <code>secp521r1</code> defined in <a href="#RFC5480">RFC
+                                          5480</a>
+                                        </p>
+                                      </dd>
+                                      <dt>Otherwise:</dt>
+                                      <dd>
+                                        <p>Terminate this algorithm with an error</p>
+                                      </dd>
+                                    </dl>
+                                  </li>
+                                </ul>
+                              </li>
+                              <li>
+                                <p>
+                                  Set the <var>privateKey</var> field to the result of DER-encoding
+                                  an instance of the <code>ECPrivateKey</code> structure defined in
+                                  Section 3 of <a href="#RFC5915">RFC 5915</a> for the Elliptic
+                                  Curve private key represented by <var>key</var> and that conforms
+                                  to the following:
+                                </p>
+                                <ul>
+                                  <li>
+                                    <p>
+                                      The <var>parameters</var> field is present, and is equivalent
+                                      to the <var>parameters</var> field of the
+                                      <var>privateKeyAlgorithm</var> field of this
+                                      <code>PrivateKeyInfo</code> ASN.1 structure.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      The <var>publicKey</var> field is present and represents the
+                                      Elliptic Curve public key associated with the Elliptic Curve
+                                      private key represented by <var>key</var>.
+                                    </p>
+                                  </li>
+                                </ul>
+                              </li>
+                            </ul>
+                          </li>
+                        </ol>
+                      </dd>
+                      <dt>If <var>format</var> is <code>"jwk"</code>:</dt>
+                      <dd>
+                        <ol>
+                          <li>
+                            <p>
+                              Let <var>jwk</var> be a new internal object.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>kty</code> property of <var>jwk</var> to
+                              <code>"EC"</code>.
+                            </p>
+                          </li>
+                          <li>
+                            <dl class="switch">
+                              <dt>
+                                If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
+                                attribute of <var>key</var> is <code>P-256</code>:
+                              </dt>
+                              <dd>
+                                Set the <code>crv</code> property of <var>jwk</var> to
+                                <code>"P-256"</code>
+                              </dd>
+                              <dt>
+                                If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
+                                attribute of <var>key</var> is <code>P-384</code>:
+                              </dt>
+                              <dd>
+                                Set the <code>crv</code> property of <var>jwk</var> to
+                                <code>"P-384"</code>
+                              </dd>
+                              <dt>
+                                If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
+                                attribute of <var>key</var> is <code>P-521</code>:
+                              </dt>
+                              <dd>
+                                Set the <code>crv</code> property of <var>jwk</var> to
+                                <code>"P-521"</code>
+                              </dd>
+                              <dt>Otherwise</dt>
+                              <dd><p>Terminate this algorithm with an error</p></dd>
+                            </dl>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>x</code> property of <var>jwk</var> according to the
+                              definition in Section 6.2.1.2 of <a href="#JWA">JSON Web
+                              Algorithms</a>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>y</code> property of <var>jwk</var> according to the
+                              definition in Section 6.2.1.3 of <a href="#JWA">JSON Web
+                              Algorithms</a>.
+                            </p>
+                          </li>
+                          <li>
+                            <dl class="switch">
+                              <dt>
+                                If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
+                                is <code>private</code>
+                              </dt>
+                              <dd>
+                                <p>
+                                  Set the <code>d</code> property of <var>jwk</var> according to the
+                                  definition in Section 6.2.2.1 of <a href="#JWA">JSON Web
+                                  Algorithms</a>.
+                                </p>
+                              </dd>
+                            </dl>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>key_ops</code> property of <var>jwk</var> to the
+                              <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>ext</code> property of <var>jwk</var> to the <a
+                              href="#dfn-Key-extractable">extractable</a> attribute of
+                              <var>key</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
+                              into a string according to the grammer specified in Section 15.12 of
+                              <a href="#ECMA-262">ECMA262</a>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>data</var> be the UTF-8 encoding of
+                              <var>stringifiedJwk</var>.
+                            </p>
+                          </li>
+                        </ol>
+                      <dt>Otherwise:</dt>
+                      <dd><p>Terminate this algorithm with an error</p></dd>
+                      </dd>
+                    </dl>
+                  </li>
+                  <li>
+                    <p>
+                      Let <var>data</var> be a new <code>ArrayBuffer</code> that contains
+                      <var>result</var>.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Return <var>data</var>.
+                    </p>
+                  </li>
+                </ol>
+              </dd>
             </dl>
           </div>
           <div class="ednote">
             <p>
-              TODO: Figure out what to do if "alg" is present on a JWK when importing, as "alg"
-              also (potentially) indicates an inner hash algorithm (e.g. "ES256" indicates a
-              namedCurve of "P-256", but also a hash of "SHA-256"). However, "alg" is optional,
-              and all that is required when importing is a "kty" of "EC". This also requires
-              thinking through the export/wrap case.
+              OPEN ISSUE: The import/export of JWK ignores the "alg" field, because it does not
+              provide a 1:1 mapping between ECDSA (which choses the hash at sign/verify time,
+              because it is safe to do so) and the JWS alg (which incorporates the hash algorithm).
             </p>
           </div>
         </div>
@@ -5475,7 +6249,7 @@
                 </li>
                 <li>
                   <p>
-                    Generate an Eliptic Curve key pair, as defined in [<a href="#X9.63">X9.63</a>]
+                    Generate an Elliptic Curve key pair, as defined in [<a href="#X9.63">X9.63</a>]
                     with domain parameters for the curve identified by
                     the <a href="#dfn-ExKeyGenParams-namedCurve">namedCurve</a> property of
                     <var>normalizedAlgorithm</var>.
--- a/spec/Overview.html	Tue Mar 04 00:00:00 2014 -0800
+++ b/spec/Overview.html	Tue Mar 04 00:00:00 2014 -0800
@@ -28,7 +28,7 @@
   <link rel="stylesheet" href="//www.w3.org/StyleSheets/TR/W3C-ED" type="text/css" /></head>
 
   <body>
-    <div class="head"><div><a href="http://www.w3.org/"><img src="//www.w3.org/Icons/w3c_home" width="72" height="48" alt="W3C" /></a></div><h1>Web Cryptography API</h1><h2>W3C Editor’s Draft <em>4 March 2014</em></h2><dl><dt>Latest Editor’s Draft:</dt><dd><a href="http://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html">http://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html</a></dd><dt>Latest Published Version:</dt><dd><a href="http://www.w3.org/TR/WebCryptoAPI/">http://www.w3.org/TR/WebCryptoAPI/</a></dd><dt>Previous Version(s):</dt><dd><a href="https://dvcs.w3.org/hg/webcrypto-api/raw-file/0fe9b34c13fb/spec/Overview.html">https://dvcs.w3.org/hg/webcrypto-api/raw-file/0fe9b34c13fb/spec/Overview.html</a></dd><dt>Editors:</dt><dd><a href="http://www.google.com/">Ryan Sleevi</a>, Google, Inc. &lt;[email protected]&gt;</dd><dd><a href="http://www.netflix.com/">Mark Watson</a>, Netflix &lt;[email protected]&gt;</dd><dt>Participate:</dt><dd><p>Send feedback to <a href="mailto:[email protected]?subject=%5BWebCryptoAPI%5D">[email protected]</a> (<a href="http://lists.w3.org/Archives/Public/public-webcrypto/">archives</a>), or <a href="https://www.w3.org/Bugs/Public/enter_bug.cgi?product=Web%20Cryptography&amp;component=Web%20Cryptography%20API%20Document">file a bug</a> 
+    <div class="head"><div><a href="http://www.w3.org/"><img src="//www.w3.org/Icons/w3c_home" width="72" height="48" alt="W3C" /></a></div><h1>Web Cryptography API</h1><h2>W3C Editor’s Draft <em>5 March 2014</em></h2><dl><dt>Latest Editor’s Draft:</dt><dd><a href="http://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html">http://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html</a></dd><dt>Latest Published Version:</dt><dd><a href="http://www.w3.org/TR/WebCryptoAPI/">http://www.w3.org/TR/WebCryptoAPI/</a></dd><dt>Previous Version(s):</dt><dd><a href="https://dvcs.w3.org/hg/webcrypto-api/raw-file/0fe9b34c13fb/spec/Overview.html">https://dvcs.w3.org/hg/webcrypto-api/raw-file/0fe9b34c13fb/spec/Overview.html</a></dd><dt>Editors:</dt><dd><a href="http://www.google.com/">Ryan Sleevi</a>, Google, Inc. &lt;[email protected]&gt;</dd><dd><a href="http://www.netflix.com/">Mark Watson</a>, Netflix &lt;[email protected]&gt;</dd><dt>Participate:</dt><dd><p>Send feedback to <a href="mailto:[email protected]?subject=%5BWebCryptoAPI%5D">[email protected]</a> (<a href="http://lists.w3.org/Archives/Public/public-webcrypto/">archives</a>), or <a href="https://www.w3.org/Bugs/Public/enter_bug.cgi?product=Web%20Cryptography&amp;component=Web%20Cryptography%20API%20Document">file a bug</a> 
     (see <a href="https://www.w3.org/Bugs/Public/buglist.cgi?product=Web%20Cryptography&amp;component=Web%20Cryptography%20API%20Document&amp;resolution=---">existing bugs</a>).</p></dd></dl><p class="copyright"><a href="http://www.w3.org/Consortium/Legal/ipr-notice#Copyright">Copyright</a> &copy; view <a href="http://www.w3.org/"><abbr title="World Wide Web Consortium">W3C</abbr></a><sup>&reg;</sup> (<a href="http://www.csail.mit.edu/"><abbr title="Massachusetts Institute of Technology">MIT</abbr></a>, <a href="http://www.ercim.org/"><abbr title="European Research Consortium for Informatics and Mathematics">ERCIM</abbr></a>, <a href="http://www.keio.ac.jp/">Keio</a>), All Rights Reserved. W3C <a href="http://www.w3.org/Consortium/Legal/ipr-notice#Legal_Disclaimer">liability</a>, <a href="http://www.w3.org/Consortium/Legal/ipr-notice#W3C_Trademarks">trademark</a> and <a href="http://www.w3.org/Consortium/Legal/copyright-documents">document use</a> rules apply.</p></div><hr />
 
     <div class="section">
@@ -56,7 +56,7 @@
         report can be found in the <a href="http://www.w3.org/TR/">W3C technical
           reports index</a> at http://www.w3.org/TR/.
       </em></p><p>
-        This document is the 4 March 2014 <b>Editor’s Draft</b> of the
+        This document is the 5 March 2014 <b>Editor’s Draft</b> of the
         <cite>Web Cryptography API</cite> specification.
       
       Please send comments about this document to
@@ -134,7 +134,7 @@
 
     <div id="toc">
       <h2>Table of Contents</h2>
-      <div class="toc"><ul><li><a href="#introduction">1. Introduction</a></li><li><a href="#use-cases">2. Use Cases</a><ul><li><a href="#multifactor-authentication">2.1. Multi-factor Authentication</a></li><li><a href="#protected-document">2.2. Protected Document Exchange</a></li><li><a href="#cloud-storage">2.3. Cloud Storage</a></li><li><a href="#document-signing">2.4. Document Signing</a></li><li><a href="#data-integrity-protection">2.5. Data Integrity Protection</a></li><li><a href="#secure-messaging">2.6. Secure Messaging</a></li><li><a href="#jose">2.7. Javascript Object Signing and Encryption (JOSE)</a></li></ul></li><li><a href="#conformance">3. Conformance</a></li><li><a href="#scope">4. Scope</a><ul><li><a href="#scope-abstraction">4.1. Level of abstraction</a></li><li><a href="#scope-algorithms">4.2. Cryptographic algorithms</a></li><li><a href="#scope-operations">4.3. Operations</a></li><li><a href="#scope-out-of-scope">4.4. Out of scope</a></li></ul></li><li><a href="#security">5. Security considerations</a><ul><li><a href="#security-implementers">5.1. Security considerations for implementers</a></li><li><a href="#security-developers">5.2. Security considerations for authors</a></li></ul></li><li><a href="#privacy">6. Privacy considerations</a></li><li><a href="#dependencies">7. Dependencies</a></li><li><a href="#terminology">8. Terminology</a></li><li><a href="#RandomSource-interface">9. RandomSource interface</a><ul><li><a href="#RandomSource-description">9.1. Description</a></li><li><a href="#RandomSource-interface-methods">9.2. Methods and Parameters</a><ul><li><a href="#RandomSource-method-getRandomValues">9.2.1. The getRandomValues method</a></li></ul></li></ul></li><li><a href="#algorithm-dictionary">10. Algorithm dictionary</a><ul><li><a href="#algorithm-dictionary-members">10.1. Algorithm Dictionary Members</a></li></ul></li><li><a href="#key-algorithm-interface">11. KeyAlgorithm interface</a><ul><li><a href="#key-algorithm-interface-description">11.1. Description</a></li><li><a href="#key-algorithm-interface-members">11.2. KeyAlgorithm interface members</a></li></ul></li><li><a href="#key-interface">12. Key interface</a><ul><li><a href="#key-interface-description">12.1. Description</a></li><li><a href="#key-interface-types">12.2. Key interface data types</a></li><li><a href="#key-interface-members">12.3. Key interface members</a></li><li><a href="#key-interface-clone">12.4. Structured clone algorithm</a></li></ul></li><li><a href="#crypto-interface">13. Crypto interface</a></li><li><a href="#subtlecrypto-interface">14. SubtleCrypto interface</a><ul><li><a href="#subtlecrypto-interface-description">14.1. Description</a></li><li><a href="#subtlecrypto-interface-datatypes">14.2. Data Types</a></li><li><a href="#subtlecrypto-interface-methods">14.3. Methods and Parameters</a><ul><li><a href="#SubtleCrypto-method-encrypt">14.3.1. The encrypt method</a></li><li><a href="#SubtleCrypto-method-decrypt">14.3.2. The decrypt method</a></li><li><a href="#SubtleCrypto-method-sign">14.3.3. The sign method</a></li><li><a href="#SubtleCrypto-method-verify">14.3.4. The verify method</a></li><li><a href="#SubtleCrypto-method-digest">14.3.5. The digest method</a></li><li><a href="#SubtleCrypto-method-generateKey">14.3.6. The generateKey method</a></li><li><a href="#SubtleCrypto-method-deriveKey">14.3.7. The deriveKey method</a></li><li><a href="#SubtleCrypto-method-deriveBits">14.3.8. The deriveBits method</a></li><li><a href="#SubtleCrypto-method-importKey">14.3.9. The importKey method</a></li><li><a href="#SubtleCrypto-method-exportKey">14.3.10. The exportKey method</a></li><li><a href="#SubtleCrypto-method-wrapKey">14.3.11. The wrapKey method</a></li><li><a href="#SubtleCrypto-method-unwrapKey">14.3.12. The unwrapKey method</a></li></ul></li></ul></li><li><a href="#WorkerCrypto-interface">15. WorkerCrypto interface</a><ul><li><a href="#WorkerCrypto-description">15.1. Description</a></li></ul></li><li><a href="#big-integer">16. BigInteger</a></li><li><a href="#keypair">17. KeyPair</a></li><li><a href="#algorithms">18. Algorithms</a><ul><li><a href="#algorithms-index">18.1. Registered algorithms</a></li><li><a href="#recommended-algorithms">18.2. Recommended algorithms</a></li><li><a href="#defining-an-algorithm">18.3. Defining an algorithm</a><ul><li><a href="#recognized-algorithm-name">18.3.1. Recognized algorithm name</a></li><li><a href="#supported-operations">18.3.2. Supported operations</a></li><li><a href="#algorithm-specific-params">18.3.3. Algorithm-specific parameters</a></li><li><a href="#algorithm-result">18.3.4. Algorithm results</a></li><li><a href="#algorithm-alias">18.3.5. Algorithm aliases</a></li></ul></li><li><a href="#rsaes-pkcs1">18.4. RSAES-PKCS1-v1_5</a><ul><li><a href="#rsaes-pkcs1-description">18.4.1. Description</a></li><li><a href="#rsaes-pkcs1-registration">18.4.2. Registration</a></li><li><a href="#RsaKeyGenParams-dictionary">18.4.3. RsaKeyGenParams dictionary</a></li><li><a href="#RsaKeyAlgorithm-interface">18.4.4. RsaKeyAlgorithm interface</a></li><li><a href="#rsaes-pkcs1-operations">18.4.5. Operations</a></li></ul></li><li><a href="#rsassa-pkcs1">18.5. RSASSA-PKCS1-v1_5</a><ul><li><a href="#rsassa-pkcs1-description">18.5.1. Description</a></li><li><a href="#rsassa-pkcs1-registration">18.5.2. Registration</a></li><li><a href="#RsaHashedKeyGenParams-dictionary">18.5.3. RsaHashedKeyGenParams dictionary</a></li><li><a href="#RsaHashedKeyAlgorithm-interface">18.5.4. RsaHashedKeyAlgorithm interface</a></li><li><a href="#RsaHashedImportParams-dictionary">18.5.5. RsaHashedImportParams dictionary</a></li><li><a href="#rsassa-pkcs1-operations">18.5.6. Operations</a></li></ul></li><li><a href="#rsa-pss">18.6. RSA-PSS</a><ul><li><a href="#rsa-pss-description">18.6.1. Description</a></li><li><a href="#rsa-pss-registration">18.6.2. Registration</a></li><li><a href="#RsaPssParams-dictionary">18.6.3. RsaPssParams dictionary</a></li><li><a href="#rsa-pss-operations">18.6.4. Operations</a></li></ul></li><li><a href="#rsa-oaep">18.7. RSA-OAEP</a><ul><li><a href="#rsa-oaep-description">18.7.1. Description</a></li><li><a href="#rsa-oaep-registration">18.7.2. Registration</a></li><li><a href="#rsa-oaep-params">18.7.3. RsaOaepParams dictionary</a></li><li><a href="#rsa-oaep-operations">18.7.4. Operations</a></li></ul></li><li><a href="#ecdsa">18.8. ECDSA</a><ul><li><a href="#ecdsa-description">18.8.1. Description</a></li><li><a href="#ecdsa-registration">18.8.2. Registration</a></li><li><a href="#EcdsaParams-dictionary">18.8.3. EcdsaParams dictionary</a></li><li><a href="#EcKeyAlgorithm-interface">18.8.4. </a></li><li><a href="#EcKeyGenParams-dictionary">18.8.5. EcKeyGenParams dictionary</a></li><li><a href="#EcKeyImportParams-dictionary">18.8.6. EcKeyImportParams dictionary</a></li><li><a href="#ecdsa-operations">18.8.7. Operations</a></li></ul></li><li><a href="#ecdh">18.9. ECDH</a><ul><li><a href="#ecdh-description">18.9.1. Description</a></li><li><a href="#ecdh-registration">18.9.2. Registration</a></li><li><a href="#dh-EcdhKeyDeriveParams">18.9.3. EcdhKeyDeriveParams dictionary</a></li><li><a href="#ecdh-operations">18.9.4. Operations</a></li></ul></li><li><a href="#aes-ctr">18.10. AES-CTR</a><ul><li><a href="#aes-ctr-description">18.10.1. Description</a></li><li><a href="#aes-ctr-registration">18.10.2. Registration</a></li><li><a href="#aes-ctr-params">18.10.3. AesCtrParams dictionary</a></li><li><a href="#AesKeyAlgorithm-interface">18.10.4. </a></li><li><a href="#aes-keygen-params">18.10.5. AesKeyGenParams dictionary</a></li><li><a href="#aes-derivedkey-params">18.10.6. AesDerivedKeyParams dictionary</a></li><li><a href="#aes-ctr-operations">18.10.7. Operations</a></li></ul></li><li><a href="#aes-cbc">18.11. AES-CBC</a><ul><li><a href="#aes-cbc-description">18.11.1. Description</a></li><li><a href="#aes-cbc-registration">18.11.2. Registration</a></li><li><a href="#aes-cbc-params">18.11.3. AesCbcParams dictionary</a></li><li><a href="#aes-cbc-operations">18.11.4. Operations</a></li></ul></li><li><a href="#aes-cmac">18.12. AES-CMAC</a><ul><li><a href="#aes-cmac-description">18.12.1. Description</a></li><li><a href="#aes-cmac-registration">18.12.2. Registration</a></li><li><a href="#aes-keygen-params">18.12.3. AesCmacParams dictionary</a></li><li><a href="#aes-cmac-operations">18.12.4. Operations</a></li></ul></li><li><a href="#aes-gcm">18.13. AES-GCM</a><ul><li><a href="#aes-gcm-description">18.13.1. Description</a></li><li><a href="#aes-gcm-registration">18.13.2. Registration</a></li><li><a href="#aes-gcm-params">18.13.3. AesGcmParams dictionary</a></li><li><a href="#aes-gcm-operations">18.13.4. Operations</a></li></ul></li><li><a href="#aes-cfb">18.14. AES-CFB</a><ul><li><a href="#aes-cfb-description">18.14.1. Description</a></li><li><a href="#aes-cfb-registration">18.14.2. Registration</a></li><li><a href="#aes-cfb-params">18.14.3. AesCfbParams dictionary</a></li><li><a href="#aes-cfb-operations">18.14.4. Operations</a></li></ul></li><li><a href="#aes-kw">18.15. AES-KW</a><ul><li><a href="#aes-kw-description">18.15.1. Description</a></li><li><a href="#aes-kw-registration">18.15.2. Registration</a></li><li><a href="#aes-kw-operations">18.15.3. Operations</a></li></ul></li><li><a href="#hmac">18.16. HMAC</a><ul><li><a href="#hmac-description">18.16.1. Description</a></li><li><a href="#hmac-registration">18.16.2. Registration</a></li><li><a href="#hmac-importparams">18.16.3. HmacImportParams dictionary</a></li><li><a href="#hmac-keyalgorithm">18.16.4. HmacKeyAlgorithm interface</a></li><li><a href="#hmac-keygen-params">18.16.5. HmacKeyGenParams dictionary</a></li><li><a href="#hmac-derivedkey-params">18.16.6. HmacDerivedKeyParams dictionary</a></li><li><a href="#hmac-operations">18.16.7. Operations</a></li></ul></li><li><a href="#dh">18.17. Diffie-Hellman</a><ul><li><a href="#dh-description">18.17.1. Description</a></li><li><a href="#dh-registration">18.17.2. Registration</a></li><li><a href="#dh-DhKeyGenParams">18.17.3. DhKeyGenParams dictionary</a></li><li><a href="#dh-DhKeyAlgorithm">18.17.4. DhKeyAlgorithm interface</a></li><li><a href="#dh-DhKeyDeriveParams">18.17.5. DhKeyDeriveParams dictionary</a></li><li><a href="#dh-DhImportKeyParams">18.17.6. DhImportKeyParams dictionary</a></li><li><a href="#dh-operations">18.17.7. Operations</a></li></ul></li><li><a href="#sha">18.18. SHA</a><ul><li><a href="#sha-description">18.18.1. Description</a></li><li><a href="#sha-registration">18.18.2. Registration</a></li><li><a href="#sha-operations">18.18.3. Operations</a></li></ul></li><li><a href="#concatkdf">18.19. Concat KDF</a><ul><li><a href="#concatkdf-description">18.19.1. Description</a></li><li><a href="#concatkdf-registration">18.19.2. Registration</a></li><li><a href="#concat-params">18.19.3. ConcatParams dictionary</a></li><li><a href="#concat-operations">18.19.4. Operations</a></li></ul></li><li><a href="#hkdf-ctr">18.20. HKDF-CTR</a><ul><li><a href="#hkdf-ctr-description">18.20.1. Description</a></li><li><a href="#hkdf-ctr-registration">18.20.2. Registration</a></li><li><a href="#hkdf-ctr-params">18.20.3. HkdfCtrParams dictionary</a></li><li><a href="#hkdf2-ctr-operations">18.20.4. Operations</a></li></ul></li><li><a href="#pbkdf2">18.21. PBKDF2</a><ul><li><a href="#pbkdf2-description">18.21.1. Description</a></li><li><a href="#pbkdf2-registration">18.21.2. Registration</a></li><li><a href="#pbkdf2-params">18.21.3. Pbkdf2Params dictionary</a></li><li><a href="#pbkdf2-operations">18.21.4. Operations</a></li></ul></li></ul></li><li><a href="#algorithm-normalizing-rules">19. Algorithm normalizing rules</a></li><li><a href="#examples-section">20. JavaScript Example Code</a><ul><li><a href="#examples-signing">20.1. Generate a signing key pair, sign some data</a></li><li><a href="#examples-symmetric-encryption">20.2. Symmetric Encryption</a></li></ul></li><li><a href="#iana-section">21. IANA Considerations</a><ul><li><a href="#iana-section-jws-jwa">21.1. JSON Web Signature and Encryption Algorithms Registration</a></li><li><a href="#iana-section-jwk">21.2. JSON Web Key Parameters Registry</a></li></ul></li><li><a href="#acknowledgements-section">22. Acknowledgements</a></li><li><a href="#references">23. References</a><ul><li><a href="#normative-references">23.1. Normative References</a></li><li><a href="#informative-references">23.2. Informative References</a></li></ul></li></ul><ul><li><a href="#jwk-mapping">A. Mapping between JSON Web Key / JSON Web Algorithm</a><ul><li><a href="#jwk-mapping-alg">A.1. Algorithm mappings</a></li><li><a href="#jwk-mapping-usage">A.2. Usage mapping</a></li></ul></li><li><a href="#spki-mapping">B. Mapping between Algorithm and SubjectPublicKeyInfo</a></li><li><a href="#pkcs8-mapping">C. Mapping between Algorithm and PKCS#8 PrivateKeyInfo</a></li></ul></div>
+      <div class="toc"><ul><li><a href="#introduction">1. Introduction</a></li><li><a href="#use-cases">2. Use Cases</a><ul><li><a href="#multifactor-authentication">2.1. Multi-factor Authentication</a></li><li><a href="#protected-document">2.2. Protected Document Exchange</a></li><li><a href="#cloud-storage">2.3. Cloud Storage</a></li><li><a href="#document-signing">2.4. Document Signing</a></li><li><a href="#data-integrity-protection">2.5. Data Integrity Protection</a></li><li><a href="#secure-messaging">2.6. Secure Messaging</a></li><li><a href="#jose">2.7. Javascript Object Signing and Encryption (JOSE)</a></li></ul></li><li><a href="#conformance">3. Conformance</a></li><li><a href="#scope">4. Scope</a><ul><li><a href="#scope-abstraction">4.1. Level of abstraction</a></li><li><a href="#scope-algorithms">4.2. Cryptographic algorithms</a></li><li><a href="#scope-operations">4.3. Operations</a></li><li><a href="#scope-out-of-scope">4.4. Out of scope</a></li></ul></li><li><a href="#security">5. Security considerations</a><ul><li><a href="#security-implementers">5.1. Security considerations for implementers</a></li><li><a href="#security-developers">5.2. Security considerations for authors</a></li></ul></li><li><a href="#privacy">6. Privacy considerations</a></li><li><a href="#dependencies">7. Dependencies</a></li><li><a href="#terminology">8. Terminology</a></li><li><a href="#RandomSource-interface">9. RandomSource interface</a><ul><li><a href="#RandomSource-description">9.1. Description</a></li><li><a href="#RandomSource-interface-methods">9.2. Methods and Parameters</a><ul><li><a href="#RandomSource-method-getRandomValues">9.2.1. The getRandomValues method</a></li></ul></li></ul></li><li><a href="#algorithm-dictionary">10. Algorithm dictionary</a><ul><li><a href="#algorithm-dictionary-members">10.1. Algorithm Dictionary Members</a></li></ul></li><li><a href="#key-algorithm-interface">11. KeyAlgorithm interface</a><ul><li><a href="#key-algorithm-interface-description">11.1. Description</a></li><li><a href="#key-algorithm-interface-members">11.2. KeyAlgorithm interface members</a></li></ul></li><li><a href="#key-interface">12. Key interface</a><ul><li><a href="#key-interface-description">12.1. Description</a></li><li><a href="#key-interface-types">12.2. Key interface data types</a></li><li><a href="#key-interface-members">12.3. Key interface members</a></li><li><a href="#key-interface-clone">12.4. Structured clone algorithm</a></li></ul></li><li><a href="#crypto-interface">13. Crypto interface</a></li><li><a href="#subtlecrypto-interface">14. SubtleCrypto interface</a><ul><li><a href="#subtlecrypto-interface-description">14.1. Description</a></li><li><a href="#subtlecrypto-interface-datatypes">14.2. Data Types</a></li><li><a href="#subtlecrypto-interface-methods">14.3. Methods and Parameters</a><ul><li><a href="#SubtleCrypto-method-encrypt">14.3.1. The encrypt method</a></li><li><a href="#SubtleCrypto-method-decrypt">14.3.2. The decrypt method</a></li><li><a href="#SubtleCrypto-method-sign">14.3.3. The sign method</a></li><li><a href="#SubtleCrypto-method-verify">14.3.4. The verify method</a></li><li><a href="#SubtleCrypto-method-digest">14.3.5. The digest method</a></li><li><a href="#SubtleCrypto-method-generateKey">14.3.6. The generateKey method</a></li><li><a href="#SubtleCrypto-method-deriveKey">14.3.7. The deriveKey method</a></li><li><a href="#SubtleCrypto-method-deriveBits">14.3.8. The deriveBits method</a></li><li><a href="#SubtleCrypto-method-importKey">14.3.9. The importKey method</a></li><li><a href="#SubtleCrypto-method-exportKey">14.3.10. The exportKey method</a></li><li><a href="#SubtleCrypto-method-wrapKey">14.3.11. The wrapKey method</a></li><li><a href="#SubtleCrypto-method-unwrapKey">14.3.12. The unwrapKey method</a></li></ul></li></ul></li><li><a href="#WorkerCrypto-interface">15. WorkerCrypto interface</a><ul><li><a href="#WorkerCrypto-description">15.1. Description</a></li></ul></li><li><a href="#big-integer">16. BigInteger</a></li><li><a href="#keypair">17. KeyPair</a></li><li><a href="#algorithms">18. Algorithms</a><ul><li><a href="#algorithms-index">18.1. Registered algorithms</a></li><li><a href="#recommended-algorithms">18.2. Recommended algorithms</a></li><li><a href="#defining-an-algorithm">18.3. Defining an algorithm</a><ul><li><a href="#recognized-algorithm-name">18.3.1. Recognized algorithm name</a></li><li><a href="#supported-operations">18.3.2. Supported operations</a></li><li><a href="#algorithm-specific-params">18.3.3. Algorithm-specific parameters</a></li><li><a href="#algorithm-result">18.3.4. Algorithm results</a></li><li><a href="#algorithm-alias">18.3.5. Algorithm aliases</a></li></ul></li><li><a href="#rsaes-pkcs1">18.4. RSAES-PKCS1-v1_5</a><ul><li><a href="#rsaes-pkcs1-description">18.4.1. Description</a></li><li><a href="#rsaes-pkcs1-registration">18.4.2. Registration</a></li><li><a href="#RsaKeyGenParams-dictionary">18.4.3. RsaKeyGenParams dictionary</a></li><li><a href="#RsaKeyAlgorithm-interface">18.4.4. RsaKeyAlgorithm interface</a></li><li><a href="#rsaes-pkcs1-operations">18.4.5. Operations</a></li></ul></li><li><a href="#rsassa-pkcs1">18.5. RSASSA-PKCS1-v1_5</a><ul><li><a href="#rsassa-pkcs1-description">18.5.1. Description</a></li><li><a href="#rsassa-pkcs1-registration">18.5.2. Registration</a></li><li><a href="#RsaHashedKeyGenParams-dictionary">18.5.3. RsaHashedKeyGenParams dictionary</a></li><li><a href="#RsaHashedKeyAlgorithm-interface">18.5.4. RsaHashedKeyAlgorithm interface</a></li><li><a href="#RsaHashedImportParams-dictionary">18.5.5. RsaHashedImportParams dictionary</a></li><li><a href="#rsassa-pkcs1-operations">18.5.6. Operations</a></li></ul></li><li><a href="#rsa-pss">18.6. RSA-PSS</a><ul><li><a href="#rsa-pss-description">18.6.1. Description</a></li><li><a href="#rsa-pss-registration">18.6.2. Registration</a></li><li><a href="#RsaPssParams-dictionary">18.6.3. RsaPssParams dictionary</a></li><li><a href="#rsa-pss-operations">18.6.4. Operations</a></li></ul></li><li><a href="#rsa-oaep">18.7. RSA-OAEP</a><ul><li><a href="#rsa-oaep-description">18.7.1. Description</a></li><li><a href="#rsa-oaep-registration">18.7.2. Registration</a></li><li><a href="#rsa-oaep-params">18.7.3. RsaOaepParams dictionary</a></li><li><a href="#rsa-oaep-operations">18.7.4. Operations</a></li></ul></li><li><a href="#ecdsa">18.8. ECDSA</a><ul><li><a href="#ecdsa-description">18.8.1. Description</a></li><li><a href="#ecdsa-registration">18.8.2. Registration</a></li><li><a href="#EcdsaParams-dictionary">18.8.3. EcdsaParams dictionary</a></li><li><a href="#EcKeyAlgorithm-interface">18.8.4. EcKeyAlgorithm interface</a></li><li><a href="#EcKeyGenParams-dictionary">18.8.5. EcKeyGenParams dictionary</a></li><li><a href="#EcKeyImportParams-dictionary">18.8.6. EcKeyImportParams dictionary</a></li><li><a href="#ecdsa-operations">18.8.7. Operations</a></li></ul></li><li><a href="#ecdh">18.9. ECDH</a><ul><li><a href="#ecdh-description">18.9.1. Description</a></li><li><a href="#ecdh-registration">18.9.2. Registration</a></li><li><a href="#dh-EcdhKeyDeriveParams">18.9.3. EcdhKeyDeriveParams dictionary</a></li><li><a href="#ecdh-operations">18.9.4. Operations</a></li></ul></li><li><a href="#aes-ctr">18.10. AES-CTR</a><ul><li><a href="#aes-ctr-description">18.10.1. Description</a></li><li><a href="#aes-ctr-registration">18.10.2. Registration</a></li><li><a href="#aes-ctr-params">18.10.3. AesCtrParams dictionary</a></li><li><a href="#AesKeyAlgorithm-interface">18.10.4. </a></li><li><a href="#aes-keygen-params">18.10.5. AesKeyGenParams dictionary</a></li><li><a href="#aes-derivedkey-params">18.10.6. AesDerivedKeyParams dictionary</a></li><li><a href="#aes-ctr-operations">18.10.7. Operations</a></li></ul></li><li><a href="#aes-cbc">18.11. AES-CBC</a><ul><li><a href="#aes-cbc-description">18.11.1. Description</a></li><li><a href="#aes-cbc-registration">18.11.2. Registration</a></li><li><a href="#aes-cbc-params">18.11.3. AesCbcParams dictionary</a></li><li><a href="#aes-cbc-operations">18.11.4. Operations</a></li></ul></li><li><a href="#aes-cmac">18.12. AES-CMAC</a><ul><li><a href="#aes-cmac-description">18.12.1. Description</a></li><li><a href="#aes-cmac-registration">18.12.2. Registration</a></li><li><a href="#aes-keygen-params">18.12.3. AesCmacParams dictionary</a></li><li><a href="#aes-cmac-operations">18.12.4. Operations</a></li></ul></li><li><a href="#aes-gcm">18.13. AES-GCM</a><ul><li><a href="#aes-gcm-description">18.13.1. Description</a></li><li><a href="#aes-gcm-registration">18.13.2. Registration</a></li><li><a href="#aes-gcm-params">18.13.3. AesGcmParams dictionary</a></li><li><a href="#aes-gcm-operations">18.13.4. Operations</a></li></ul></li><li><a href="#aes-cfb">18.14. AES-CFB</a><ul><li><a href="#aes-cfb-description">18.14.1. Description</a></li><li><a href="#aes-cfb-registration">18.14.2. Registration</a></li><li><a href="#aes-cfb-params">18.14.3. AesCfbParams dictionary</a></li><li><a href="#aes-cfb-operations">18.14.4. Operations</a></li></ul></li><li><a href="#aes-kw">18.15. AES-KW</a><ul><li><a href="#aes-kw-description">18.15.1. Description</a></li><li><a href="#aes-kw-registration">18.15.2. Registration</a></li><li><a href="#aes-kw-operations">18.15.3. Operations</a></li></ul></li><li><a href="#hmac">18.16. HMAC</a><ul><li><a href="#hmac-description">18.16.1. Description</a></li><li><a href="#hmac-registration">18.16.2. Registration</a></li><li><a href="#hmac-importparams">18.16.3. HmacImportParams dictionary</a></li><li><a href="#hmac-keyalgorithm">18.16.4. HmacKeyAlgorithm interface</a></li><li><a href="#hmac-keygen-params">18.16.5. HmacKeyGenParams dictionary</a></li><li><a href="#hmac-derivedkey-params">18.16.6. HmacDerivedKeyParams dictionary</a></li><li><a href="#hmac-operations">18.16.7. Operations</a></li></ul></li><li><a href="#dh">18.17. Diffie-Hellman</a><ul><li><a href="#dh-description">18.17.1. Description</a></li><li><a href="#dh-registration">18.17.2. Registration</a></li><li><a href="#dh-DhKeyGenParams">18.17.3. DhKeyGenParams dictionary</a></li><li><a href="#dh-DhKeyAlgorithm">18.17.4. DhKeyAlgorithm interface</a></li><li><a href="#dh-DhKeyDeriveParams">18.17.5. DhKeyDeriveParams dictionary</a></li><li><a href="#dh-DhImportKeyParams">18.17.6. DhImportKeyParams dictionary</a></li><li><a href="#dh-operations">18.17.7. Operations</a></li></ul></li><li><a href="#sha">18.18. SHA</a><ul><li><a href="#sha-description">18.18.1. Description</a></li><li><a href="#sha-registration">18.18.2. Registration</a></li><li><a href="#sha-operations">18.18.3. Operations</a></li></ul></li><li><a href="#concatkdf">18.19. Concat KDF</a><ul><li><a href="#concatkdf-description">18.19.1. Description</a></li><li><a href="#concatkdf-registration">18.19.2. Registration</a></li><li><a href="#concat-params">18.19.3. ConcatParams dictionary</a></li><li><a href="#concat-operations">18.19.4. Operations</a></li></ul></li><li><a href="#hkdf-ctr">18.20. HKDF-CTR</a><ul><li><a href="#hkdf-ctr-description">18.20.1. Description</a></li><li><a href="#hkdf-ctr-registration">18.20.2. Registration</a></li><li><a href="#hkdf-ctr-params">18.20.3. HkdfCtrParams dictionary</a></li><li><a href="#hkdf2-ctr-operations">18.20.4. Operations</a></li></ul></li><li><a href="#pbkdf2">18.21. PBKDF2</a><ul><li><a href="#pbkdf2-description">18.21.1. Description</a></li><li><a href="#pbkdf2-registration">18.21.2. Registration</a></li><li><a href="#pbkdf2-params">18.21.3. Pbkdf2Params dictionary</a></li><li><a href="#pbkdf2-operations">18.21.4. Operations</a></li></ul></li></ul></li><li><a href="#algorithm-normalizing-rules">19. Algorithm normalizing rules</a></li><li><a href="#examples-section">20. JavaScript Example Code</a><ul><li><a href="#examples-signing">20.1. Generate a signing key pair, sign some data</a></li><li><a href="#examples-symmetric-encryption">20.2. Symmetric Encryption</a></li></ul></li><li><a href="#iana-section">21. IANA Considerations</a><ul><li><a href="#iana-section-jws-jwa">21.1. JSON Web Signature and Encryption Algorithms Registration</a></li><li><a href="#iana-section-jwk">21.2. JSON Web Key Parameters Registry</a></li></ul></li><li><a href="#acknowledgements-section">22. Acknowledgements</a></li><li><a href="#references">23. References</a><ul><li><a href="#normative-references">23.1. Normative References</a></li><li><a href="#informative-references">23.2. Informative References</a></li></ul></li></ul><ul><li><a href="#jwk-mapping">A. Mapping between JSON Web Key / JSON Web Algorithm</a><ul><li><a href="#jwk-mapping-alg">A.1. Algorithm mappings</a></li><li><a href="#jwk-mapping-usage">A.2. Usage mapping</a></li></ul></li><li><a href="#spki-mapping">B. Mapping between Algorithm and SubjectPublicKeyInfo</a></li><li><a href="#pkcs8-mapping">C. Mapping between Algorithm and PKCS#8 PrivateKeyInfo</a></li></ul></div>
     </div>
 
     <div id="sections">
@@ -5025,6 +5025,7 @@
             </code></pre></div></div>
           </div>
           <div id="EcKeyAlgorithm-interface" class="section">
+            <h4>18.8.4. EcKeyAlgorithm interface</h4>
             <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 [NoInterfaceObject]
 interface <dfn id="dfn-EcKeyAlgorithm">EcKeyAlgorithm</dfn> : <a href="#dfn-KeyAlgorithm">KeyAlgorithm</a> {
@@ -5370,18 +5371,774 @@
               </dd>
 
               <dt>Import Key</dt>
-              <dd></dd>
+              <dd>
+                <ol>
+                  <li>
+                    <p>Let <var>keyData</var> be the key data to be imported.</p>
+                  </li>
+                  <li>
+                    <dl class="switch">
+                      <dt>If <var>format</var> is <code>"spki"</code>:</dt>
+                      <dd>
+                        <ol>
+                          <li>
+                            <p>
+                              Let <var>spki</var> be the result of running the
+                              <a href="#concept-parse-a-spki">parse a subjectPublicKeyInfo</a>
+                              algorithm over <var>keyData</var>
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              If an error occurred while parsing, terminate this algorithm with
+                              an error.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              If the <code>algorithm</code> object identifier field of the
+                              <code>algorithm</code> AlgorithmIdentifier field of <var>spki</var> is
+                              not equal to the <code>id-ecPublicKey</code>
+                              object identifier defined in <a href="#RFC5480">RFC 5480</a>,
+                              terminate the algorithm with an error.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              If the <code>parameters</code> field of the <code>algorithm</code>
+                              AlgorithmIdentifier field of <var>spki</var> is absent,
+                              terminate the algorithm with an error.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>params</var> be the <code>parameters</code> field of the
+                              <code>algorithm</code> AlgorithmIdentifier field of <var>spki</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              If <var>params</var> is not an instance of the
+                              <code>namedCurve</code> ASN.1 type defined in <a href="#RFC5480">RFC
+                              5480</a>, terminate this algorithm with an error.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object that
+                              represents the Elliptic Curve public key identified by performing the
+                              conversion steps defined in Section 2.2 of <a href="#RFC5480">RFC
+                              5480</a>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
+                              to <code>"public"</code>
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>algorithm</var> be a new <a href="#dfn-EcKeyAlgorithm">EcKeyAlgorithm</a>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-KeyAlgorithm-name">name</a> attribute of
+                              <var>algorithm</var> to <code>"ECDSA"</code>.
+                            </p>
+                          </li>
+                          <li>
+                            <dl class="switch">
+                              <dt>
+                                If <var>params</var> is equivalent to the <code>secp256r1</code>
+                                object identifier defined in <a href="#RFC5480">RFC 5480</a>:
+                              </dt>
+                              <dd>
+                                <p>
+                                  Set the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                  attribute of <var>algorithm</var> to <code>"P-256"</code>.
+                                </p>
+                              </dd>
+                              <dt>
+                                If <var>params</var> is equivalent to the <code>secp384r1</code>
+                                object identifier defined in <a href="#RFC5480">RFC 5480</a>:
+                              </dt>
+                              <dd>
+                                <p>
+                                  Set the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                  attribute of <var>algorithm</var> to <code>"P-384"</code>.
+                                </p>
+                              </dd>
+                              <dt>
+                                If <var>params</var> is equivalent to the <code>secp521r1</code>
+                                object identifier defined in <a href="#RFC5480">RFC 5480</a>:
+                              </dt>
+                              <dd>
+                                <p>
+                                  Set the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                  attribute of <var>algorithm</var> to <code>"P-521"</code>.
+                                </p>
+                              </dd>
+                              <dt>Otherwise:</dt>
+                              <dd><p>Terminate the algorithm with an error</p></dd>
+                            </dl>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                              <var>key</var> to <var>algorithm</var>.
+                            </p>
+                          </li>
+                        </ol>
+                      </dd>
+                      <dt>If <var>format</var> is <code>"pkcs8"</code>:</dt>
+                      <dd>
+                        <ol>
+                          <li>
+                            <p>
+                              Let <var>privateKeyInfo</var> be the result of running the
+                              <a href="#concept-parse-a-privateKeyInfo">parse a privateKeyInfo</a>
+                              algorithm over <var>keyData</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              If an error occurs while parsing, terminate this algorithm with an
+                              error.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              If the <code>algorithm</code> object identifier field of the
+                              <code>privateKeyAlgorithm</code> PrivateKeyAlgorithm field of
+                              <var>privateKeyInfo</var> is not equal to the
+                              <code>id-ecPublicKey</code> object identifier defined in <a href="#RFC5480">RFC 5480</a>, terminate this algorithm with an error.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              If the <code>parameters</code> field of the
+                              <code>privateKeyAlgorithm</code> PrivateKeyAlgorithmIdentifier field
+                              of <var>privateKeyInfo</var> is not present, terminate this algorithm
+                              with an error.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>params</var> be the <code>parameters</code> field of the
+                              <code>privateKeyAlgorithm</code> PrivateKeyAlgorithmIdentifier field
+                              of <var>privateKeyInfo</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              If the <var>params</var> is not an instance of the
+                              <code>namedCurve</code> ASN.1 type defined in <a href="#RFC5480">RFC
+                              5480</a>, terminate this algorithm with an error.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>ecPrivateKey</var> be the result of performing the <a href="#concept-parse-an-asn1-structure">parse an ASN.1 structure</a>
+                              algorithm, with <var>data</var> as the <code>privateKey</code> field
+                              of <var>privateKeyInfo</var>, <var>structure</var> as the ASN.1
+                              <code>ECPrivateKey</code> structure specified in Section 3 of <a href="#RFC5915">RFC 5915</a>, and <var>exactData</var> set to true.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              If an error occurred while parsing, terminate this algorithm with
+                              an error.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              If the <code>parameters</code> field of <var>ecPrivateKey</var> is
+                              present, and is not an instance of the <code>namedCurve</code> ASN.1
+                              type defined in <a href="#RFC5480">RFC 5480</a>, or does not contain
+                              the same object identifier as the <code>parameters</code> field of the
+                              <code>privateKeyAlgorithm</code> PrivateKeyAlgorithmIdentifier field
+                              of <var>privateKeyInfo</var>, terminate this algorithm with an error.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object that
+                              represents the Elliptic Curve private key identified by performing the
+                              conversion steps defined in Section 3 of <a href="#RFC5915">RFC
+                              5915</a>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
+                              to <code>"private"</code>
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>algorithm</var> be a new <a href="#dfn-EcKeyAlgorithm">EcKeyAlgorithm</a>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-KeyAlgorithm-name">name</a> attribute of
+                              <var>algorithm</var> to <code>"ECDSA"</code>.
+                            </p>
+                          </li>
+                          <li>
+                            <dl class="switch">
+                              <dt>
+                                If <var>params</var> is equivalent to the <code>secp256r1</code>
+                                object identifier defined in <a href="#RFC5480">RFC 5480</a>:
+                              </dt>
+                              <dd>
+                                <p>
+                                  Set the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                  attribute of <var>algorithm</var> to <code>"P-256"</code>.
+                                </p>
+                              </dd>
+                              <dt>
+                                If <var>params</var> is equivalent to the <code>secp384r1</code>
+                                object identifier defined in <a href="#RFC5480">RFC 5480</a>:
+                              </dt>
+                              <dd>
+                                <p>
+                                  Set the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                  attribute of <var>algorithm</var> to <code>"P-384"</code>.
+                                </p>
+                              </dd>
+                              <dt>
+                                If <var>params</var> is equivalent to the <code>secp521r1</code>
+                                object identifier defined in <a href="#RFC5480">RFC 5480</a>:
+                              </dt>
+                              <dd>
+                                <p>
+                                  Set the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                  attribute of <var>algorithm</var> to <code>"P-521"</code>.
+                                </p>
+                              </dd>
+                              <dt>Otherwise:</dt>
+                              <dd><p>Terminate the algorithm with an error</p></dd>
+                            </dl>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                              <var>key</var> to <var>algorithm</var>.
+                            </p>
+                          </li>
+                        </ol>
+                      </dd>
+                      <dt>If <var>format</var> is <code>"jwk"</code>:</dt>
+                      <dd>
+                        <ol>
+                          <li>
+                            <p>
+                              Let <var>jwk</var> be the result of running the
+                              <a href="#concept-parse-a-jwk">parse a JWK</a> algorithm over
+                              <var>keyData</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              If an error occurred while parsing, terminate this algorithm with
+                              an error.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              If the <code>"kty"</code> field of <var>jwk</var> is not a
+                              case-sensitive string match to <code>"EC"</code>, terminate this
+                              algorithm with an error.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              If the <code>"use"</code> field of <var>jwk</var> is present, and is
+                              not a case-sensitive string match to <code>"sig"</code>, terminate
+                              this algorithm with an error.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              If the <code>"key_ops"</code> field of <var>jwk</var> is present, and
+                              is invalid according to the requirements of <a href="#JWK">JSON Web
+                              Key</a>, or it does not contain all of the specified <var>usages</var>
+                              values, terminate this algorithm with an error.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              If the <code>"ext"</code> field of <var>jwk</var> is present and
+                              has the value false and <var>extractable</var> is true,
+                              terminate this algorithm with an error.
+                            </p>
+                          </li>
+                          <li>
+                            <dl class="switch">
+                              <dt>If the <code>"d"</code> field is present:</dt>
+                              <dd>
+                                <ol>
+                                  <li>
+                                    <p>
+                                      If <var>jwk</var> does not meet the requirements of Section
+                                      6.2.2 of <a href="#JWA">JSON Web Algorithms</a>, terminate
+                                      this algorithm with an error.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object
+                                      that represents the Elliptic Curve private key identified by
+                                      interpreting <var>jwk</var> according to Section 6.2.2 of <a href="#JWA">JSON Web Algorithms</a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Set the <a href="#dfn-Key-type">type</a> attribute of
+                                      <var>Key</var> to <code>"private"</code>.
+                                    </p>
+                                  </li>
+                                </ol>
+                              </dd>
+                              <dt>Otherwise:</dt>
+                              <dd>
+                                <ol>
+                                  <li>
+                                    <p>
+                                      If <var>jwk</var> does not meet the requirements of Section
+                                      6.2.1 of <a href="#JWA">JSON Web Algorithms</a>, terminate
+                                      this algorithm with an error.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object
+                                      that represents the Elliptic Curve public key identified by
+                                      interpreting <var>jwk</var> according to Section 6.2.1 of <a href="#JWA">JSON Web Algorithms</a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Set the <a href="#dfn-Key-type">type</a> attribute of
+                                      <var>Key</var> to <code>"public"</code>.
+                                    </p>
+                                  </li>
+                                </ol>
+                              </dd>
+                            </dl>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>algorithm</var> be a new instance of an <a href="#EcKeyAlgorithm">EcKeyAlgorithm</a> object.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-KeyAlgorithm-name">name</a> attribute of
+                              <var>algorithm</var> to <code>"ECDSA"</code>.
+                            </p>
+                          </li>
+                          <li>
+                            <dl class="switch">
+                              <dt>
+                                If the <code>"crv"</code> field of <var>jwk</var> is a
+                                case-sensitive string match to <code>"P-256"</code>
+                              </dt>
+                              <dd>
+                                <p>
+                                  Set the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                  attribute of <var>algorithm</var> to <code>"P-256"</code>.
+                                </p>
+                              </dd>
+                              <dt>
+                                If the <code>"crv"</code> field of <var>jwk</var> is a
+                                case-sensitive string match to <code>"P-384"</code>
+                              </dt>
+                              <dd>
+                                <p>
+                                  Set the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                  attribute of <var>algorithm</var> to <code>"P-384"</code>.
+                                </p>
+                              </dd>
+                              <dt>
+                                If the <code>"crv"</code> field of <var>jwk</var> is a
+                                case-sensitive string match to <code>"P-521"</code>
+                              </dt>
+                              <dd>
+                                <p>
+                                  Set the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                  attribute of <var>algorithm</var> to <code>"P-521"</code>.
+                                </p>
+                              </dd>
+                              <dt>Otherwise:</dt>
+                              <dd><p>Terminate the algorithm with an error</p></dd>
+                            </dl>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                              <var>key</var> to <var>algorithm</var>.
+                            </p>
+                          </li>
+                        </ol>
+                      </dd>
+                      <dt>Otherwise:</dt>
+                      <dd><p>Terminate the algorithm with an error.</p></dd>
+                    </dl>
+                  </li>
+                  <li>
+                    <p>
+                      Return <var>key</var>
+                    </p>
+                  </li>
+                </ol>
+              </dd>
+
               <dt>Export Key</dt>
-              <dd></dd>
+              <dd>
+                <ol>
+                  <li>
+                    <p>
+                      Let <var>key</var> be the <a href="#dfn-Key">Key</a> to be exported.
+                    </p>
+                  </li>
+                  <li>
+                    <dl class="switch">
+                      <dt>If <var>format</var> is <code>"spki"</code>:</dt>
+                      <dd>
+                        <ol>
+                          <li>
+                            <p>
+                              If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> is
+                              not <code>"public"</code>, terminate this algorithm with an error.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be the result of <a href="#concept-encode-a-subjectPublicKeyInfo">encoding a
+                              subjectPublicKeyInfo</a> with the following properties:
+                            </p>
+                            <ul>
+                              <li>
+                                <p>
+                                  Set the <var>algorithm</var> field to an
+                                  <code>AlgorithmIdentifier</code> ASN.1 type with the following
+                                  properties:
+                                </p>
+                                <ul>
+                                  <li>
+                                    <p>
+                                      Set the <var>algorithm</var> object identifier to the OID
+                                      <code>1.2.840.10045.2.1</code>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Set the <var>parameters</var> field to an instance of the
+                                      <code>namedCurve</code> ASN.1 type as follows:
+                                    </p>
+                                    <dl class="switch">
+                                      <dt>
+                                        If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
+                                        attribute of <var>key</var> is <code>"P-256"</code>:
+                                      </dt>
+                                      <dd>
+                                        <p>
+                                          Let the <var>namedCurve</var> be the object identifier
+                                          <code>secp256r1</code> defined in <a href="#RFC5480">RFC
+                                          5480</a>
+                                        </p>
+                                      </dd>
+                                      <dt>
+                                        If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
+                                        attribute of <var>key</var> is <code>"P-384"</code>:
+                                      </dt>
+                                      <dd>
+                                        <p>
+                                          Let the <var>namedCurve</var> be the object identifier
+                                          <code>secp384r1</code> defined in <a href="#RFC5480">RFC
+                                          5480</a>
+                                        </p>
+                                      </dd>
+                                      <dt>
+                                        If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
+                                        attribute of <var>key</var> is <code>"P-521"</code>:
+                                      </dt>
+                                      <dd>
+                                        <p>
+                                          Let the <var>namedCurve</var> be the object identifier
+                                          <code>secp521r1</code> defined in <a href="#RFC5480">RFC
+                                          5480</a>
+                                        </p>
+                                      </dd>
+                                      <dt>Otherwise:</dt>
+                                      <dd>
+                                        <p>Terminate this algorithm with an error</p>
+                                      </dd>
+                                    </dl>
+                                  </li>
+                                </ul>
+                              </li>
+                              <li>
+                                <p>
+                                  Set the <var>subjectPublicKey</var> field to the octet string that
+                                  represents the Elliptic Curve public key identified by
+                                  <var>key</var> according to the encoding rules specified in
+                                  Section 2.2 of <a href="#RFC5480">RFC 5480</a> and using the
+                                  uncompressed form.
+                                </p>
+                              </li>
+                            </ul>
+                          </li>
+                        </ol>
+                      </dd>
+                      <dt>If <var>format</var> is <code>"pkcs8"</code>:</dt>
+                      <dd>
+                        <ol>
+                          <li>
+                            <p>
+                              If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
+                              is not <code>"private"</code>, terminate this algorithm with an
+                              error.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be the result of <a href="#concept-encode-a-privateKeyInfo">encoding a
+                              privateKeyInfo</a> with the following properties:
+                            </p>
+                            <ul>
+                              <li>
+                                <p>
+                                  Set the <var>version</var> field to <code>0</code>.
+                                </p>
+                              </li>
+                              <li>
+                                <p>
+                                  Set the <var>privateKeyAlgorithm</var> field to an
+                                  <code>PrivateKeyAlgorithmIdentifier</code> ASN.1 type with the
+                                  following properties:
+                                </p>
+                                <ul>
+                                  <li>
+                                    <p>
+                                      Set the <var>algorithm</var> object identifier to the OID
+                                      <code>1.2.840.10045.2.1</code>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Set the <var>parameters</var> field to an instance of the
+                                      <code>namedCurve</code> ASN.1 type as follows:
+                                    </p>
+                                    <dl class="switch">
+                                      <dt>
+                                        If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
+                                        attribute of <var>key</var> is <code>"P-256"</code>:
+                                      </dt>
+                                      <dd>
+                                        <p>
+                                          Let the <var>namedCurve</var> be the object identifier
+                                          <code>secp256r1</code> defined in <a href="#RFC5480">RFC
+                                          5480</a>
+                                        </p>
+                                      </dd>
+                                      <dt>
+                                        If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
+                                        attribute of <var>key</var> is <code>"P-384"</code>:
+                                      </dt>
+                                      <dd>
+                                        <p>
+                                          Let the <var>namedCurve</var> be the object identifier
+                                          <code>secp384r1</code> defined in <a href="#RFC5480">RFC
+                                          5480</a>
+                                        </p>
+                                      </dd>
+                                      <dt>
+                                        If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
+                                        attribute of <var>key</var> is <code>"P-521"</code>:
+                                      </dt>
+                                      <dd>
+                                        <p>
+                                          Let the <var>namedCurve</var> be the object identifier
+                                          <code>secp521r1</code> defined in <a href="#RFC5480">RFC
+                                          5480</a>
+                                        </p>
+                                      </dd>
+                                      <dt>Otherwise:</dt>
+                                      <dd>
+                                        <p>Terminate this algorithm with an error</p>
+                                      </dd>
+                                    </dl>
+                                  </li>
+                                </ul>
+                              </li>
+                              <li>
+                                <p>
+                                  Set the <var>privateKey</var> field to the result of DER-encoding
+                                  an instance of the <code>ECPrivateKey</code> structure defined in
+                                  Section 3 of <a href="#RFC5915">RFC 5915</a> for the Elliptic
+                                  Curve private key represented by <var>key</var> and that conforms
+                                  to the following:
+                                </p>
+                                <ul>
+                                  <li>
+                                    <p>
+                                      The <var>parameters</var> field is present, and is equivalent
+                                      to the <var>parameters</var> field of the
+                                      <var>privateKeyAlgorithm</var> field of this
+                                      <code>PrivateKeyInfo</code> ASN.1 structure.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      The <var>publicKey</var> field is present and represents the
+                                      Elliptic Curve public key associated with the Elliptic Curve
+                                      private key represented by <var>key</var>.
+                                    </p>
+                                  </li>
+                                </ul>
+                              </li>
+                            </ul>
+                          </li>
+                        </ol>
+                      </dd>
+                      <dt>If <var>format</var> is <code>"jwk"</code>:</dt>
+                      <dd>
+                        <ol>
+                          <li>
+                            <p>
+                              Let <var>jwk</var> be a new internal object.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>kty</code> property of <var>jwk</var> to
+                              <code>"EC"</code>.
+                            </p>
+                          </li>
+                          <li>
+                            <dl class="switch">
+                              <dt>
+                                If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
+                                attribute of <var>key</var> is <code>P-256</code>:
+                              </dt>
+                              <dd>
+                                Set the <code>crv</code> property of <var>jwk</var> to
+                                <code>"P-256"</code>
+                              </dd>
+                              <dt>
+                                If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
+                                attribute of <var>key</var> is <code>P-384</code>:
+                              </dt>
+                              <dd>
+                                Set the <code>crv</code> property of <var>jwk</var> to
+                                <code>"P-384"</code>
+                              </dd>
+                              <dt>
+                                If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+                                attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
+                                attribute of <var>key</var> is <code>P-521</code>:
+                              </dt>
+                              <dd>
+                                Set the <code>crv</code> property of <var>jwk</var> to
+                                <code>"P-521"</code>
+                              </dd>
+                              <dt>Otherwise</dt>
+                              <dd><p>Terminate this algorithm with an error</p></dd>
+                            </dl>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>x</code> property of <var>jwk</var> according to the
+                              definition in Section 6.2.1.2 of <a href="#JWA">JSON Web
+                              Algorithms</a>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>y</code> property of <var>jwk</var> according to the
+                              definition in Section 6.2.1.3 of <a href="#JWA">JSON Web
+                              Algorithms</a>.
+                            </p>
+                          </li>
+                          <li>
+                            <dl class="switch">
+                              <dt>
+                                If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
+                                is <code>private</code>
+                              </dt>
+                              <dd>
+                                <p>
+                                  Set the <code>d</code> property of <var>jwk</var> according to the
+                                  definition in Section 6.2.2.1 of <a href="#JWA">JSON Web
+                                  Algorithms</a>.
+                                </p>
+                              </dd>
+                            </dl>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>key_ops</code> property of <var>jwk</var> to the
+                              <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>ext</code> property of <var>jwk</var> to the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                              <var>key</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
+                              into a string according to the grammer specified in Section 15.12 of
+                              <a href="#ECMA-262">ECMA262</a>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>data</var> be the UTF-8 encoding of
+                              <var>stringifiedJwk</var>.
+                            </p>
+                          </li>
+                        </ol>
+                      <dt>Otherwise:</dt>
+                      <dd><p>Terminate this algorithm with an error</p></dd>
+                      </dd>
+                    </dl>
+                  </li>
+                  <li>
+                    <p>
+                      Let <var>data</var> be a new <code>ArrayBuffer</code> that contains
+                      <var>result</var>.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Return <var>data</var>.
+                    </p>
+                  </li>
+                </ol>
+              </dd>
             </dl>
           </div>
           <div class="ednote"><div class="ednoteHeader">Editorial note</div>
             <p>
-              TODO: Figure out what to do if "alg" is present on a JWK when importing, as "alg"
-              also (potentially) indicates an inner hash algorithm (e.g. "ES256" indicates a
-              namedCurve of "P-256", but also a hash of "SHA-256"). However, "alg" is optional,
-              and all that is required when importing is a "kty" of "EC". This also requires
-              thinking through the export/wrap case.
+              OPEN ISSUE: The import/export of JWK ignores the "alg" field, because it does not
+              provide a 1:1 mapping between ECDSA (which choses the hash at sign/verify time,
+              because it is safe to do so) and the JWS alg (which incorporates the hash algorithm).
             </p>
           </div>
         </div>
@@ -5465,7 +6222,7 @@
                 </li>
                 <li>
                   <p>
-                    Generate an Eliptic Curve key pair, as defined in [<a href="#X9.63">X9.63</a>]
+                    Generate an Elliptic Curve key pair, as defined in [<a href="#X9.63">X9.63</a>]
                     with domain parameters for the curve identified by
                     the <a href="#dfn-ExKeyGenParams-namedCurve">namedCurve</a> property of
                     <var>normalizedAlgorithm</var>.