Bug 24410 - operation procedures for RSA-PSS
authorMark Watson <watsonm@netflix.com>
Fri, 07 Feb 2014 13:17:56 -0800
changeset 99 eb3de72d891e
parent 98 502b2f0ec14d
child 100 5d63e9c2c919
Bug 24410 - operation procedures for RSA-PSS
spec/Overview-WebCryptoAPI.xml
--- a/spec/Overview-WebCryptoAPI.xml	Fri Feb 07 13:06:01 2014 -0800
+++ b/spec/Overview-WebCryptoAPI.xml	Fri Feb 07 13:17:56 2014 -0800
@@ -3340,7 +3340,7 @@
               The <code>"RSA-OAEP"</code> algorithm identifier is used to perform encryption
               and decryption ordering to the RSAES-OAEP algorithm specified in
               [<cite><a href="#RFC3447">RFC3447</a></cite>], using the mask
-              generation function MGF-1.
+              generation function MGF1.
             </p>
           </div>
           <div id="rsa-oaep-registration" class="section">
@@ -3374,16 +3374,6 @@
                   <td><a href="#dfn-KeyPair">KeyPair</a></td>
                 </tr>
                 <tr>
-                  <td>wrapKey</td>
-                  <td><a href="#dfn-RsaOaepParams">RsaOaepParams</a></td>
-                  <td>ArrayBuffer</td>
-                </tr>
-                <tr>
-                  <td>unwrapKey</td>
-                  <td><a href="#dfn-RsaOaepParams">RsaOaepParams</a></td>
-                  <td><a href="#dfn-Key">Key</a></td>
-                </tr>
-                <tr>
                   <td>importKey</td>
                   <td>None</td>
                   <td><a href="#dfn-Key">Key</a></td>
@@ -3422,10 +3412,141 @@
             <h4>Operations</h4>
             <dl>
               <dt>Encrypt</dt>
-              <dd></dd>
+              <dd>
+                <ol>
+                    <li>
+                        <p>
+                            If <var>key</var> does not have key type <code>public</code>, terminate this algorithm with an error.
+                        </p>
+                    </li>
+                    <li>
+                      <p>
+                      If any of the members of <a href="#dfn-RsaOaepParams">RsaOaepParams</a> are not present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate this algorithm with an error.
+                      </p>
+                    </li>
+                    <li>
+                        <p>
+                            Perform the encrytion operation defined in Section 7.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var> as the recipient's RSA public key, the contents of <var>plaintext</var> as the message to be encrypted, M, and <var>normalizedAlgorithm</var><code>.label</code> as the label, L, and with the hash function identified by <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option and MGF1 (defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as the MGF option.
+                            <ol>
+                                <li>
+                                    <p>
+                                        If performing the operation results in an error, terminate this algorithm with an error.
+                                    </p>
+                                </li>
+                                <li>
+                                    <p>
+                                        Otherwise, let <var>ciphertext</var> be a new <code>ArrayBuffer</code> containing the value C that results from performing the operation.
+                                    </p>
+                                </li>
+                            </ol>
+                        </p>
+                    </li>
+                </ol>
+              </dd>
               <dt>Decrypt</dt>
+              <dd>
+                <ol>
+                    <li>
+                        <p>
+                            If <var>key</var> does not have key type <code>private</code>, terminate this algorithm with an error.
+                        </p>
+                    </li>
+                    <li>
+                      <p>
+                      If any of the members of <a href="#dfn-RsaOaepParams">RsaOaepParams</a> are not present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate this algorithm with an error.
+                      </p>
+                    </li>
+                    <li>
+                        <p>
+                            Perform the decryption operation defined in Section 7.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var> as the recipient's RSA private key, the contents of <var>ciphertext</var> as the cipertext to be decrypted, C, and <var>normalizedAlgorithm</var><code>.label</code> as the label, L, and with the hash function identified by <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option and MGF1 (defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as the MGF option.
+                            <ol>
+                                <li>
+                                    <p>
+                                        If performing the operation results in an error, terminate this algorithm with an error.
+                                    </p>
+                                </li>
+                                <li>
+                                    <p>
+                                        Otherwise, let <var>plaintext</var> be a new <code>ArrayBuffer</code> containing the value M that results from performing the operation.
+                                    </p>
+                                </li>
+                            </ol>
+                        </p>
+                    </li>
+                </ol>
+              </dd>
+              <dt>Generate Key</dt>
+              <dd>
+                <ol>
+                  <li>
+                    <p>
+                    If any of the members of <a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a> are not present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate this algorithm with an error.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                    Generate an RSA key pair, as defined in [<cite><a href="#RFC3447">RFC3447</a></cite>], with RSA modulus length <var>normalizedAlgorithm</var><code>.modulusLength</code> and RSA public exponent <var>normalizedAlgorithm</var><code>.publicExponent</code>.
+                      <ul>
+                        <li>
+                          <p>
+                          If generation of the key pair fails, terminate this algorithm with an error.
+                          </p>
+                        </li>
+                        <li>
+                          <p>
+                            Otherwise,
+                            <ol>
+                              <li>
+                                <p>
+                                  Let <var>result</var> be a new <a href="#dfn-KeyPair"><code>KeyPair</code></a> object
+                                </p>
+                              </li>
+                              <li>
+                                <p>
+                                  Let <var>result</var><code>.publicKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the public key of the generated key pair.
+                                </p>
+                              </li>
+                              <li>
+                                <p>
+                                  Let <var>result</var><code>.publicKey.extractable</code> be <code>true</code>
+                                </p>
+                              </li>
+                              <li>
+                                <p>
+                                  Let <var>result</var><code>.publicKey.keyUsages</code> be the intersection of <var>usages</var> and <code>[ "encrypt", "wrapKey" ]</code>.
+                                </p>
+                              </li>
+                              <li>
+                                <p>
+                                  Let <var>result</var><code>.privateKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the private key of the generated key pair.
+                                </p>
+                              </li>
+                              <li>
+                                <p>
+                                  Let <var>result</var><code>.privateKey.extractable</code> be <var>extractable</var>.
+                                </p>
+                              </li>
+                              <li>
+                                <p>
+                                  Let <var>result</var><code>.privateKey.keyUsages</code> be the intersection of <var>usages</var> and <code>[ "decrypt", "unwrapKey" ]</code>.
+                                </p>
+                              </li>
+                              <li>
+                                <p>
+                                  Return <var>result</var>.
+                                </p>
+                              </li>
+                            </ol>
+                          </p>
+                        </li>
+                      </ul>
+                    </p>
+                  </li>
+                </ol>
+              </dd>
+              <dt>Import Key</dt>
               <dd></dd>
-              <dt>Generate Key</dt>
+              <dt>Export Key</dt>
               <dd></dd>
               <dt>Wrap Key</dt>
               <dd></dd>