Bug 25618: support extensibility of the hash algorthm for RSASSA-PKCS1-v1_5
authorMark Watson <watsonm@netflix.com>
Mon, 22 Sep 2014 11:28:12 -0700
changeset 206 9bbed12284ea
parent 205 93a00e50f184
child 207 8a27ffbcd922
Bug 25618: support extensibility of the hash algorthm for RSASSA-PKCS1-v1_5
spec/Overview-WebCryptoAPI.xml
spec/Overview.html
--- a/spec/Overview-WebCryptoAPI.xml	Thu Sep 11 09:52:54 2014 -0700
+++ b/spec/Overview-WebCryptoAPI.xml	Mon Sep 22 11:28:12 2014 -0700
@@ -3557,6 +3557,13 @@
             signing and verification using the RSASSA-PKCS1-v1_5 algorithm specified in
             [<cite><a href="#RFC3447">RFC3447</a></cite>].
           </p>
+          <p>
+            <a href="#dfn-applicable-specification">Other specifications</a>
+            may specify the use of additional hash algorithms with RSASSA-PKCS1-v1_5. Such specifications
+            must define
+            <dfn id="dfn-rsa-ssa-extended-import-steps">key import steps</dfn> and
+            <dfn id="dfn-rsa-ssa-extended-export-steps">key export steps</dfn>.
+          </p>
         </div>
         <div id="rsassa-pkcs1-registration" class="section">
           <h4>Registration</h4>
@@ -3887,6 +3894,34 @@
                   <p>Let <var>keyData</var> be the key data to be imported.</p>
                 </li>
                 <li>
+                  <p>
+                    Perform any <a href="#dfn-rsa-ssa-extended-import-steps">key import steps</a>
+                    defined by <a href="#dfn-applicable-specifications">other applicable
+                    specifications</a>, passing <var>keyData</var> and obtaining <var>result</var>.
+                    <dl class="switch">
+                      <dt>
+                        If <var>result</var> is a <a href="#dfn-CryptoKey">CryptoKey</a>
+                        object
+                      </dt>
+                      <dd>
+                        <p>
+                          Return <var>result</var>.
+                        </p>
+                      </dd>
+                      <dt>
+                        If <var>result</var> is an error with a name that is not
+                        <a href="#dfn-NotSupportedError"><code>NotSupportedError</code></a>
+                      </dt>
+                      <dd>
+                        <p>
+                          <a href="#concept-return-an-error">Return an error</a> with the same name
+                          as <var>result</var>.
+                        </p>
+                      </dd>
+                    </dl>
+                  </p>
+                </li>
+                <li>
                   <dl class="switch">
                     <dt>If <var>format</var> is <code>"spki"</code>:</dt>
                     <dd>
@@ -4397,6 +4432,44 @@
                   </p>
                 </li>
                 <li>
+                  <p>
+                    Perform any <a href="#dfn-rsa-ssa-extended-export-steps">key export steps</a>
+                    defined by <a href="#dfn-applicable-specifications">other applicable
+                    specifications</a>, passing <var>key</var> and obtaining <var>result</var>.
+                    <dl class="switch">
+                      <dt>
+                        If <var>format</var> is <code>"spki"</code> or <code>"pkcs8"</code> and
+                        <var>result</var> is an <a href="#dfn-ArrayBuffer">ArrayBuffer</a>
+                        object
+                      </dt>
+                      <dd>
+                        <p>
+                          Return <var>result</var>.
+                        </p>
+                      </dd>
+                      <dt>
+                        If <var>format</var> is <code>"jwk"</code> and
+                        <var>result</var> is not an error
+                      </dt>
+                      <dd>
+                        <p>
+                          Return <var>result</var>.
+                        </p>
+                      </dd>
+                      <dt>
+                        If <var>result</var> is an error with a name that is not
+                        <a href="#dfn-NotSupportedError"><code>NotSupportedError</code></a>
+                      </dt>
+                      <dd>
+                        <p>
+                          <a href="#concept-return-an-error">Return an error</a> with the same name
+                          as <var>result</var>.
+                        </p>
+                      </dd>
+                    </dl>
+                  </p>
+                </li>
+                <li>
                   <dl class="switch">
                     <dt>If <var>format</var> is <code>"spki"</code></dt>
                     <dd>
--- a/spec/Overview.html	Thu Sep 11 09:52:54 2014 -0700
+++ b/spec/Overview.html	Mon Sep 22 11:28:12 2014 -0700
@@ -28,7 +28,7 @@
   <link rel="stylesheet" href="//www.w3.org/StyleSheets/TR/W3C-ED" type="text/css" /></head>
 
   <body>
-    <div class="head"><div><a href="http://www.w3.org/"><img src="//www.w3.org/Icons/w3c_home" width="72" height="48" alt="W3C" /></a></div><h1>Web Cryptography API</h1><h2>W3C Editor’s Draft <em>11 September 2014</em></h2><dl><dt>Latest Editor’s Draft:</dt><dd><a href="http://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html">http://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html</a></dd><dt>Latest Published Version:</dt><dd><a href="http://www.w3.org/TR/WebCryptoAPI/">http://www.w3.org/TR/WebCryptoAPI/</a></dd><dt>Previous Version(s):</dt><dd><a href="https://dvcs.w3.org/hg/webcrypto-api/raw-file/0fe9b34c13fb/spec/Overview.html">https://dvcs.w3.org/hg/webcrypto-api/raw-file/0fe9b34c13fb/spec/Overview.html</a></dd><dt>Editors:</dt><dd><a href="http://www.google.com/">Ryan Sleevi</a>, Google, Inc. &lt;[email protected]&gt;</dd><dd><a href="http://www.netflix.com/">Mark Watson</a>, Netflix &lt;[email protected]&gt;</dd><dt>Participate:</dt><dd><p>Send feedback to <a href="mailto:[email protected]?subject=%5BWebCryptoAPI%5D">[email protected]</a> (<a href="http://lists.w3.org/Archives/Public/public-webcrypto/">archives</a>), or <a href="https://www.w3.org/Bugs/Public/enter_bug.cgi?product=Web%20Cryptography&amp;component=Web%20Cryptography%20API%20Document">file a bug</a> 
+    <div class="head"><div><a href="http://www.w3.org/"><img src="//www.w3.org/Icons/w3c_home" width="72" height="48" alt="W3C" /></a></div><h1>Web Cryptography API</h1><h2>W3C Editor’s Draft <em>22 September 2014</em></h2><dl><dt>Latest Editor’s Draft:</dt><dd><a href="http://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html">http://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html</a></dd><dt>Latest Published Version:</dt><dd><a href="http://www.w3.org/TR/WebCryptoAPI/">http://www.w3.org/TR/WebCryptoAPI/</a></dd><dt>Previous Version(s):</dt><dd><a href="https://dvcs.w3.org/hg/webcrypto-api/raw-file/0fe9b34c13fb/spec/Overview.html">https://dvcs.w3.org/hg/webcrypto-api/raw-file/0fe9b34c13fb/spec/Overview.html</a></dd><dt>Editors:</dt><dd><a href="http://www.google.com/">Ryan Sleevi</a>, Google, Inc. &lt;[email protected]&gt;</dd><dd><a href="http://www.netflix.com/">Mark Watson</a>, Netflix &lt;[email protected]&gt;</dd><dt>Participate:</dt><dd><p>Send feedback to <a href="mailto:[email protected]?subject=%5BWebCryptoAPI%5D">[email protected]</a> (<a href="http://lists.w3.org/Archives/Public/public-webcrypto/">archives</a>), or <a href="https://www.w3.org/Bugs/Public/enter_bug.cgi?product=Web%20Cryptography&amp;component=Web%20Cryptography%20API%20Document">file a bug</a> 
     (see <a href="https://www.w3.org/Bugs/Public/buglist.cgi?product=Web%20Cryptography&amp;component=Web%20Cryptography%20API%20Document&amp;resolution=---">existing bugs</a>).</p></dd></dl><p class="copyright"><a href="http://www.w3.org/Consortium/Legal/ipr-notice#Copyright">Copyright</a> &copy; view <a href="http://www.w3.org/"><abbr title="World Wide Web Consortium">W3C</abbr></a><sup>&reg;</sup> (<a href="http://www.csail.mit.edu/"><abbr title="Massachusetts Institute of Technology">MIT</abbr></a>, <a href="http://www.ercim.org/"><abbr title="European Research Consortium for Informatics and Mathematics">ERCIM</abbr></a>, <a href="http://www.keio.ac.jp/">Keio</a>), All Rights Reserved. W3C <a href="http://www.w3.org/Consortium/Legal/ipr-notice#Legal_Disclaimer">liability</a>, <a href="http://www.w3.org/Consortium/Legal/ipr-notice#W3C_Trademarks">trademark</a> and <a href="http://www.w3.org/Consortium/Legal/copyright-documents">document use</a> rules apply.</p></div><hr />
 
     <div class="section">
@@ -56,7 +56,7 @@
         report can be found in the <a href="http://www.w3.org/TR/">W3C technical
           reports index</a> at http://www.w3.org/TR/.
       </em></p><p>
-        This document is the 11 September 2014 <b>Editor’s Draft</b> of the
+        This document is the 22 September 2014 <b>Editor’s Draft</b> of the
         <cite>Web Cryptography API</cite> specification.
       
       Please send comments about this document to
@@ -3503,6 +3503,13 @@
             signing and verification using the RSASSA-PKCS1-v1_5 algorithm specified in
             [<cite><a href="#RFC3447">RFC3447</a></cite>].
           </p>
+          <p>
+            <a href="#dfn-applicable-specification">Other specifications</a>
+            may specify the use of additional hash algorithms with RSASSA-PKCS1-v1_5. Such specifications
+            must define
+            <dfn id="dfn-rsa-ssa-extended-import-steps">key import steps</dfn> and
+            <dfn id="dfn-rsa-ssa-extended-export-steps">key export steps</dfn>.
+          </p>
         </div>
         <div id="rsassa-pkcs1-registration" class="section">
           <h4>22.2. Registration</h4>
@@ -3822,6 +3829,34 @@
                   <p>Let <var>keyData</var> be the key data to be imported.</p>
                 </li>
                 <li>
+                  <p>
+                    Perform any <a href="#dfn-rsa-ssa-extended-import-steps">key import steps</a>
+                    defined by <a href="#dfn-applicable-specifications">other applicable
+                    specifications</a>, passing <var>keyData</var> and obtaining <var>result</var>.
+                    <dl class="switch">
+                      <dt>
+                        If <var>result</var> is a <a href="#dfn-CryptoKey">CryptoKey</a>
+                        object
+                      </dt>
+                      <dd>
+                        <p>
+                          Return <var>result</var>.
+                        </p>
+                      </dd>
+                      <dt>
+                        If <var>result</var> is an error with a name that is not
+                        <a href="#dfn-NotSupportedError"><code>NotSupportedError</code></a>
+                      </dt>
+                      <dd>
+                        <p>
+                          <a href="#concept-return-an-error">Return an error</a> with the same name
+                          as <var>result</var>.
+                        </p>
+                      </dd>
+                    </dl>
+                  </p>
+                </li>
+                <li>
                   <dl class="switch">
                     <dt>If <var>format</var> is <code>"spki"</code>:</dt>
                     <dd>
@@ -4313,6 +4348,44 @@
                   </p>
                 </li>
                 <li>
+                  <p>
+                    Perform any <a href="#dfn-rsa-ssa-extended-export-steps">key export steps</a>
+                    defined by <a href="#dfn-applicable-specifications">other applicable
+                    specifications</a>, passing <var>key</var> and obtaining <var>result</var>.
+                    <dl class="switch">
+                      <dt>
+                        If <var>format</var> is <code>"spki"</code> or <code>"pkcs8"</code> and
+                        <var>result</var> is an <a href="#dfn-ArrayBuffer">ArrayBuffer</a>
+                        object
+                      </dt>
+                      <dd>
+                        <p>
+                          Return <var>result</var>.
+                        </p>
+                      </dd>
+                      <dt>
+                        If <var>format</var> is <code>"jwk"</code> and
+                        <var>result</var> is not an error
+                      </dt>
+                      <dd>
+                        <p>
+                          Return <var>result</var>.
+                        </p>
+                      </dd>
+                      <dt>
+                        If <var>result</var> is an error with a name that is not
+                        <a href="#dfn-NotSupportedError"><code>NotSupportedError</code></a>
+                      </dt>
+                      <dd>
+                        <p>
+                          <a href="#concept-return-an-error">Return an error</a> with the same name
+                          as <var>result</var>.
+                        </p>
+                      </dd>
+                    </dl>
+                  </p>
+                </li>
+                <li>
                   <dl class="switch">
                     <dt>If <var>format</var> is <code>"spki"</code></dt>
                     <dd>