--- a/spec/Overview-WebCryptoAPI.xml Mon Jun 16 00:00:00 2014 -0700
+++ b/spec/Overview-WebCryptoAPI.xml Mon Jun 16 00:00:00 2014 -0700
@@ -623,34 +623,38 @@
</li>
<li>
<p>
- Let <var>json</var> be the unicode string that results from interpreting
+ Let <var>json</var> be the Unicode string that results from interpreting
<var>data</var> according to UTF-8.
</p>
</li>
<li>
<p>
- Let <var>result</var> be the result of translating <var>json</var> into an internal
- object using the grammar specified in Section 15.12 of <a href="#ECMA-262">ECMA
- 262</a>.
+ Convert <var>json</var> to UTF-16.
</p>
</li>
<li>
<p>
- If <var>result</var> does not describe an Object type,
- then <a href="#concept-return-an-error">return an error</a> named
- <a href="#dfn-DataError"><code>DataError</code></a>.
+ Let <var>result</var> be the object literal that results from executing the
+ <code>JSON.parse</code> internal function, with <code>text</code>
+ argument set to a JavaScript String containing <var>json</var>.
</p>
</li>
<li>
<p>
- If the <code>"kty"</code> field of <var>result</var> is not present, or is not a
- string value, then <a href="#concept-return-an-error">return an error</a> named
- <a href="#dfn-DataError"><code>DataError</code></a>.
+ Let <var>key</var> be the result of converting <var>result</var> to the IDL dictionary
+ type of <a href="#dfn-JsonWebKey">JsonWebKey</a>.
</p>
</li>
<li>
<p>
- Return <var>result</var>.
+ If the <code>"kty"</code> field of <var>key</var> is not defined, then <a
+ href="#concept-return-an-error">return an error</a> named <a
+ href="#dfn-DataError"><code>DataError</code></a>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Return <var>key</var>.
</p>
</li>
</ol>
@@ -1076,7 +1080,7 @@
<span class="comment">// TBD: <a href="https://www.w3.org/2012/webcrypto/track/issues/35">ISSUE-35</a></span>
Promise<any> <a href="#dfn-SubtleCrypto-method-importKey">importKey</a>(<a href="#dfn-KeyFormat">KeyFormat</a> format,
- CryptoOperationData keyData,
+ object keyData,
<a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> algorithm,
boolean extractable,
sequence<<a href="#dfn-KeyUsage">KeyUsage</a>> keyUsages );
@@ -1152,7 +1156,7 @@
<dt><code>spki</code></dt>
<dd>The DER encoding of the SubjectPublicKeyInfo structure from <a href="#RFC5280">RFC 5280</a>.</dd>
<dt><code>jwk</code></dt>
- <dd>The key is represented as JSON according to the JSON Web Key format.</dd>
+ <dd>The key is a <a href="#dfn-JsonWebKey">JsonWebKey</a> dictionary encoded as a JavaScript object</dd>
</dl>
</dd>
</dl>
@@ -1929,12 +1933,27 @@
</p>
</li>
<li>
- <p>
- Let <var>keyData</var> be the result of
- <a href="#concept-clone-CryptoOperationData">cloning the data</a> of the
- <code>keyData</code> parameter passed to the
- <a href="#dfn-SubtleCrypto-method-importKey">importKey</a> method.
- </p>
+ <dl class="switch">
+ <dt>
+ If <var>format</var> is equal to the string <code>raw</code>,
+ <code>pkcs8</code>, or <code>spki</code>:
+ </dt>
+ <dd>
+ Let <var>keyData</var> be the result of
+ <a href="#concept-clone-CryptoOperationData">cloning the data</a> of the
+ <code>keyData</code> parameter passed to the
+ <a href="#dfn-SubtleCrypto-method-importKey">importKey</a> method.
+ </dd>
+ <dt>
+ If <var>format</var> is equal to the string <code>jwk</code>:
+ </dt>
+ <dd>
+ Let <var>keyData</var> be the result of converting the <code>keyData</code>
+ parameter passed to the <a
+ href="#dfn-SubtleCrypto-method-importKey">importKey</a> method to a <a
+ href="#dfn-JsonWebKey">JsonWebKey</a> dictionary.
+ </dd>
+ </dl>
</li>
<li>
<p>
@@ -2011,15 +2030,6 @@
</p>
</li>
</ol>
- <div class="ednote">
- <a href="https://www.w3.org/Bugs/Public/show_bug.cgi?id=24963">Bug 24963</a> -
- There is an open question as to whether/how to support importing
- keys when format is <code>jwk</code>. As currently specified, it is a
- JSON-encoded Javascript object, converted to a UTF-8 byte sequence, with the
- raw bytes provided via <code>CryptoOperationData</code>. A separate
- proposal exists to handle this via IDL, permitting importing JavaScript
- objects directly when importing with <code>jwk</code>.
- </div>
</div>
<div id="SubtleCrypto-method-exportKey" class="section">
@@ -2109,15 +2119,6 @@
</p>
</li>
</ol>
- <div class="ednote">
- <a href="https://www.w3.org/Bugs/Public/show_bug.cgi?id=24963">Bug 24963</a> -
- There is an open question as to whether/how to support exporting
- keys when format is <code>jwk</code>. As currently specified, the result
- is a JSON-encoded Javascript object, converted to a UTF-8 byte
- sequence, with the raw bytes provided via an ArrayBuffer. A separate
- proposal exists to return an actual Javascript object when exporting
- with <code>jwk</code>.
- </div>
</div>
<div id="SubtleCrypto-method-wrapKey" class="section">
@@ -2212,10 +2213,49 @@
</li>
<li>
<p>
- Let <var>bytes</var> be the result of performing the export key operation
+ Let <var>key</var> be the result of performing the export key operation
specified the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
<var>key</var> using <var>key</var> and <var>format</var>.
</p>
+ </li>
+ <li>
+ <dl class="switch">
+ <dt>
+ If <var>format</var> is equal to the strings <code>raw</code>, <code>pkcs8</code>,
+ or <code>spki</code>:
+ </dt>
+ <dd>
+ Set <var>bytes</var> be set to <var>key</var>.
+ </dd>
+ <dt>
+ If <var>format</var> is equal to the string <code>jwk</code>:
+ </dt>
+ <dd>
+ <ol>
+ <li>
+ <p>
+ Convert <var>key</var> to an ECMAScript Object, as specified in [
+ <a href="#WebIDL">WEBIDL</a>].
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>json</var> be the result of representing <var>key</var> as a
+ UTF-16 string conforming to the JSON grammar; for example, by executing
+ the <code>JSON.stringify</code> algorithm specified in
+ <a href="#ECMA-262">ECMA262</a>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>bytes</var> be the byte sequence the results from converting
+ <var>json</var>, a JavaScript String comprised of UTF-16 code points, to
+ UTF-8 code points.
+ </p>
+ </li>
+ </ol>
+ </dd>
+ </dl>
<div class="note">
<p class="norm">
This note is non-normative.
@@ -2226,7 +2266,9 @@
length and RSA-OAEP places a restriction on the length. For key formats that
offer flexibility in serialization of a given key (for example JWK),
implementations may choose to adapt the serialization to the constraints of
- the wrapping algorithm.
+ the wrapping algorithm. This is why JSON.stringify is not normatively required,
+ as otherwise it would prohibit implementations from introducing added
+ padding.
</p>
</div>
</li>
@@ -2383,7 +2425,7 @@
<dl class="switch">
<dt>If <var>normalizedAlgorithm</var> supports an unwrap key operation:</dt>
<dd>
- Let <var>bytes</var> be the result of performing the unwrap key operation
+ Let <var>key</var> be the result of performing the unwrap key operation
specified by <var>normalizedAlgorithm</var> using <var>algorithm</var>,
<var>unwrappingKey</var> as <var>key</var> and <var>wrappedKey</var> as
<var>ciphertext</var>.
@@ -2393,7 +2435,7 @@
operation:
</dt>
<dd>
- Let <var>bytes</var> be the result of performing the decrypt operation specified
+ Let <var>key</var> be the result of performing the decrypt operation specified
by <var>normalizedAlgorithm</var> using <var>algorithm</var>,
<var>unwrappingKey</var> as <var>key</var> and <var>wrappedKey</var> as
<var>ciphertext</var>.
@@ -2406,6 +2448,25 @@
</dl>
</li>
<li>
+ <dl class="switch">
+ <dt>
+ If <var>format</var> is equal to the strings <code>raw</code>,
+ <code>pkcs8</code>, or <code>spki</code>:
+ </dt>
+ <dd>
+ Set <var>bytes</var> be set to <var>key</var>.
+ </dd>
+ <dt>
+ If <var>format</var> is equal to the string <code>jwk</code>:
+ </dt>
+ <dd>
+ Let <var>bytes</var> be the result of executing the
+ <a href="#concept-parse-a-jwk">parse a JWK</a> algorithm, withe <var>key</var>
+ as the <code>data</code> to be parsed.
+ </dd>
+ </dl>
+ </li>
+ <li>
<p>
Let <var>result</var> be the result of performing the import key operation
specified by <var>normalizedKeyAlgorithm</var> using
@@ -2490,6 +2551,53 @@
</div>
</div>
+ <div id="JsonWebKey-dictionary" class="section">
+ <h2>JsonWebKey dictionary</h2>
+ <x:codeblock language="idl">
+dictionary <dfn id="dfn-RsaOtherPrimesInfo">RsaOtherPrimesInfo</dfn> {
+ <span class="comment">// The following fields are defined in Section 6.3.2.7 of <a href="#jwa">JSON Web Algorithms</a></span>
+ DOMString r;
+ DOMString d;
+ DOMString t;
+};
+
+dictionary <dfn id="dfn-JsonWebKey">JsonWebKey</dfn> {
+ <span class="comment">// The following fields are defined in Section 3.1 of <a href="#jwk">JSON Web Key</a></span>
+ DOMString kty;
+ DOMString use;
+ sequence<DOMString> key_ops;
+ DOMString alg;
+
+ <span class="comment">// The following fields are defined in <a href="#iana-section-jwk">JSON Web Key Parameters Registration</a></span>
+ boolean ext;
+
+ <span class="comment">// The following fields are defined in Section 6 of <a href="#jwa">JSON Web Algorithms</a></span>
+ DOMString crv;
+ DOMString x;
+ DOMString y;
+ DOMString d;
+ DOMString n;
+ DOMString e;
+ DOMString p;
+ DOMString q;
+ DOMString dp;
+ DOMString dq;
+ DOMString qi;
+ sequence<RsaOtherPrimesInfo> oth;
+ DOMString k;
+};
+ </x:codeblock>
+ <div id="JsonWebKey-description">
+ <h3>Description</h3>
+ <p class="norm">The following section is non-normative</p>
+ <p>
+ The <a href="#dfn-JsonWebKey">JsonWebKey</a> dictionary provides a way to represent
+ and exchange cryptographic keys represented by the <a href="#JWK">JSON Web Key</a>
+ structure, while allowing native and efficient use within Web Cryptography API
+ applications.
+ </p>
+ </div>
+ </div>
<div id="WorkerCrypto-interface" class="section">
<h2>WorkerCrypto interface</h2>
@@ -3049,7 +3157,7 @@
<tr>
<td>exportKey</td>
<td>None</td>
- <td>ArrayBuffer</td>
+ <td>object</td>
</tr>
</tbody>
</table>
@@ -3448,9 +3556,8 @@
<ol>
<li>
<p>
- Let <var>jwk</var> be the result of running the
- <a href="#concept-parse-a-jwk">parse a jwk</a>
- algorithm over <var>keyData</var>.
+ Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary represented by <var>keyData</var>.
</p>
</li>
<li>
@@ -3618,7 +3725,7 @@
</li>
<li>
<p>
- Let <var>result</var> be the result of <a
+ Let <var>data</var> be the result of <a
href="#dfn-encode-a-subjectPublicKeyInfo">encoding a
subjectPublicKeyInfo</a> with the following properties:
</p>
@@ -3653,6 +3760,12 @@
</li>
</ul>
</li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>array</var>.
+ </p>
+ </li>
</ol>
</dd>
<dt>If <var>format</var> is <code>"pkcs8"</code>:</dt>
@@ -3668,7 +3781,7 @@
</li>
<li>
<p>
- Let <var>result</var> be the result of <a
+ Let <var>data</var> be the result of <a
href="#dfn-encode-a-privateKeyInfo"> encoding a privateKeyInfo</a>
with the following properties:
</p>
@@ -3715,25 +3828,34 @@
</li>
</ul>
</li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
</ol>
</dd>
<dt>If <var>format</var> is <code>"jwk"</code>:</dt>
<dd>
<ul>
<li>
- <p>Let <var>jwk</var> be a new internal object.</p>
- </li>
- <li>
- <p>Set the <code>kty</code> property of <var>jwk</var> to the string
+ <p>
+ Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary.
+ </p>
+ </li>
+ <li>
+ <p>Set the <code>kty</code> attribute of <var>jwk</var> to the string
<code>"RSA"</code>.</p>
</li>
<li>
- <p>Set the <code>alg</code> property of <var>jwk</var> to the string
+ <p>Set the <code>alg</code> attribute of <var>jwk</var> to the string
<code>"RSA1_5"</code>.</p>
</li>
<li>
<p>
- Set the properties <code>n</code> and <code>e</code> of <var>jwk</var>
+ Set the attributes <code>n</code> and <code>e</code> of <var>jwk</var>
according to the corresponding definitions in <a href="#jwa">JSON Web
Algorithms</a>, Section 6.3.1.
</p>
@@ -3748,7 +3870,7 @@
<ol>
<li>
<p>
- Set the properties named <code>d</code>, <code>p</code>,
+ Set the attributes named <code>d</code>, <code>p</code>,
<code>q</code>, <code>dp</code>, <code>dq</code>, and
<code>qi</code> of <var>jwk</var> according to the
corresponding definitions in <a href="#jwa">JSON Web
@@ -3759,7 +3881,7 @@
<p>
If the underlying RSA private key represented by
<var>key</var> is represented by more than two primes, set the
- member named <code>oth</code> of <var>jwk</var> according to
+ attribute named <code>oth</code> of <var>jwk</var> according to
the corresponding definition in <a href="#jwa">JSON Web
Algorithms</a>, Section 6.3.2.7
</p>
@@ -3770,28 +3892,21 @@
</li>
<li>
<p>
- Set the <code>key_ops</code> property of <var>jwk</var> to the <a
+ Set the <code>key_ops</code> attribute of <var>jwk</var> to the <a
href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
</p>
</li>
<li>
<p>
- Set the <code>ext</code> property of <var>jwk</var> to the <a
+ Set the <code>ext</code> attribute of <var>jwk</var> to the <a
href="#dfn-CryptoKey-extractable">extractable</a> attribute of
<var>key</var>.
</p>
</li>
<li>
<p>
- Let <var>stringifiedJwk</var> be the result of encoding
- <var>jwk</var> according to the grammar specified in Section 15.12 of
- <a href="#ECMA-262">ECMA262</a>.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var> be the UTF-8 encoding of
- <var>stringifiedJwk</var>.
+ Let <var>result</var> be the result of converting <var>jwk</var>
+ to an ECMAScript Object.
</p>
</li>
</ul>
@@ -3806,13 +3921,7 @@
</li>
<li>
<p>
- Let <var>data</var> be a new <code>ArrayBuffer</code> containing
- <var>result</var>.
- </p>
- </li>
- <li>
- <p>
- Return <var>data</var>.
+ Return <var>result</var>.
</p>
</li>
</ol>
@@ -3869,7 +3978,7 @@
<tr>
<td>exportKey</td>
<td>None</td>
- <td>ArrayBuffer</td>
+ <td>object</td>
</tr>
</tbody>
</table>
@@ -4476,9 +4585,8 @@
<ol>
<li>
<p>
- Let <var>jwk</var> be the result of running the
- <a href="#concept-parse-a-jwk">parse a jwk</a>
- algorithm over <var>keyData</var>.
+ Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary represented by <var>keyData</var>.
</p>
</li>
<li>
@@ -4707,7 +4815,7 @@
</li>
<li>
<p>
- Let <var>result</var> be the result of <a
+ Let <var>data</var> be the result of <a
href="#dfn-encode-a-subjectPublicKeyInfo">encoding a
subjectPublicKeyInfo</a> with the following properties:
</p>
@@ -4742,6 +4850,12 @@
</li>
</ul>
</li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
</ol>
</dd>
<dt>If <var>format</var> is <code>"pkcs8"</code>:</dt>
@@ -4757,7 +4871,7 @@
</li>
<li>
<p>
- Let <var>result</var> be the result of <a
+ Let <var>data</var> be the result of <a
href="#dfn-encode-a-privateKeyInfo"> encoding a privateKeyInfo</a>
with the following properties:
</p>
@@ -4804,16 +4918,22 @@
</li>
</ul>
</li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
</ol>
</dd>
<dt>If <var>format</var> is <code>"jwk"</code>:</dt>
<dd>
<ul>
<li>
- <p>Let <var>jwk</var> be a new internal object.</p>
- </li>
- <li>
- <p>Set the <code>kty</code> field of <var>jwk</var> to the string
+ <p>Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a> dictionary.</p>
+ </li>
+ <li>
+ <p>Set the <code>kty</code> attribute of <var>jwk</var> to the string
<code>"RSA"</code>.</p>
</li>
<li>
@@ -4828,28 +4948,28 @@
<dt>If <var>hash</var> is <code>SHA-1</code>:</dt>
<dd>
<p>
- Set the <code>alg</code> field of <var>jwk</var> to the string
+ Set the <code>alg</code> attribute of <var>jwk</var> to the string
<code>RS1</code>.
</p>
</dd>
<dt>If <var>hash</var> is <code>SHA-256</code>:</dt>
<dd>
<p>
- Set the <code>alg</code> field of <var>jwk</var> to the string
+ Set the <code>alg</code> attribute of <var>jwk</var> to the string
<code>RS256</code>.
</p>
</dd>
<dt>If <var>hash</var> is <code>SHA-384</code>:</dt>
<dd>
<p>
- Set the <code>alg</code> field of <var>jwk</var> to the string
+ Set the <code>alg</code> attribute of <var>jwk</var> to the string
<code>RS384</code>.
</p>
</dd>
<dt>If <var>hash</var> is <code>SHA-512</code>:</dt>
<dd>
<p>
- Set the <code>alg</code> field of <var>jwk</var> to the string
+ Set the <code>alg</code> attribute of <var>jwk</var> to the string
<code>RS512</code>.
</p>
</dd>
@@ -4863,12 +4983,12 @@
</dl>
</li>
<li>
- <p>Set the <code>alg</code> field of <var>jwk</var> to the string
- <code>"RSA1_5"</code>.</p>
- </li>
- <li>
- <p>
- Set the fields <code>n</code> and <code>e</code> of <var>jwk</var>
+ <p>Set the <code>alg</code> attribute of <var>jwk</var> to the string
+ <code>RSA1_5</code>.</p>
+ </li>
+ <li>
+ <p>
+ Set the attributes <code>n</code> and <code>e</code> of <var>jwk</var>
according to the corresponding definitions in <a href="#jwa">JSON Web
Algorithms</a>, Section 6.3.1.
</p>
@@ -4883,7 +5003,7 @@
<ol>
<li>
<p>
- Set the fields named <code>d</code>, <code>p</code>,
+ Set the attributes named <code>d</code>, <code>p</code>,
<code>q</code>, <code>dp</code>, <code>dq</code>, and
<code>qi</code> of <var>jwk</var> according to the
corresponding definitions in <a href="#jwa">JSON Web
@@ -4894,7 +5014,7 @@
<p>
If the underlying RSA private key represented by
<var>key</var> is represented by more than two primes, set the
- field named <code>oth</code> of <var>jwk</var> according to
+ attribute named <code>oth</code> of <var>jwk</var> according to
the corresponding definition in <a href="#jwa">JSON Web
Algorithms</a>, Section 6.3.2.7
</p>
@@ -4905,28 +5025,21 @@
</li>
<li>
<p>
- Set the <code>key_ops</code> field of <var>jwk</var> to the <a
+ Set the <code>key_ops</code> attribute of <var>jwk</var> to the <a
href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
</p>
</li>
<li>
<p>
- Set the <code>ext</code> field of <var>jwk</var> to the <a
+ Set the <code>ext</code> attribute of <var>jwk</var> to the <a
href="#dfn-CryptoKey-extractable">extractable</a> attribute of
<var>key</var>.
</p>
</li>
<li>
<p>
- Let <var>stringifiedJwk</var> be the result of encoding
- <var>jwk</var> according to the grammar specified in Section 15.12 of
- <a href="#ECMA-262">ECMA262</a>.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var> be the UTF-8 encoding of
- <var>stringifiedJwk</var>.
+ Let <var>result</var> be the result of converting <var>jwk</var>
+ to an ECMAScript Object.
</p>
</li>
</ul>
@@ -4942,13 +5055,7 @@
</li>
<li>
<p>
- Let <var>data</var> be a new <code>ArrayBuffer</code> containing
- <var>result</var>.
- </p>
- </li>
- <li>
- <p>
- Return <var>data</var>.
+ Return <var>result</var>.
</p>
</li>
</ol>
@@ -5006,7 +5113,7 @@
<tr>
<td>exportKey</td>
<td>None</td>
- <td>ArrayBuffer</td>
+ <td>object</td>
</tr>
</tbody>
</table>
@@ -5747,9 +5854,8 @@
<ol>
<li>
<p>
- Let <var>jwk</var> be the result of running the
- <a href="#concept-parse-a-jwk">parse a jwk</a>
- algorithm over <var>keyData</var>.
+ Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary represented by <var>keyData</var>.
</p>
</li>
<li>
@@ -5978,7 +6084,7 @@
</li>
<li>
<p>
- Let <var>result</var> be the result of <a
+ Let <var>data</var> be the result of <a
href="#dfn-encode-a-subjectPublicKeyInfo">encoding a
subjectPublicKeyInfo</a> with the following properties:
</p>
@@ -6116,6 +6222,12 @@
</li>
</ul>
</li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
</ol>
</dd>
<dt>If <var>format</var> is <code>"pkcs8"</code>:</dt>
@@ -6131,7 +6243,7 @@
</li>
<li>
<p>
- Let <var>result</var> be the result of <a
+ Let <var>data</var> be the result of <a
href="#dfn-encode-a-privateKeyInfo"> encoding a privateKeyInfo</a>
with the following properties:
</p>
@@ -6281,16 +6393,22 @@
</li>
</ul>
</li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
</ol>
</dd>
<dt>If <var>format</var> is <code>"jwk"</code>:</dt>
<dd>
<ul>
<li>
- <p>Let <var>jwk</var> be a new internal object.</p>
- </li>
- <li>
- <p>Set the <code>kty</code> field of <var>jwk</var> to the string
+ <p>Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a> dictionary.</p>
+ </li>
+ <li>
+ <p>Set the <code>kty</code> attribute of <var>jwk</var> to the string
<code>"RSA"</code>.</p>
</li>
<li>
@@ -6306,28 +6424,28 @@
<dt>If <var>hash</var> is <code>SHA-1</code>:</dt>
<dd>
<p>
- Set the <code>alg</code> field of <var>jwk</var> to the string
+ Set the <code>alg</code> attribute of <var>jwk</var> to the string
<code>PS1</code>.
</p>
</dd>
<dt>If <var>hash</var> is <code>SHA-256</code>:</dt>
<dd>
<p>
- Set the <code>alg</code> field of <var>jwk</var> to the string
+ Set the <code>alg</code> attribute of <var>jwk</var> to the string
<code>PS256</code>.
</p>
</dd>
<dt>If <var>hash</var> is <code>SHA-384</code>:</dt>
<dd>
<p>
- Set the <code>alg</code> field of <var>jwk</var> to the string
+ Set the <code>alg</code> attribute of <var>jwk</var> to the string
<code>PS384</code>.
</p>
</dd>
<dt>If <var>hash</var> is <code>SHA-512</code>:</dt>
<dd>
<p>
- Set the <code>alg</code> field of <var>jwk</var> to the string
+ Set the <code>alg</code> attribute of <var>jwk</var> to the string
<code>PS512</code>.
</p>
</dd>
@@ -6342,7 +6460,7 @@
</li>
<li>
<p>
- Set the fields <code>n</code> and <code>e</code> of <var>jwk</var>
+ Set the attributes <code>n</code> and <code>e</code> of <var>jwk</var>
according to the corresponding definitions in <a href="#jwa">JSON Web
Algorithms</a>, Section 6.3.1.
</p>
@@ -6357,7 +6475,7 @@
<ol>
<li>
<p>
- Set the fields named <code>d</code>, <code>p</code>,
+ Set the attributes named <code>d</code>, <code>p</code>,
<code>q</code>, <code>dp</code>, <code>dq</code>, and
<code>qi</code> of <var>jwk</var> according to the
corresponding definitions in <a href="#jwa">JSON Web
@@ -6368,7 +6486,7 @@
<p>
If the underlying RSA private key represented by
<var>key</var> is represented by more than two primes, set the
- field named <code>oth</code> of <var>jwk</var> according to
+ attribute named <code>oth</code> of <var>jwk</var> according to
the corresponding definition in <a href="#jwa">JSON Web
Algorithms</a>, Section 6.3.2.7
</p>
@@ -6379,28 +6497,21 @@
</li>
<li>
<p>
- Set the <code>key_ops</code> field of <var>jwk</var> to the <a
+ Set the <code>key_ops</code> attribute of <var>jwk</var> to the <a
href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
</p>
</li>
<li>
<p>
- Set the <code>ext</code> field of <var>jwk</var> to the <a
+ Set the <code>ext</code> attribute of <var>jwk</var> to the <a
href="#dfn-CryptoKey-extractable">extractable</a> attribute of
<var>key</var>.
</p>
</li>
<li>
<p>
- Let <var>stringifiedJwk</var> be the result of encoding
- <var>jwk</var> according to the grammar specified in Section 15.12 of
- <a href="#ECMA-262">ECMA262</a>.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var> be the UTF-8 encoding of
- <var>stringifiedJwk</var>.
+ Let <var>result</var> be the result of converting <var>jwk</var>
+ to an ECMAScript Object.
</p>
</li>
</ul>
@@ -6416,13 +6527,7 @@
</li>
<li>
<p>
- Let <var>data</var> be a new <code>ArrayBuffer</code> containing
- <var>result</var>.
- </p>
- </li>
- <li>
- <p>
- Return <var>data</var>.
+ Return <var>result</var>.
</p>
</li>
</ol>
@@ -6480,7 +6585,7 @@
<tr>
<td>exportKey</td>
<td>None</td>
- <td>ArrayBuffer</td>
+ <td>object</td>
</tr>
</tbody>
</table>
@@ -7225,9 +7330,8 @@
<ol>
<li>
<p>
- Let <var>jwk</var> be the result of running the
- <a href="#concept-parse-a-jwk">parse a jwk</a>
- algorithm over <var>keyData</var>.
+ Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary represented by <var>keyData</var>.
</p>
</li>
<li>
@@ -7439,7 +7543,7 @@
</li>
<li>
<p>
- Let <var>result</var> be the result of <a
+ Let <var>data</var> be the result of <a
href="#dfn-encode-a-subjectPublicKeyInfo">encoding a
subjectPublicKeyInfo</a> with the following properties:
</p>
@@ -7567,6 +7671,12 @@
</li>
</ul>
</li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
</ol>
</dd>
<dt>If <var>format</var> is <code>"pkcs8"</code>:</dt>
@@ -7582,7 +7692,7 @@
</li>
<li>
<p>
- Let <var>result</var> be the result of <a
+ Let <var>data</var> be the result of <a
href="#dfn-encode-a-privateKeyInfo"> encoding a privateKeyInfo</a>
with the following properties:
</p>
@@ -7722,17 +7832,26 @@
</li>
</ul>
</li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
</ol>
</dd>
<dt>If <var>format</var> is <code>"jwk"</code>:</dt>
<dd>
<ul>
<li>
- <p>Let <var>jwk</var> be a new internal object.</p>
- </li>
- <li>
- <p>
- Set the <code>kty</code> field of <var>jwk</var> to the string
+ <p>
+ Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <code>kty</code> attribute of <var>jwk</var> to the string
<code>"RSA"</code>.
</p>
</li>
@@ -7747,7 +7866,7 @@
</dt>
<dd>
<p>
- Set the <code>alg</code> field of <var>jwk</var> to the string
+ Set the <code>alg</code> attribute of <var>jwk</var> to the string
<code>"RSA-OAEP"</code>.
</p>
</dd>
@@ -7760,7 +7879,7 @@
</dt>
<dd>
<p>
- Set the <code>alg</code> field of <var>jwk</var> to the string
+ Set the <code>alg</code> attribute of <var>jwk</var> to the string
<code>"RSA-OAEP-256"</code>.
</p>
</dd>
@@ -7773,7 +7892,7 @@
</dt>
<dd>
<p>
- Set the <code>alg</code> field of <var>jwk</var> to the string
+ Set the <code>alg</code> attribute of <var>jwk</var> to the string
<code>"RSA-OAEP-384"</code>.
</p>
</dd>
@@ -7786,7 +7905,7 @@
</dt>
<dd>
<p>
- Set the <code>alg</code> field of <var>jwk</var> to the string
+ Set the <code>alg</code> attribute of <var>jwk</var> to the string
<code>"RSA-OAEP-512"</code>.
</p>
</dd>
@@ -7794,7 +7913,7 @@
</li>
<li>
<p>
- Set the fields <code>n</code> and <code>e</code> of <var>jwk</var>
+ Set the attributes <code>n</code> and <code>e</code> of <var>jwk</var>
according to the corresponding definitions in <a href="#jwa">JSON Web
Algorithms</a>, Section 6.3.1.
</p>
@@ -7809,7 +7928,7 @@
<ol>
<li>
<p>
- Set the fields named <code>d</code>, <code>p</code>,
+ Set the attributes named <code>d</code>, <code>p</code>,
<code>q</code>, <code>dp</code>, <code>dq</code>, and
<code>qi</code> of <var>jwk</var> according to the
corresponding definitions in <a href="#jwa">JSON Web
@@ -7820,7 +7939,7 @@
<p>
If the underlying RSA private key represented by
<var>key</var> is represented by more than two primes, set the
- field named <code>oth</code> of <var>jwk</var> according to
+ attribute named <code>oth</code> of <var>jwk</var> according to
the corresponding definition in <a href="#jwa">JSON Web
Algorithms</a>, Section 6.3.2.7
</p>
@@ -7831,28 +7950,21 @@
</li>
<li>
<p>
- Set the <code>key_ops</code> field of <var>jwk</var> to the <a
+ Set the <code>key_ops</code> attribute of <var>jwk</var> to the <a
href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
</p>
</li>
<li>
<p>
- Set the <code>ext</code> field of <var>jwk</var> to the <a
+ Set the <code>ext</code> attribute of <var>jwk</var> to the <a
href="#dfn-CryptoKey-extractable">extractable</a> attribute of
<var>key</var>.
</p>
</li>
<li>
<p>
- Let <var>stringifiedJwk</var> be the result of encoding
- <var>jwk</var> according to the grammar specified in Section 15.12 of
- <a href="#ECMA-262">ECMA262</a>.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var> be the UTF-8 encoding of
- <var>stringifiedJwk</var>.
+ Let <var>result</var> be the result of converting <var>jwk</var>
+ to an ECMAScript Object.
</p>
</li>
</ul>
@@ -7868,13 +7980,7 @@
</li>
<li>
<p>
- Let <var>data</var> be a new <code>ArrayBuffer</code> containing
- <var>result</var>.
- </p>
- </li>
- <li>
- <p>
- Return <var>data</var>.
+ Return <var>result</var>.
</p>
</li>
</ol>
@@ -7931,7 +8037,7 @@
<tr>
<td>exportKey</td>
<td>None</td>
- <td>ArrayBuffer</td>
+ <td>object</td>
</tr>
</tbody>
@@ -8659,9 +8765,8 @@
<ol>
<li>
<p>
- Let <var>jwk</var> be the result of running the
- <a href="#concept-parse-a-jwk">parse a JWK</a> algorithm over
- <var>keyData</var>.
+ Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary represented by <var>keyData</var>.
</p>
</li>
<li>
@@ -8885,7 +8990,7 @@
</li>
<li>
<p>
- Let <var>result</var> be the result of <a
+ Let <var>data</var> be the result of <a
href="#concept-encode-a-subjectPublicKeyInfo">encoding a
subjectPublicKeyInfo</a> with the following properties:
</p>
@@ -8966,6 +9071,12 @@
</li>
</ul>
</li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
</ol>
</dd>
<dt>If <var>format</var> is <code>"pkcs8"</code>:</dt>
@@ -8981,7 +9092,7 @@
</li>
<li>
<p>
- Let <var>result</var> be the result of <a
+ Let <var>data</var> be the result of <a
href="#concept-encode-a-privateKeyInfo">encoding a
privateKeyInfo</a> with the following properties:
</p>
@@ -9084,6 +9195,12 @@
</li>
</ul>
</li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
</ol>
</dd>
<dt>If <var>format</var> is <code>"jwk"</code>:</dt>
@@ -9091,12 +9208,13 @@
<ol>
<li>
<p>
- Let <var>jwk</var> be a new internal object.
- </p>
- </li>
- <li>
- <p>
- Set the <code>kty</code> property of <var>jwk</var> to
+ Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <code>kty</code> attribute of <var>jwk</var> to
<code>"EC"</code>.
</p>
</li>
@@ -9108,7 +9226,7 @@
attribute of <var>key</var> is <code>P-256</code>:
</dt>
<dd>
- Set the <code>crv</code> property of <var>jwk</var> to
+ Set the <code>crv</code> attribute of <var>jwk</var> to
<code>"P-256"</code>
</dd>
<dt>
@@ -9117,7 +9235,7 @@
attribute of <var>key</var> is <code>P-384</code>:
</dt>
<dd>
- Set the <code>crv</code> property of <var>jwk</var> to
+ Set the <code>crv</code> attribute of <var>jwk</var> to
<code>"P-384"</code>
</dd>
<dt>
@@ -9126,21 +9244,21 @@
attribute of <var>key</var> is <code>P-521</code>:
</dt>
<dd>
- Set the <code>crv</code> property of <var>jwk</var> to
+ Set the <code>crv</code> attribute of <var>jwk</var> to
<code>"P-521"</code>
</dd>
</dl>
</li>
<li>
<p>
- Set the <code>x</code> property of <var>jwk</var> according to the
+ Set the <code>x</code> attribute of <var>jwk</var> according to the
definition in Section 6.2.1.2 of <a href="#jwa">JSON Web
Algorithms</a>.
</p>
</li>
<li>
<p>
- Set the <code>y</code> property of <var>jwk</var> according to the
+ Set the <code>y</code> attribute of <var>jwk</var> according to the
definition in Section 6.2.1.3 of <a href="#jwa">JSON Web
Algorithms</a>.
</p>
@@ -9153,7 +9271,7 @@
</dt>
<dd>
<p>
- Set the <code>d</code> property of <var>jwk</var> according to the
+ Set the <code>d</code> attribute of <var>jwk</var> according to the
definition in Section 6.2.2.1 of <a href="#jwa">JSON Web
Algorithms</a>.
</p>
@@ -9162,28 +9280,21 @@
</li>
<li>
<p>
- Set the <code>key_ops</code> property of <var>jwk</var> to the
+ Set the <code>key_ops</code> attribute of <var>jwk</var> to the
<a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
</p>
</li>
<li>
<p>
- Set the <code>ext</code> property of <var>jwk</var> to the <a
+ Set the <code>ext</code> attribute of <var>jwk</var> to the <a
href="#dfn-CryptoKey-extractable">extractable</a> attribute of
<var>key</var>.
</p>
</li>
<li>
<p>
- Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
- into a string according to the grammar specified in Section 15.12 of
- <a href="#ECMA-262">ECMA262</a>.
- </p>
- </li>
- <li>
- <p>
- Let <var>data</var> be the UTF-8 encoding of
- <var>stringifiedJwk</var>.
+ Let <var>result</var> be the result of converting <var>jwk</var>
+ to an ECMAScript Object.
</p>
</li>
</ol>
@@ -9199,13 +9310,7 @@
</li>
<li>
<p>
- Let <var>data</var> be a new <code>ArrayBuffer</code> that contains
- <var>result</var>.
- </p>
- </li>
- <li>
- <p>
- Return <var>data</var>.
+ Return <var>result</var>.
</p>
</li>
</ol>
@@ -9256,7 +9361,7 @@
<tr>
<td>exportKey</td>
<td>None</td>
- <td>ArrayBuffer</td>
+ <td>object</td>
</tr>
</tbody>
</table>
@@ -9869,9 +9974,8 @@
<ol>
<li>
<p>
- Let <var>jwk</var> be the result of running the
- <a href="#concept-parse-a-jwk">parse a JWK</a> algorithm over
- <var>keyData</var>.
+ Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary represented by <var>keyData</var>.
</p>
</li>
<li>
@@ -10356,12 +10460,13 @@
<ol>
<li>
<p>
- Let <var>jwk</var> be a new internal object.
- </p>
- </li>
- <li>
- <p>
- Set the <code>kty</code> property of <var>jwk</var> to
+ Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <code>kty</code> attribute of <var>jwk</var> to
<code>"EC"</code>.
</p>
</li>
@@ -10373,7 +10478,7 @@
attribute of <var>key</var> is <code>P-256</code>:
</dt>
<dd>
- Set the <code>crv</code> property of <var>jwk</var> to
+ Set the <code>crv</code> attribute of <var>jwk</var> to
<code>"P-256"</code>
</dd>
<dt>
@@ -10382,7 +10487,7 @@
attribute of <var>key</var> is <code>P-384</code>:
</dt>
<dd>
- Set the <code>crv</code> property of <var>jwk</var> to
+ Set the <code>crv</code> attribute of <var>jwk</var> to
<code>"P-384"</code>
</dd>
<dt>
@@ -10391,21 +10496,21 @@
attribute of <var>key</var> is <code>P-521</code>:
</dt>
<dd>
- Set the <code>crv</code> property of <var>jwk</var> to
+ Set the <code>crv</code> attribute of <var>jwk</var> to
<code>"P-521"</code>
</dd>
</dl>
</li>
<li>
<p>
- Set the <code>x</code> property of <var>jwk</var> according to the
+ Set the <code>x</code> attribute of <var>jwk</var> according to the
definition in Section 6.2.1.2 of <a href="#jwa">JSON Web
Algorithms</a>.
</p>
</li>
<li>
<p>
- Set the <code>y</code> property of <var>jwk</var> according to the
+ Set the <code>y</code> attribute of <var>jwk</var> according to the
definition in Section 6.2.1.3 of <a href="#jwa">JSON Web
Algorithms</a>.
</p>
@@ -10418,7 +10523,7 @@
</dt>
<dd>
<p>
- Set the <code>d</code> property of <var>jwk</var> according to the
+ Set the <code>d</code> attribute of <var>jwk</var> according to the
definition in Section 6.2.2.1 of <a href="#jwa">JSON Web
Algorithms</a>.
</p>
@@ -10427,28 +10532,21 @@
</li>
<li>
<p>
- Set the <code>key_ops</code> property of <var>jwk</var> to the
+ Set the <code>key_ops</code> attribute of <var>jwk</var> to the
<a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
</p>
</li>
<li>
<p>
- Set the <code>ext</code> property of <var>jwk</var> to the <a
+ Set the <code>ext</code> attribute of <var>jwk</var> to the <a
href="#dfn-CryptoKey-extractable">extractable</a> attribute of
<var>key</var>.
</p>
</li>
<li>
<p>
- Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
- into a string according to the grammar specified in Section 15.12 of
- <a href="#ECMA-262">ECMA262</a>.
- </p>
- </li>
- <li>
- <p>
- Let <var>data</var> be the UTF-8 encoding of
- <var>stringifiedJwk</var>.
+ Let <var>result</var> be the result of converting <var>jwk</var>
+ to an ECMAScript Object.
</p>
</li>
</ol>
@@ -10473,6 +10571,12 @@
href="#X9.62">X9.62</a> Annex A.
</p>
</li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
</ol>
</dd>
<dt>Otherwise:</dt>
@@ -10486,13 +10590,7 @@
</li>
<li>
<p>
- Let <var>data</var> be a new <code>ArrayBuffer</code> that contains
- <var>result</var>.
- </p>
- </li>
- <li>
- <p>
- Return <var>data</var>.
+ Return <var>result</var>.
</p>
</li>
</ol>
@@ -10550,7 +10648,7 @@
<tr>
<td>exportKey</td>
<td>None</td>
- <td>ArrayBuffer</td>
+ <td>object</td>
</tr>
<tr>
<td>get key length</td>
@@ -10866,9 +10964,8 @@
<ol>
<li>
<p>
- Let <var>jwk</var> be the result of running the
- <a href="#concept-parse-a-jwk">parse a jwk</a>
- algorithm over <var>keyData</var>.
+ Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary represented by <var>keyData</var>.
</p>
</li>
<li>
@@ -11015,26 +11112,39 @@
<dl class="switch">
<dt>If <var>format</var> is <code>"raw"</code>:</dt>
<dd>
- Let <var>data</var> be the raw octets of the key represented by
- <var>key</var>.
+ <ol>
+ <li>
+ <p>
+ Let <var>data</var> be the raw octets of the key represented by
+ <var>key</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
+ </ol>
</dd>
<dt>If <var>format</var> is <code>"jwk"</code>:</dt>
<dd>
<ol>
<li>
<p>
- Let <var>jwk</var> be a new internal object.
- </p>
- </li>
- <li>
- <p>
- Set the <code>kty</code> property of <var>jwk</var> to the
+ Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <code>kty</code> attribute of <var>jwk</var> to the
string <code>"oct"</code>.
</p>
</li>
<li>
<p>
- Set the <code>k</code> property of <var>jwk</var> to be a string
+ Set the <code>k</code> attribute of <var>jwk</var> to be a string
containing the raw octets
of the key represented by <var>key</var>, encoded according to
Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>.
@@ -11044,42 +11154,35 @@
<dl class="switch">
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 128:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A128CTR"</code>.</dd>
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 192:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A192CTR"</code>.</dd>
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 256:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A256CTR"</code>.</dd>
</dl>
</li>
<li>
<p>
- Set the <code>key_ops</code> property of <var>jwk</var> to equal the
+ Set the <code>key_ops</code> attribute of <var>jwk</var> to equal the
<a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
</p>
</li>
<li>
<p>
- Set the <code>ext</code> property of <var>jwk</var> to equal the
+ Set the <code>ext</code> attribute of <var>jwk</var> to equal the
<a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
<var>key</var>.
</p>
</li>
<li>
<p>
- Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
- into a string according to the grammar specified in Section 15.12 of
- <a href="#ECMA-262">ECMA262</a>.
- </p>
- </li>
- <li>
- <p>
- Let <var>data</var> be the UTF-8 encoding of
- <var>stringifiedJwk</var>.
+ Let <var>result</var> be the result of converting <var>jwk</var>
+ to an ECMAScript Object.
</p>
</li>
</ol>
@@ -11088,12 +11191,7 @@
</li>
<li>
<p>
- Let <var>keyData</var> be a new ArrayBuffer containing <var>data</var>.
- </p>
- </li>
- <li>
- <p>
- Return <var>data</var>.
+ Return <var>result</var>.
</p>
</li>
</ol>
@@ -11193,7 +11291,7 @@
<tr>
<td>exportKey</td>
<td>None</td>
- <td>ArrayBuffer</td>
+ <td>object</td>
</tr>
<tr>
<td>get key length</td>
@@ -11472,9 +11570,8 @@
<ol>
<li>
<p>
- Let <var>jwk</var> be the result of running the
- <a href="#concept-parse-a-jwk">parse a jwk</a>
- algorithm over <var>keyData</var>.
+ Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary represented by <var>keyData</var>.
</p>
</li>
<li>
@@ -11615,26 +11712,39 @@
<dl class="switch">
<dt>If <var>format</var> is <code>"raw"</code>:</dt>
<dd>
- Let <var>data</var> be the raw octets of the key represented by
- <var>key</var>.
+ <ol>
+ <li>
+ <p>
+ Let <var>data</var> be the raw octets of the key represented by
+ <var>key</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
+ </ol>
</dd>
<dt>If <var>format</var> is <code>"jwk"</code>:</dt>
<dd>
<ol>
<li>
<p>
- Let <var>jwk</var> be a new internal object.
- </p>
- </li>
- <li>
- <p>
- Set the <code>kty</code> property of <var>jwk</var> to the
+ Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <code>kty</code> attribute of <var>jwk</var> to the
string <code>"oct"</code>.
</p>
</li>
<li>
<p>
- Set the <code>k</code> property of <var>jwk</var> to be a string
+ Set the <code>k</code> attribute of <var>jwk</var> to be a string
containing the raw octets
of the key represented by <var>key</var>, encoded according to
Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>.
@@ -11644,42 +11754,35 @@
<dl class="switch">
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 128:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A128CBC"</code>.</dd>
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 192:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A192CBC"</code>.</dd>
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 256:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A256CBC"</code>.</dd>
</dl>
</li>
<li>
<p>
- Set the <code>key_ops</code> property of <var>jwk</var> to equal the
+ Set the <code>key_ops</code> attribute of <var>jwk</var> to equal the
<a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
</p>
</li>
<li>
<p>
- Set the <code>ext</code> property of <var>jwk</var> to equal the
+ Set the <code>ext</code> attribute of <var>jwk</var> to equal the
<a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
<var>key</var>.
</p>
</li>
<li>
<p>
- Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
- into a string according to the grammar specified in Section 15.12 of
- <a href="#ECMA-262">ECMA262</a>.
- </p>
- </li>
- <li>
- <p>
- Let <var>data</var> be the UTF-8 encoding of
- <var>stringifiedJwk</var>.
+ Let <var>result</var> be the result of converting <var>jwk</var>
+ to an ECMAScript Object.
</p>
</li>
</ol>
@@ -11688,12 +11791,7 @@
</li>
<li>
<p>
- Let <var>keyData</var> be a new ArrayBuffer containing <var>data</var>.
- </p>
- </li>
- <li>
- <p>
- Return <var>data</var>.
+ Return <var>result</var>.
</p>
</li>
</ol>
@@ -11786,7 +11884,7 @@
<tr>
<td>exportKey</td>
<td>None</td>
- <td>ArrayBuffer</td>
+ <td>object</td>
</tr>
<tr>
<td>get key length</td>
@@ -12016,9 +12114,8 @@
<ol>
<li>
<p>
- Let <var>jwk</var> be the result of running the
- <a href="#concept-parse-a-jwk">parse a jwk</a>
- algorithm over <var>keyData</var>.
+ Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary represented by <var>keyData</var>.
</p>
</li>
<li>
@@ -12159,26 +12256,39 @@
<dl class="switch">
<dt>If <var>format</var> is <code>"raw"</code>:</dt>
<dd>
- Let <var>data</var> be the raw octets of the key represented by
- <var>key</var>.
+ <ol>
+ <li>
+ <p>
+ Let <var>data</var> be the raw octets of the key represented by
+ <var>key</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
+ </ol>
</dd>
<dt>If <var>format</var> is <code>"jwk"</code>:</dt>
<dd>
<ol>
<li>
<p>
- Let <var>jwk</var> be a new internal object.
- </p>
- </li>
- <li>
- <p>
- Set the <code>kty</code> property of <var>jwk</var> to the
+ Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <code>kty</code> attribute of <var>jwk</var> to the
string <code>"oct"</code>.
</p>
</li>
<li>
<p>
- Set the <code>k</code> property of <var>jwk</var> to be a string
+ Set the <code>k</code> attribute of <var>jwk</var> to be a string
containing the raw octets
of the key represented by <var>key</var>, encoded according to
Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>.
@@ -12188,42 +12298,35 @@
<dl class="switch">
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 128:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A128CMAC"</code>.</dd>
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 192:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A192CMAC"</code>.</dd>
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 256:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A256CMAC"</code>.</dd>
</dl>
</li>
<li>
<p>
- Set the <code>key_ops</code> property of <var>jwk</var> to equal the
+ Set the <code>key_ops</code> attribute of <var>jwk</var> to equal the
<a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
</p>
</li>
<li>
<p>
- Set the <code>ext</code> property of <var>jwk</var> to equal the
+ Set the <code>ext</code> attribute of <var>jwk</var> to equal the
<a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
<var>key</var>.
</p>
</li>
<li>
<p>
- Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
- into a string according to the grammar specified in Section 15.12 of
- <a href="#ECMA-262">ECMA262</a>.
- </p>
- </li>
- <li>
- <p>
- Let <var>data</var> be the UTF-8 encoding of
- <var>stringifiedJwk</var>.
+ Let <var>result</var> be the result of converting <var>jwk</var>
+ to an ECMAScript Object.
</p>
</li>
</ol>
@@ -12232,7 +12335,7 @@
</li>
<li>
<p>
- Return a new ArrayBuffer containing <var>data</var>.
+ Return <var>result</var>.
</p>
</li>
</ol>
@@ -12324,7 +12427,7 @@
<tr>
<td>exportKey</td>
<td>None</td>
- <td>ArrayBuffer</td>
+ <td>object</td>
</tr>
<tr>
<td>get key length</td>
@@ -12699,9 +12802,8 @@
<ol>
<li>
<p>
- Let <var>jwk</var> be the result of running the
- <a href="#concept-parse-a-jwk">parse a jwk</a>
- algorithm over <var>keyData</var>.
+ Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary represented by <var>keyData</var>.
</p>
</li>
<li>
@@ -12842,26 +12944,39 @@
<dl class="switch">
<dt>If <var>format</var> is <code>"raw"</code>:</dt>
<dd>
- Let <var>data</var> be the raw octets of the key represented by
- <var>key</var>.
+ <ol>
+ <li>
+ <p>
+ Let <var>data</var> be the raw octets of the key represented by
+ <var>key</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
+ </ol>
</dd>
<dt>If <var>format</var> is <code>"jwk"</code>:</dt>
<dd>
<ol>
<li>
<p>
- Let <var>jwk</var> be a new internal object.
- </p>
- </li>
- <li>
- <p>
- Set the <code>kty</code> property of <var>jwk</var> to the
+ Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <code>kty</code> attribute of <var>jwk</var> to the
string <code>"oct"</code>.
</p>
</li>
<li>
<p>
- Set the <code>k</code> property of <var>jwk</var> to be a string
+ Set the <code>k</code> attribute of <var>jwk</var> to be a string
containing the raw octets
of the key represented by <var>key</var>, encoded according to
Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>.
@@ -12871,42 +12986,35 @@
<dl class="switch">
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 128:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A128GCM"</code>.</dd>
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 192:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A192GCM"</code>.</dd>
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 256:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A256GCM"</code>.</dd>
</dl>
</li>
<li>
<p>
- Set the <code>key_ops</code> property of <var>jwk</var> to equal the
+ Set the <code>key_ops</code> attribute of <var>jwk</var> to equal the
<a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
</p>
</li>
<li>
<p>
- Set the <code>ext</code> property of <var>jwk</var> to equal the
+ Set the <code>ext</code> attribute of <var>jwk</var> to equal the
<a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
<var>key</var>.
</p>
</li>
<li>
<p>
- Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
- into a string according to the grammar specified in Section 15.12 of
- <a href="#ECMA-262">ECMA262</a>.
- </p>
- </li>
- <li>
- <p>
- Let <var>data</var> be the UTF-8 encoding of
- <var>stringifiedJwk</var>.
+ Let <var>result</var> be the result of converting <var>jwk</var>
+ to an ECMAScript Object.
</p>
</li>
</ol>
@@ -12920,7 +13028,7 @@
</li>
<li>
<p>
- Return a new ArrayBuffer containing <var>data</var>.
+ Return <var>result</var>.
</p>
</li>
</ol>
@@ -13014,7 +13122,7 @@
<tr>
<td>exportKey</td>
<td>None</td>
- <td>ArrayBuffer</td>
+ <td>object</td>
</tr>
<tr>
<td>get key length</td>
@@ -13267,9 +13375,8 @@
<ol>
<li>
<p>
- Let <var>jwk</var> be the result of running the
- <a href="#concept-parse-a-jwk">parse a jwk</a>
- algorithm over <var>keyData</var>.
+ Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary represented by <var>keyData</var>.
</p>
</li>
<li>
@@ -13409,26 +13516,39 @@
<dl class="switch">
<dt>If <var>format</var> is <code>"raw"</code>:</dt>
<dd>
- Let <var>data</var> be the raw octets of the key represented by
- <var>key</var>.
+ <ol>
+ <li>
+ <p>
+ Let <var>data</var> be the raw octets of the key represented by
+ <var>key</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
+ </ol>
</dd>
<dt>If <var>format</var> is <code>"jwk"</code>:</dt>
<dd>
<ol>
<li>
<p>
- Let <var>jwk</var> be a new internal object.
- </p>
- </li>
- <li>
- <p>
- Set the <code>kty</code> property of <var>jwk</var> to the
+ Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <code>kty</code> attribute of <var>jwk</var> to the
string <code>"oct"</code>.
</p>
</li>
<li>
<p>
- Set the <code>k</code> property of <var>jwk</var> to be a string
+ Set the <code>k</code> attribute of <var>jwk</var> to be a string
containng the raw octets
of the key represented by <var>key</var>, encoded according to
Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>.
@@ -13438,42 +13558,35 @@
<dl class="switch">
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 128:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A128CFB8"</code>.</dd>
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 192:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A192CFB8"</code>.</dd>
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 256:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A256CFB8"</code>.</dd>
</dl>
</li>
<li>
<p>
- Set the <code>key_ops</code> property of <var>jwk</var> to equal the
+ Set the <code>key_ops</code> attribute of <var>jwk</var> to equal the
<a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
</p>
</li>
<li>
<p>
- Set the <code>ext</code> property of <var>jwk</var> to equal the
+ Set the <code>ext</code> attribute of <var>jwk</var> to equal the
<a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
<var>key</var>.
</p>
</li>
<li>
<p>
- Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
- into a string according to the grammar specified in Section 15.12 of
- <a href="#ECMA-262">ECMA262</a>.
- </p>
- </li>
- <li>
- <p>
- Let <var>data</var> be the UTF-8 encoding of
- <var>stringifiedJwk</var>.
+ Let <var>result</var> be the result of converting <var>jwk</var>
+ to an ECMAScript Object.
</p>
</li>
</ol>
@@ -13482,12 +13595,7 @@
</li>
<li>
<p>
- Let <var>keyData</var> be a new ArrayBuffer containing <var>data</var>.
- </p>
- </li>
- <li>
- <p>
- Return <var>data</var>.
+ Return <var>result</var>.
</p>
</li>
</ol>
@@ -13580,7 +13688,7 @@
<tr>
<td>exportKey</td>
<td>None</td>
- <td>ArrayBuffer</td>
+ <td>object</td>
</tr>
<tr>
<td>get key length</td>
@@ -13774,9 +13882,8 @@
<ol>
<li>
<p>
- Let <var>jwk</var> be the result of running the
- <a href="#concept-parse-a-jwk">parse a jwk</a>
- algorithm over <var>keyData</var>.
+ Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary represented by <var>keyData</var>.
</p>
</li>
<li>
@@ -13916,26 +14023,39 @@
<dl class="switch">
<dt>If <var>format</var> is <code>"raw"</code>:</dt>
<dd>
- Let <var>data</var> be the raw octets of the key represented by
- <var>key</var>.
+ <ol>
+ <li>
+ <p>
+ Let <var>data</var> be the raw octets of the key represented by
+ <var>key</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
+ </ol>
</dd>
<dt>If <var>format</var> is <code>"jwk"</code>:</dt>
<dd>
<ol>
<li>
<p>
- Let <var>jwk</var> be a new internal object.
- </p>
- </li>
- <li>
- <p>
- Set the <code>kty</code> property of <var>jwk</var> to the
+ Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <code>kty</code> attribute of <var>jwk</var> to the
string <code>"oct"</code>.
</p>
</li>
<li>
<p>
- Set the <code>k</code> property of <var>jwk</var> to be a string
+ Set the <code>k</code> attribute of <var>jwk</var> to be a string
containng the raw octets
of the key represented by <var>key</var>, encoded according to
Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>.
@@ -13945,42 +14065,35 @@
<dl class="switch">
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 128:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A128KW"</code>.</dd>
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 192:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A192KW"</code>.</dd>
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 256:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A256KW"</code>.</dd>
</dl>
</li>
<li>
<p>
- Set the <code>key_ops</code> property of <var>jwk</var> to equal the
+ Set the <code>key_ops</code> attribute of <var>jwk</var> to equal the
<a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
</p>
</li>
<li>
<p>
- Set the <code>ext</code> property of <var>jwk</var> to equal the
+ Set the <code>ext</code> attribute of <var>jwk</var> to equal the
<a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
<var>key</var>.
</p>
</li>
<li>
<p>
- Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
- into a string according to the grammar specified in Section 15.12 of
- <a href="#ECMA-262">ECMA262</a>.
- </p>
- </li>
- <li>
- <p>
- Let <var>data</var> be the UTF-8 encoding of
- <var>stringifiedJwk</var>.
+ Let <var>result</var> be the result of converting <var>jwk</var>
+ to an ECMAScript Object.
</p>
</li>
</ol>
@@ -13989,7 +14102,7 @@
</li>
<li>
<p>
- Return a new ArrayBuffer containing <var>data</var>.
+ Return <var>result</var>.
</p>
</li>
</ol>
@@ -14081,7 +14194,7 @@
<tr>
<td>exportKey</td>
<td>None</td>
- <td>ArrayBuffer</td>
+ <td>object</td>
</tr>
<tr>
<td>get key length</td>
@@ -14363,9 +14476,8 @@
<ol>
<li>
<p>
- Let <var>jwk</var> be the result of running the
- <a href="#concept-parse-a-jwk">parse a jwk</a>
- algorithm over <var>keyData</var>.
+ Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary represented by <var>keyData</var>.
</p>
</li>
<li>
@@ -14666,26 +14778,39 @@
<dl class="switch">
<dt>If <var>format</var> is <code>"raw"</code>:</dt>
<dd>
- Let <var>data</var> be the raw octets of the key represented by
- <var>key</var>.
+ <ol>
+ <li>
+ <p>
+ Let <var>data</var> be the raw octets of the key represented by
+ <var>key</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
+ </ol>
</dd>
<dt>If <var>format</var> is <code>"jwk"</code>:</dt>
<dd>
<ol>
<li>
<p>
- Let <var>jwk</var> be a new internal object.
- </p>
- </li>
- <li>
- <p>
- Set the <code>kty</code> property of <var>jwk</var> to the
+ Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <code>kty</code> attribute of <var>jwk</var> to the
string <code>"oct"</code>.
</p>
</li>
<li>
<p>
- Set the <code>k</code> property of <var>jwk</var> to be a string
+ Set the <code>k</code> attribute of <var>jwk</var> to be a string
containng the raw octets
of the key represented by <var>key</var>, encoded according to
Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>.
@@ -14710,46 +14835,39 @@
<dl class="switch">
<dt>If the <a href="#dfn-KeyAlgorithm-name">name</a> attribute of
<var>hash</var> is <code>"SHA-1"</code>:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"HS1"</code>.</dd>
<dt>If the <a href="#dfn-KeyAlgorithm-name">name</a> attribute of
<var>hash</var> is <code>"SHA-256"</code>:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"HS256"</code>.</dd>
<dt>If the <a href="#dfn-KeyAlgorithm-name">name</a> attribute of
<var>hash</var> is <code>"SHA-384"</code>:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"HS384"</code>.</dd>
<dt>If the <a href="#dfn-KeyAlgorithm-name">name</a> attribute of
<var>hash</var> is <code>"SHA-512"</code>:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"HS512"</code>.</dd>
</dl>
</li>
<li>
<p>
- Set the <code>key_ops</code> property of <var>jwk</var> to equal the
+ Set the <code>key_ops</code> attribute of <var>jwk</var> to equal the
<a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
</p>
</li>
<li>
<p>
- Set the <code>ext</code> property of <var>jwk</var> to equal the
+ Set the <code>ext</code> attribute of <var>jwk</var> to equal the
<a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
<var>key</var>.
</p>
</li>
<li>
<p>
- Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
- into a string according to the grammar specified in Section 15.12 of
- <a href="#ECMA-262">ECMA262</a>.
- </p>
- </li>
- <li>
- <p>
- Let <var>data</var> be the UTF-8 encoding of
- <var>stringifiedJwk</var>.
+ Let <var>result</var> be the result of converting <var>jwk</var>
+ to an ECMAScript Object.
</p>
</li>
</ol>
@@ -14758,7 +14876,7 @@
</li>
<li>
<p>
- Return a new ArrayBuffer containing <var>data</var>.
+ Return <var>result</var>.
</p>
</li>
</ol>
@@ -14861,7 +14979,7 @@
<tr>
<td>exportKey</td>
<td>None</td>
- <td>ArrayBuffer</td>
+ <td>object</td>
</tr>
</tbody>
</table>
@@ -15550,26 +15668,36 @@
If <var>format</var> is <code>"raw"</code>:
</dt>
<dd>
- <dl class="switch">
- <dt>
- If the <a href="#dfn-CryptoKey-type">type</a> attribute of
- <var>key</var> is <code>"public"</code>:
- </dt>
- <dd>
- Let <var>result</var> be the Public Value, <var>PV</var>, associated
- with <var>key</var> as specified in Section 7 of [<a href="#PKCS3">PKCS
- #3</a>].
- </dd>
- <dt>
- If the <a href="#dfn-CryptoKey-type">type</a> attribute of
- <var>key</var> is <code>"private"</code>:
- </dt>
- <dd>
- Let <var>result</var> be the octet string that represents the private
- value <var>x</var> associated with <var>key</var> as a big integer, most
- significant octet first.
- </dd>
- </dl>
+ <ol>
+ <li>
+ <dl class="switch">
+ <dt>
+ If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+ <var>key</var> is <code>"public"</code>:
+ </dt>
+ <dd>
+ Let <var>data</var> be the Public Value, <var>PV</var>, associated
+ with <var>key</var> as specified in Section 7 of [<a
+ href="#PKCS3">PKCS #3</a>].
+ </dd>
+ <dt>
+ If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+ <var>key</var> is <code>"private"</code>:
+ </dt>
+ <dd>
+ Let <var>data</var> be the octet string that represents the private
+ value <var>x</var> associated with <var>key</var> as a big integer,
+ most significant octet first.
+ </dd>
+ </dl>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
+ </ol>
</dd>
<dt>
If <var>format</var> is <code>"spki"</code>:
@@ -15586,7 +15714,7 @@
</li>
<li>
<p>
- Let <var>result</var> be the result of <a
+ Let <var>data</var> be the result of <a
href="#concept-encode-a-subjectPublicKeyInfo">encoding a
subjectPublicKeyInfo</a> with the following properties:
</p>
@@ -15644,6 +15772,12 @@
</li>
</ul>
</li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
</ol>
</dd>
<dt>
@@ -15661,7 +15795,7 @@
</li>
<li>
<p>
- Let <var>result</var> be the result of <a
+ Let <var>data</var> be the result of <a
href="#concept-encode-a-privateKeyInfo">encoding a
privateKeyInfo</a> with the following properties:
</p>
@@ -15719,6 +15853,12 @@
</li>
</ul>
</li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
</ol>
</dd>
<dt>Otherwise:</dt>
@@ -15730,13 +15870,7 @@
</li>
<li>
<p>
- Let <var>data</var> be a new <code>ArrayBuffer</code> containing
- <var>result</var>.
- </p>
- </li>
- <li>
- <p>
- Return <var>data</var>.
+ Return <var>result</var>.
</p>
</li>
</ol>
--- a/spec/Overview.html Mon Jun 16 00:00:00 2014 -0700
+++ b/spec/Overview.html Mon Jun 16 00:00:00 2014 -0700
@@ -44,7 +44,7 @@
communications.
</p>
- <div class="ednote"><div class="ednoteHeader">Editorial note</div><p>There are 18 further editorial notes in the document.</p></div>
+ <div class="ednote"><div class="ednoteHeader">Editorial note</div><p>There are 16 further editorial notes in the document.</p></div>
</div>
<div class="section">
@@ -134,7 +134,7 @@
<div id="toc">
<h2>Table of Contents</h2>
- <div class="toc"><ul><li><a href="#introduction">1. Introduction</a></li><li><a href="#use-cases">2. Use Cases</a><ul><li><a href="#multifactor-authentication">2.1. Multi-factor Authentication</a></li><li><a href="#protected-document">2.2. Protected Document Exchange</a></li><li><a href="#cloud-storage">2.3. Cloud Storage</a></li><li><a href="#document-signing">2.4. Document Signing</a></li><li><a href="#data-integrity-protection">2.5. Data Integrity Protection</a></li><li><a href="#secure-messaging">2.6. Secure Messaging</a></li><li><a href="#jose">2.7. Javascript Object Signing and Encryption (JOSE)</a></li></ul></li><li><a href="#conformance">3. Conformance</a></li><li><a href="#scope">4. Scope</a><ul><li><a href="#scope-abstraction">4.1. Level of abstraction</a></li><li><a href="#scope-algorithms">4.2. Cryptographic algorithms</a></li><li><a href="#scope-operations">4.3. Operations</a></li><li><a href="#scope-out-of-scope">4.4. Out of scope</a></li></ul></li><li><a href="#security">5. Security considerations</a><ul><li><a href="#security-implementers">5.1. Security considerations for implementers</a></li><li><a href="#security-developers">5.2. Security considerations for authors</a></li></ul></li><li><a href="#privacy">6. Privacy considerations</a></li><li><a href="#dependencies">7. Dependencies</a></li><li><a href="#terminology">8. Terminology</a></li><li><a href="#RandomSource-interface">9. RandomSource interface</a><ul><li><a href="#RandomSource-description">9.1. Description</a></li><li><a href="#RandomSource-interface-methods">9.2. Methods and Parameters</a><ul><li><a href="#RandomSource-method-getRandomValues">9.2.1. The getRandomValues method</a></li></ul></li></ul></li><li><a href="#algorithm-dictionary">10. Algorithm dictionary</a><ul><li><a href="#algorithm-dictionary-members">10.1. Algorithm Dictionary Members</a></li></ul></li><li><a href="#key-algorithm-interface">11. KeyAlgorithm interface</a><ul><li><a href="#key-algorithm-interface-description">11.1. Description</a></li><li><a href="#key-algorithm-interface-members">11.2. KeyAlgorithm interface members</a></li></ul></li><li><a href="#cryptokey-interface">12. CryptoKey interface</a><ul><li><a href="#cryptokey-interface-description">12.1. Description</a></li><li><a href="#cryptokey-interface-types">12.2. Key interface data types</a></li><li><a href="#cryptokey-interface-members">12.3. CryptoKey interface members</a></li><li><a href="#cryptokey-interface-clone">12.4. Structured clone algorithm</a></li></ul></li><li><a href="#crypto-interface">13. Crypto interface</a></li><li><a href="#subtlecrypto-interface">14. SubtleCrypto interface</a><ul><li><a href="#subtlecrypto-interface-description">14.1. Description</a></li><li><a href="#subtlecrypto-interface-datatypes">14.2. Data Types</a></li><li><a href="#subtlecrypto-interface-methods">14.3. Methods and Parameters</a><ul><li><a href="#SubtleCrypto-method-encrypt">14.3.1. The encrypt method</a></li><li><a href="#SubtleCrypto-method-decrypt">14.3.2. The decrypt method</a></li><li><a href="#SubtleCrypto-method-sign">14.3.3. The sign method</a></li><li><a href="#SubtleCrypto-method-verify">14.3.4. The verify method</a></li><li><a href="#SubtleCrypto-method-digest">14.3.5. The digest method</a></li><li><a href="#SubtleCrypto-method-generateKey">14.3.6. The generateKey method</a></li><li><a href="#SubtleCrypto-method-deriveKey">14.3.7. The deriveKey method</a></li><li><a href="#SubtleCrypto-method-deriveBits">14.3.8. The deriveBits method</a></li><li><a href="#SubtleCrypto-method-importKey">14.3.9. The importKey method</a></li><li><a href="#SubtleCrypto-method-exportKey">14.3.10. The exportKey method</a></li><li><a href="#SubtleCrypto-method-wrapKey">14.3.11. The wrapKey method</a></li><li><a href="#SubtleCrypto-method-unwrapKey">14.3.12. The unwrapKey method</a></li></ul></li><li><a href="#SubtleCrypto-Exceptions">14.4. Exceptions</a></li></ul></li><li><a href="#WorkerCrypto-interface">15. WorkerCrypto interface</a><ul><li><a href="#WorkerCrypto-description">15.1. Description</a></li></ul></li><li><a href="#big-integer">16. BigInteger</a></li><li><a href="#keypair">17. KeyPair</a></li><li><a href="#algorithms">18. Algorithms</a><ul><li><a href="#algorithms-index">18.1. Registered algorithms</a></li><li><a href="#recommended-algorithms">18.2. Recommended algorithms</a></li><li><a href="#defining-an-algorithm">18.3. Defining an algorithm</a><ul><li><a href="#recognized-algorithm-name">18.3.1. Recognized algorithm name</a></li><li><a href="#supported-operations">18.3.2. Supported operations</a></li><li><a href="#algorithm-specific-params">18.3.3. Algorithm-specific parameters</a></li><li><a href="#algorithm-result">18.3.4. Algorithm results</a></li><li><a href="#algorithm-alias">18.3.5. Algorithm aliases</a></li></ul></li><li><a href="#rsaes-pkcs1">18.4. RSAES-PKCS1-v1_5</a><ul><li><a href="#rsaes-pkcs1-description">18.4.1. Description</a></li><li><a href="#rsaes-pkcs1-registration">18.4.2. Registration</a></li><li><a href="#RsaKeyGenParams-dictionary">18.4.3. RsaKeyGenParams dictionary</a></li><li><a href="#RsaKeyAlgorithm-interface">18.4.4. RsaKeyAlgorithm interface</a></li><li><a href="#rsaes-pkcs1-operations">18.4.5. Operations</a></li></ul></li><li><a href="#rsassa-pkcs1">18.5. RSASSA-PKCS1-v1_5</a><ul><li><a href="#rsassa-pkcs1-description">18.5.1. Description</a></li><li><a href="#rsassa-pkcs1-registration">18.5.2. Registration</a></li><li><a href="#RsaHashedKeyGenParams-dictionary">18.5.3. RsaHashedKeyGenParams dictionary</a></li><li><a href="#RsaHashedKeyAlgorithm-interface">18.5.4. RsaHashedKeyAlgorithm interface</a></li><li><a href="#RsaHashedImportParams-dictionary">18.5.5. RsaHashedImportParams dictionary</a></li><li><a href="#rsassa-pkcs1-operations">18.5.6. Operations</a></li></ul></li><li><a href="#rsa-pss">18.6. RSA-PSS</a><ul><li><a href="#rsa-pss-description">18.6.1. Description</a></li><li><a href="#rsa-pss-registration">18.6.2. Registration</a></li><li><a href="#RsaPssParams-dictionary">18.6.3. RsaPssParams dictionary</a></li><li><a href="#rsa-pss-operations">18.6.4. Operations</a></li></ul></li><li><a href="#rsa-oaep">18.7. RSA-OAEP</a><ul><li><a href="#rsa-oaep-description">18.7.1. Description</a></li><li><a href="#rsa-oaep-registration">18.7.2. Registration</a></li><li><a href="#rsa-oaep-params">18.7.3. RsaOaepParams dictionary</a></li><li><a href="#rsa-oaep-operations">18.7.4. Operations</a></li></ul></li><li><a href="#ecdsa">18.8. ECDSA</a><ul><li><a href="#ecdsa-description">18.8.1. Description</a></li><li><a href="#ecdsa-registration">18.8.2. Registration</a></li><li><a href="#EcdsaParams-dictionary">18.8.3. EcdsaParams dictionary</a></li><li><a href="#EcKeyGenParams-dictionary">18.8.4. EcKeyGenParams dictionary</a></li><li><a href="#EcKeyAlgorithm-interface">18.8.5. EcKeyAlgorithm interface</a></li><li><a href="#EcKeyImportParams-dictionary">18.8.6. EcKeyImportParams dictionary</a></li><li><a href="#ecdsa-operations">18.8.7. Operations</a></li></ul></li><li><a href="#ecdh">18.9. ECDH</a><ul><li><a href="#ecdh-description">18.9.1. Description</a></li><li><a href="#ecdh-registration">18.9.2. Registration</a></li><li><a href="#dh-EcdhKeyDeriveParams">18.9.3. EcdhKeyDeriveParams dictionary</a></li><li><a href="#ecdh-operations">18.9.4. Operations</a></li></ul></li><li><a href="#aes-ctr">18.10. AES-CTR</a><ul><li><a href="#aes-ctr-description">18.10.1. Description</a></li><li><a href="#aes-ctr-registration">18.10.2. Registration</a></li><li><a href="#aes-ctr-params">18.10.3. AesCtrParams dictionary</a></li><li><a href="#AesKeyAlgorithm-interface">18.10.4. </a></li><li><a href="#aes-keygen-params">18.10.5. AesKeyGenParams dictionary</a></li><li><a href="#aes-derivedkey-params">18.10.6. AesDerivedKeyParams dictionary</a></li><li><a href="#aes-ctr-operations">18.10.7. Operations</a></li></ul></li><li><a href="#aes-cbc">18.11. AES-CBC</a><ul><li><a href="#aes-cbc-description">18.11.1. Description</a></li><li><a href="#aes-cbc-registration">18.11.2. Registration</a></li><li><a href="#aes-cbc-params">18.11.3. AesCbcParams dictionary</a></li><li><a href="#aes-cbc-operations">18.11.4. Operations</a></li></ul></li><li><a href="#aes-cmac">18.12. AES-CMAC</a><ul><li><a href="#aes-cmac-description">18.12.1. Description</a></li><li><a href="#aes-cmac-registration">18.12.2. Registration</a></li><li><a href="#aes-cmac-params">18.12.3. AesCmacParams dictionary</a></li><li><a href="#aes-cmac-operations">18.12.4. Operations</a></li></ul></li><li><a href="#aes-gcm">18.13. AES-GCM</a><ul><li><a href="#aes-gcm-description">18.13.1. Description</a></li><li><a href="#aes-gcm-registration">18.13.2. Registration</a></li><li><a href="#aes-gcm-params">18.13.3. AesGcmParams dictionary</a></li><li><a href="#aes-gcm-operations">18.13.4. Operations</a></li></ul></li><li><a href="#aes-cfb">18.14. AES-CFB</a><ul><li><a href="#aes-cfb-description">18.14.1. Description</a></li><li><a href="#aes-cfb-registration">18.14.2. Registration</a></li><li><a href="#aes-cfb-params">18.14.3. AesCfbParams dictionary</a></li><li><a href="#aes-cfb-operations">18.14.4. Operations</a></li></ul></li><li><a href="#aes-kw">18.15. AES-KW</a><ul><li><a href="#aes-kw-description">18.15.1. Description</a></li><li><a href="#aes-kw-registration">18.15.2. Registration</a></li><li><a href="#aes-kw-operations">18.15.3. Operations</a></li></ul></li><li><a href="#hmac">18.16. HMAC</a><ul><li><a href="#hmac-description">18.16.1. Description</a></li><li><a href="#hmac-registration">18.16.2. Registration</a></li><li><a href="#hmac-importparams">18.16.3. HmacImportParams dictionary</a></li><li><a href="#hmac-keyalgorithm">18.16.4. HmacKeyAlgorithm interface</a></li><li><a href="#hmac-keygen-params">18.16.5. HmacKeyGenParams dictionary</a></li><li><a href="#hmac-derivedkey-params">18.16.6. HmacDerivedKeyParams dictionary</a></li><li><a href="#hmac-operations">18.16.7. Operations</a></li></ul></li><li><a href="#dh">18.17. Diffie-Hellman</a><ul><li><a href="#dh-description">18.17.1. Description</a></li><li><a href="#dh-registration">18.17.2. Registration</a></li><li><a href="#dh-DhKeyGenParams">18.17.3. DhKeyGenParams dictionary</a></li><li><a href="#dh-DhKeyAlgorithm">18.17.4. DhKeyAlgorithm interface</a></li><li><a href="#dh-DhKeyDeriveParams">18.17.5. DhKeyDeriveParams dictionary</a></li><li><a href="#dh-DhImportKeyParams">18.17.6. DhImportKeyParams dictionary</a></li><li><a href="#dh-operations">18.17.7. Operations</a></li></ul></li><li><a href="#sha">18.18. SHA</a><ul><li><a href="#sha-description">18.18.1. Description</a></li><li><a href="#sha-registration">18.18.2. Registration</a></li><li><a href="#sha-operations">18.18.3. Operations</a></li></ul></li><li><a href="#concatkdf">18.19. Concat KDF</a><ul><li><a href="#concatkdf-description">18.19.1. Description</a></li><li><a href="#concatkdf-registration">18.19.2. Registration</a></li><li><a href="#concat-params">18.19.3. ConcatParams dictionary</a></li><li><a href="#concat-operations">18.19.4. Operations</a></li></ul></li><li><a href="#hkdf-ctr">18.20. HKDF-CTR</a><ul><li><a href="#hkdf-ctr-description">18.20.1. Description</a></li><li><a href="#hkdf-ctr-registration">18.20.2. Registration</a></li><li><a href="#hkdf-ctr-params">18.20.3. HkdfCtrParams dictionary</a></li><li><a href="#hkdf2-ctr-operations">18.20.4. Operations</a></li></ul></li><li><a href="#pbkdf2">18.21. PBKDF2</a><ul><li><a href="#pbkdf2-description">18.21.1. Description</a></li><li><a href="#pbkdf2-registration">18.21.2. Registration</a></li><li><a href="#pbkdf2-params">18.21.3. Pbkdf2Params dictionary</a></li><li><a href="#pbkdf2-operations">18.21.4. Operations</a></li></ul></li></ul></li><li><a href="#algorithm-normalizing-rules">19. Algorithm normalizing rules</a></li><li><a href="#examples-section">20. JavaScript Example Code</a><ul><li><a href="#examples-signing">20.1. Generate a signing key pair, sign some data</a></li><li><a href="#examples-symmetric-encryption">20.2. Symmetric Encryption</a></li></ul></li><li><a href="#iana-section">21. IANA Considerations</a><ul><li><a href="#iana-section-jws-jwa">21.1. JSON Web Signature and Encryption Algorithms Registration</a></li><li><a href="#iana-section-jwk">21.2. JSON Web Key Parameters Registration</a></li></ul></li><li><a href="#acknowledgements-section">22. Acknowledgements</a></li><li><a href="#references">23. References</a><ul><li><a href="#normative-references">23.1. Normative References</a></li><li><a href="#informative-references">23.2. Informative References</a></li></ul></li></ul><ul><li><a href="#jwk-mapping">A. Mapping between JSON Web Key / JSON Web Algorithm</a><ul><li><a href="#jwk-mapping-alg">A.1. Algorithm mappings</a></li><li><a href="#jwk-mapping-usage">A.2. Usage mapping</a></li></ul></li><li><a href="#spki-mapping">B. Mapping between Algorithm and SubjectPublicKeyInfo</a></li><li><a href="#pkcs8-mapping">C. Mapping between Algorithm and PKCS#8 PrivateKeyInfo</a></li></ul></div>
+ <div class="toc"><ul><li><a href="#introduction">1. Introduction</a></li><li><a href="#use-cases">2. Use Cases</a><ul><li><a href="#multifactor-authentication">2.1. Multi-factor Authentication</a></li><li><a href="#protected-document">2.2. Protected Document Exchange</a></li><li><a href="#cloud-storage">2.3. Cloud Storage</a></li><li><a href="#document-signing">2.4. Document Signing</a></li><li><a href="#data-integrity-protection">2.5. Data Integrity Protection</a></li><li><a href="#secure-messaging">2.6. Secure Messaging</a></li><li><a href="#jose">2.7. Javascript Object Signing and Encryption (JOSE)</a></li></ul></li><li><a href="#conformance">3. Conformance</a></li><li><a href="#scope">4. Scope</a><ul><li><a href="#scope-abstraction">4.1. Level of abstraction</a></li><li><a href="#scope-algorithms">4.2. Cryptographic algorithms</a></li><li><a href="#scope-operations">4.3. Operations</a></li><li><a href="#scope-out-of-scope">4.4. Out of scope</a></li></ul></li><li><a href="#security">5. Security considerations</a><ul><li><a href="#security-implementers">5.1. Security considerations for implementers</a></li><li><a href="#security-developers">5.2. Security considerations for authors</a></li></ul></li><li><a href="#privacy">6. Privacy considerations</a></li><li><a href="#dependencies">7. Dependencies</a></li><li><a href="#terminology">8. Terminology</a></li><li><a href="#RandomSource-interface">9. RandomSource interface</a><ul><li><a href="#RandomSource-description">9.1. Description</a></li><li><a href="#RandomSource-interface-methods">9.2. Methods and Parameters</a><ul><li><a href="#RandomSource-method-getRandomValues">9.2.1. The getRandomValues method</a></li></ul></li></ul></li><li><a href="#algorithm-dictionary">10. Algorithm dictionary</a><ul><li><a href="#algorithm-dictionary-members">10.1. Algorithm Dictionary Members</a></li></ul></li><li><a href="#key-algorithm-interface">11. KeyAlgorithm interface</a><ul><li><a href="#key-algorithm-interface-description">11.1. Description</a></li><li><a href="#key-algorithm-interface-members">11.2. KeyAlgorithm interface members</a></li></ul></li><li><a href="#cryptokey-interface">12. CryptoKey interface</a><ul><li><a href="#cryptokey-interface-description">12.1. Description</a></li><li><a href="#cryptokey-interface-types">12.2. Key interface data types</a></li><li><a href="#cryptokey-interface-members">12.3. CryptoKey interface members</a></li><li><a href="#cryptokey-interface-clone">12.4. Structured clone algorithm</a></li></ul></li><li><a href="#crypto-interface">13. Crypto interface</a></li><li><a href="#subtlecrypto-interface">14. SubtleCrypto interface</a><ul><li><a href="#subtlecrypto-interface-description">14.1. Description</a></li><li><a href="#subtlecrypto-interface-datatypes">14.2. Data Types</a></li><li><a href="#subtlecrypto-interface-methods">14.3. Methods and Parameters</a><ul><li><a href="#SubtleCrypto-method-encrypt">14.3.1. The encrypt method</a></li><li><a href="#SubtleCrypto-method-decrypt">14.3.2. The decrypt method</a></li><li><a href="#SubtleCrypto-method-sign">14.3.3. The sign method</a></li><li><a href="#SubtleCrypto-method-verify">14.3.4. The verify method</a></li><li><a href="#SubtleCrypto-method-digest">14.3.5. The digest method</a></li><li><a href="#SubtleCrypto-method-generateKey">14.3.6. The generateKey method</a></li><li><a href="#SubtleCrypto-method-deriveKey">14.3.7. The deriveKey method</a></li><li><a href="#SubtleCrypto-method-deriveBits">14.3.8. The deriveBits method</a></li><li><a href="#SubtleCrypto-method-importKey">14.3.9. The importKey method</a></li><li><a href="#SubtleCrypto-method-exportKey">14.3.10. The exportKey method</a></li><li><a href="#SubtleCrypto-method-wrapKey">14.3.11. The wrapKey method</a></li><li><a href="#SubtleCrypto-method-unwrapKey">14.3.12. The unwrapKey method</a></li></ul></li><li><a href="#SubtleCrypto-Exceptions">14.4. Exceptions</a></li></ul></li><li><a href="#JsonWebKey-dictionary">15. JsonWebKey dictionary</a></li><li><a href="#WorkerCrypto-interface">16. WorkerCrypto interface</a><ul><li><a href="#WorkerCrypto-description">16.1. Description</a></li></ul></li><li><a href="#big-integer">17. BigInteger</a></li><li><a href="#keypair">18. KeyPair</a></li><li><a href="#algorithms">19. Algorithms</a><ul><li><a href="#algorithms-index">19.1. Registered algorithms</a></li><li><a href="#recommended-algorithms">19.2. Recommended algorithms</a></li><li><a href="#defining-an-algorithm">19.3. Defining an algorithm</a><ul><li><a href="#recognized-algorithm-name">19.3.1. Recognized algorithm name</a></li><li><a href="#supported-operations">19.3.2. Supported operations</a></li><li><a href="#algorithm-specific-params">19.3.3. Algorithm-specific parameters</a></li><li><a href="#algorithm-result">19.3.4. Algorithm results</a></li><li><a href="#algorithm-alias">19.3.5. Algorithm aliases</a></li></ul></li><li><a href="#rsaes-pkcs1">19.4. RSAES-PKCS1-v1_5</a><ul><li><a href="#rsaes-pkcs1-description">19.4.1. Description</a></li><li><a href="#rsaes-pkcs1-registration">19.4.2. Registration</a></li><li><a href="#RsaKeyGenParams-dictionary">19.4.3. RsaKeyGenParams dictionary</a></li><li><a href="#RsaKeyAlgorithm-interface">19.4.4. RsaKeyAlgorithm interface</a></li><li><a href="#rsaes-pkcs1-operations">19.4.5. Operations</a></li></ul></li><li><a href="#rsassa-pkcs1">19.5. RSASSA-PKCS1-v1_5</a><ul><li><a href="#rsassa-pkcs1-description">19.5.1. Description</a></li><li><a href="#rsassa-pkcs1-registration">19.5.2. Registration</a></li><li><a href="#RsaHashedKeyGenParams-dictionary">19.5.3. RsaHashedKeyGenParams dictionary</a></li><li><a href="#RsaHashedKeyAlgorithm-interface">19.5.4. RsaHashedKeyAlgorithm interface</a></li><li><a href="#RsaHashedImportParams-dictionary">19.5.5. RsaHashedImportParams dictionary</a></li><li><a href="#rsassa-pkcs1-operations">19.5.6. Operations</a></li></ul></li><li><a href="#rsa-pss">19.6. RSA-PSS</a><ul><li><a href="#rsa-pss-description">19.6.1. Description</a></li><li><a href="#rsa-pss-registration">19.6.2. Registration</a></li><li><a href="#RsaPssParams-dictionary">19.6.3. RsaPssParams dictionary</a></li><li><a href="#rsa-pss-operations">19.6.4. Operations</a></li></ul></li><li><a href="#rsa-oaep">19.7. RSA-OAEP</a><ul><li><a href="#rsa-oaep-description">19.7.1. Description</a></li><li><a href="#rsa-oaep-registration">19.7.2. Registration</a></li><li><a href="#rsa-oaep-params">19.7.3. RsaOaepParams dictionary</a></li><li><a href="#rsa-oaep-operations">19.7.4. Operations</a></li></ul></li><li><a href="#ecdsa">19.8. ECDSA</a><ul><li><a href="#ecdsa-description">19.8.1. Description</a></li><li><a href="#ecdsa-registration">19.8.2. Registration</a></li><li><a href="#EcdsaParams-dictionary">19.8.3. EcdsaParams dictionary</a></li><li><a href="#EcKeyGenParams-dictionary">19.8.4. EcKeyGenParams dictionary</a></li><li><a href="#EcKeyAlgorithm-interface">19.8.5. EcKeyAlgorithm interface</a></li><li><a href="#EcKeyImportParams-dictionary">19.8.6. EcKeyImportParams dictionary</a></li><li><a href="#ecdsa-operations">19.8.7. Operations</a></li></ul></li><li><a href="#ecdh">19.9. ECDH</a><ul><li><a href="#ecdh-description">19.9.1. Description</a></li><li><a href="#ecdh-registration">19.9.2. Registration</a></li><li><a href="#dh-EcdhKeyDeriveParams">19.9.3. EcdhKeyDeriveParams dictionary</a></li><li><a href="#ecdh-operations">19.9.4. Operations</a></li></ul></li><li><a href="#aes-ctr">19.10. AES-CTR</a><ul><li><a href="#aes-ctr-description">19.10.1. Description</a></li><li><a href="#aes-ctr-registration">19.10.2. Registration</a></li><li><a href="#aes-ctr-params">19.10.3. AesCtrParams dictionary</a></li><li><a href="#AesKeyAlgorithm-interface">19.10.4. </a></li><li><a href="#aes-keygen-params">19.10.5. AesKeyGenParams dictionary</a></li><li><a href="#aes-derivedkey-params">19.10.6. AesDerivedKeyParams dictionary</a></li><li><a href="#aes-ctr-operations">19.10.7. Operations</a></li></ul></li><li><a href="#aes-cbc">19.11. AES-CBC</a><ul><li><a href="#aes-cbc-description">19.11.1. Description</a></li><li><a href="#aes-cbc-registration">19.11.2. Registration</a></li><li><a href="#aes-cbc-params">19.11.3. AesCbcParams dictionary</a></li><li><a href="#aes-cbc-operations">19.11.4. Operations</a></li></ul></li><li><a href="#aes-cmac">19.12. AES-CMAC</a><ul><li><a href="#aes-cmac-description">19.12.1. Description</a></li><li><a href="#aes-cmac-registration">19.12.2. Registration</a></li><li><a href="#aes-cmac-params">19.12.3. AesCmacParams dictionary</a></li><li><a href="#aes-cmac-operations">19.12.4. Operations</a></li></ul></li><li><a href="#aes-gcm">19.13. AES-GCM</a><ul><li><a href="#aes-gcm-description">19.13.1. Description</a></li><li><a href="#aes-gcm-registration">19.13.2. Registration</a></li><li><a href="#aes-gcm-params">19.13.3. AesGcmParams dictionary</a></li><li><a href="#aes-gcm-operations">19.13.4. Operations</a></li></ul></li><li><a href="#aes-cfb">19.14. AES-CFB</a><ul><li><a href="#aes-cfb-description">19.14.1. Description</a></li><li><a href="#aes-cfb-registration">19.14.2. Registration</a></li><li><a href="#aes-cfb-params">19.14.3. AesCfbParams dictionary</a></li><li><a href="#aes-cfb-operations">19.14.4. Operations</a></li></ul></li><li><a href="#aes-kw">19.15. AES-KW</a><ul><li><a href="#aes-kw-description">19.15.1. Description</a></li><li><a href="#aes-kw-registration">19.15.2. Registration</a></li><li><a href="#aes-kw-operations">19.15.3. Operations</a></li></ul></li><li><a href="#hmac">19.16. HMAC</a><ul><li><a href="#hmac-description">19.16.1. Description</a></li><li><a href="#hmac-registration">19.16.2. Registration</a></li><li><a href="#hmac-importparams">19.16.3. HmacImportParams dictionary</a></li><li><a href="#hmac-keyalgorithm">19.16.4. HmacKeyAlgorithm interface</a></li><li><a href="#hmac-keygen-params">19.16.5. HmacKeyGenParams dictionary</a></li><li><a href="#hmac-derivedkey-params">19.16.6. HmacDerivedKeyParams dictionary</a></li><li><a href="#hmac-operations">19.16.7. Operations</a></li></ul></li><li><a href="#dh">19.17. Diffie-Hellman</a><ul><li><a href="#dh-description">19.17.1. Description</a></li><li><a href="#dh-registration">19.17.2. Registration</a></li><li><a href="#dh-DhKeyGenParams">19.17.3. DhKeyGenParams dictionary</a></li><li><a href="#dh-DhKeyAlgorithm">19.17.4. DhKeyAlgorithm interface</a></li><li><a href="#dh-DhKeyDeriveParams">19.17.5. DhKeyDeriveParams dictionary</a></li><li><a href="#dh-DhImportKeyParams">19.17.6. DhImportKeyParams dictionary</a></li><li><a href="#dh-operations">19.17.7. Operations</a></li></ul></li><li><a href="#sha">19.18. SHA</a><ul><li><a href="#sha-description">19.18.1. Description</a></li><li><a href="#sha-registration">19.18.2. Registration</a></li><li><a href="#sha-operations">19.18.3. Operations</a></li></ul></li><li><a href="#concatkdf">19.19. Concat KDF</a><ul><li><a href="#concatkdf-description">19.19.1. Description</a></li><li><a href="#concatkdf-registration">19.19.2. Registration</a></li><li><a href="#concat-params">19.19.3. ConcatParams dictionary</a></li><li><a href="#concat-operations">19.19.4. Operations</a></li></ul></li><li><a href="#hkdf-ctr">19.20. HKDF-CTR</a><ul><li><a href="#hkdf-ctr-description">19.20.1. Description</a></li><li><a href="#hkdf-ctr-registration">19.20.2. Registration</a></li><li><a href="#hkdf-ctr-params">19.20.3. HkdfCtrParams dictionary</a></li><li><a href="#hkdf2-ctr-operations">19.20.4. Operations</a></li></ul></li><li><a href="#pbkdf2">19.21. PBKDF2</a><ul><li><a href="#pbkdf2-description">19.21.1. Description</a></li><li><a href="#pbkdf2-registration">19.21.2. Registration</a></li><li><a href="#pbkdf2-params">19.21.3. Pbkdf2Params dictionary</a></li><li><a href="#pbkdf2-operations">19.21.4. Operations</a></li></ul></li></ul></li><li><a href="#algorithm-normalizing-rules">20. Algorithm normalizing rules</a></li><li><a href="#examples-section">21. JavaScript Example Code</a><ul><li><a href="#examples-signing">21.1. Generate a signing key pair, sign some data</a></li><li><a href="#examples-symmetric-encryption">21.2. Symmetric Encryption</a></li></ul></li><li><a href="#iana-section">22. IANA Considerations</a><ul><li><a href="#iana-section-jws-jwa">22.1. JSON Web Signature and Encryption Algorithms Registration</a></li><li><a href="#iana-section-jwk">22.2. JSON Web Key Parameters Registration</a></li></ul></li><li><a href="#acknowledgements-section">23. Acknowledgements</a></li><li><a href="#references">24. References</a><ul><li><a href="#normative-references">24.1. Normative References</a></li><li><a href="#informative-references">24.2. Informative References</a></li></ul></li></ul><ul><li><a href="#jwk-mapping">A. Mapping between JSON Web Key / JSON Web Algorithm</a><ul><li><a href="#jwk-mapping-alg">A.1. Algorithm mappings</a></li><li><a href="#jwk-mapping-usage">A.2. Usage mapping</a></li></ul></li><li><a href="#spki-mapping">B. Mapping between Algorithm and SubjectPublicKeyInfo</a></li><li><a href="#pkcs8-mapping">C. Mapping between Algorithm and PKCS#8 PrivateKeyInfo</a></li></ul></div>
</div>
<div id="sections">
@@ -631,34 +631,36 @@
</li>
<li>
<p>
- Let <var>json</var> be the unicode string that results from interpreting
+ Let <var>json</var> be the Unicode string that results from interpreting
<var>data</var> according to UTF-8.
</p>
</li>
<li>
<p>
- Let <var>result</var> be the result of translating <var>json</var> into an internal
- object using the grammar specified in Section 15.12 of <a href="#ECMA-262">ECMA
- 262</a>.
+ Convert <var>json</var> to UTF-16.
</p>
</li>
<li>
<p>
- If <var>result</var> does not describe an Object type,
- then <a href="#concept-return-an-error">return an error</a> named
- <a href="#dfn-DataError"><code>DataError</code></a>.
+ Let <var>result</var> be the object literal that results from executing the
+ <code>JSON.parse</code> internal function, with <code>text</code>
+ argument set to a JavaScript String containing <var>json</var>.
</p>
</li>
<li>
<p>
- If the <code>"kty"</code> field of <var>result</var> is not present, or is not a
- string value, then <a href="#concept-return-an-error">return an error</a> named
- <a href="#dfn-DataError"><code>DataError</code></a>.
+ Let <var>key</var> be the result of converting <var>result</var> to the IDL dictionary
+ type of <a href="#dfn-JsonWebKey">JsonWebKey</a>.
</p>
</li>
<li>
<p>
- Return <var>result</var>.
+ If the <code>"kty"</code> field of <var>key</var> is not defined, then <a href="#concept-return-an-error">return an error</a> named <a href="#dfn-DataError"><code>DataError</code></a>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Return <var>key</var>.
</p>
</li>
</ol>
@@ -1083,7 +1085,7 @@
<span class="comment">// TBD: <a href="https://www.w3.org/2012/webcrypto/track/issues/35">ISSUE-35</a></span>
Promise<any> <a href="#dfn-SubtleCrypto-method-importKey">importKey</a>(<a href="#dfn-KeyFormat">KeyFormat</a> format,
- CryptoOperationData keyData,
+ object keyData,
<a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> algorithm,
boolean extractable,
sequence<<a href="#dfn-KeyUsage">KeyUsage</a>> keyUsages );
@@ -1158,7 +1160,7 @@
<dt><code>spki</code></dt>
<dd>The DER encoding of the SubjectPublicKeyInfo structure from <a href="#RFC5280">RFC 5280</a>.</dd>
<dt><code>jwk</code></dt>
- <dd>The key is represented as JSON according to the JSON Web Key format.</dd>
+ <dd>The key is a <a href="#dfn-JsonWebKey">JsonWebKey</a> dictionary encoded as a JavaScript object</dd>
</dl>
</dd>
</dl>
@@ -1919,12 +1921,25 @@
</p>
</li>
<li>
- <p>
- Let <var>keyData</var> be the result of
- <a href="#concept-clone-CryptoOperationData">cloning the data</a> of the
- <code>keyData</code> parameter passed to the
- <a href="#dfn-SubtleCrypto-method-importKey">importKey</a> method.
- </p>
+ <dl class="switch">
+ <dt>
+ If <var>format</var> is equal to the string <code>raw</code>,
+ <code>pkcs8</code>, or <code>spki</code>:
+ </dt>
+ <dd>
+ Let <var>keyData</var> be the result of
+ <a href="#concept-clone-CryptoOperationData">cloning the data</a> of the
+ <code>keyData</code> parameter passed to the
+ <a href="#dfn-SubtleCrypto-method-importKey">importKey</a> method.
+ </dd>
+ <dt>
+ If <var>format</var> is equal to the string <code>jwk</code>:
+ </dt>
+ <dd>
+ Let <var>keyData</var> be the result of converting the <code>keyData</code>
+ parameter passed to the <a href="#dfn-SubtleCrypto-method-importKey">importKey</a> method to a <a href="#dfn-JsonWebKey">JsonWebKey</a> dictionary.
+ </dd>
+ </dl>
</li>
<li>
<p>
@@ -2001,15 +2016,6 @@
</p>
</li>
</ol>
- <div class="ednote"><div class="ednoteHeader">Editorial note</div>
- <a href="https://www.w3.org/Bugs/Public/show_bug.cgi?id=24963">Bug 24963</a> -
- There is an open question as to whether/how to support importing
- keys when format is <code>jwk</code>. As currently specified, it is a
- JSON-encoded Javascript object, converted to a UTF-8 byte sequence, with the
- raw bytes provided via <code>CryptoOperationData</code>. A separate
- proposal exists to handle this via IDL, permitting importing JavaScript
- objects directly when importing with <code>jwk</code>.
- </div>
</div>
<div id="SubtleCrypto-method-exportKey" class="section">
@@ -2095,15 +2101,6 @@
</p>
</li>
</ol>
- <div class="ednote"><div class="ednoteHeader">Editorial note</div>
- <a href="https://www.w3.org/Bugs/Public/show_bug.cgi?id=24963">Bug 24963</a> -
- There is an open question as to whether/how to support exporting
- keys when format is <code>jwk</code>. As currently specified, the result
- is a JSON-encoded Javascript object, converted to a UTF-8 byte
- sequence, with the raw bytes provided via an ArrayBuffer. A separate
- proposal exists to return an actual Javascript object when exporting
- with <code>jwk</code>.
- </div>
</div>
<div id="SubtleCrypto-method-wrapKey" class="section">
@@ -2193,10 +2190,49 @@
</li>
<li>
<p>
- Let <var>bytes</var> be the result of performing the export key operation
+ Let <var>key</var> be the result of performing the export key operation
specified the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
<var>key</var> using <var>key</var> and <var>format</var>.
</p>
+ </li>
+ <li>
+ <dl class="switch">
+ <dt>
+ If <var>format</var> is equal to the strings <code>raw</code>, <code>pkcs8</code>,
+ or <code>spki</code>:
+ </dt>
+ <dd>
+ Set <var>bytes</var> be set to <var>key</var>.
+ </dd>
+ <dt>
+ If <var>format</var> is equal to the string <code>jwk</code>:
+ </dt>
+ <dd>
+ <ol>
+ <li>
+ <p>
+ Convert <var>key</var> to an ECMAScript Object, as specified in [
+ <a href="#WebIDL">WEBIDL</a>].
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>json</var> be the result of representing <var>key</var> as a
+ UTF-16 string conforming to the JSON grammar; for example, by executing
+ the <code>JSON.stringify</code> algorithm specified in
+ <a href="#ECMA-262">ECMA262</a>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>bytes</var> be the byte sequence the results from converting
+ <var>json</var>, a JavaScript String comprised of UTF-16 code points, to
+ UTF-8 code points.
+ </p>
+ </li>
+ </ol>
+ </dd>
+ </dl>
<div class="note"><div class="noteHeader">Note</div>
<p class="norm">
This note is non-normative.
@@ -2207,7 +2243,9 @@
length and RSA-OAEP places a restriction on the length. For key formats that
offer flexibility in serialization of a given key (for example JWK),
implementations may choose to adapt the serialization to the constraints of
- the wrapping algorithm.
+ the wrapping algorithm. This is why JSON.stringify is not normatively required,
+ as otherwise it would prohibit implementations from introducing added
+ padding.
</p>
</div>
</li>
@@ -2363,7 +2401,7 @@
<dl class="switch">
<dt>If <var>normalizedAlgorithm</var> supports an unwrap key operation:</dt>
<dd>
- Let <var>bytes</var> be the result of performing the unwrap key operation
+ Let <var>key</var> be the result of performing the unwrap key operation
specified by <var>normalizedAlgorithm</var> using <var>algorithm</var>,
<var>unwrappingKey</var> as <var>key</var> and <var>wrappedKey</var> as
<var>ciphertext</var>.
@@ -2373,7 +2411,7 @@
operation:
</dt>
<dd>
- Let <var>bytes</var> be the result of performing the decrypt operation specified
+ Let <var>key</var> be the result of performing the decrypt operation specified
by <var>normalizedAlgorithm</var> using <var>algorithm</var>,
<var>unwrappingKey</var> as <var>key</var> and <var>wrappedKey</var> as
<var>ciphertext</var>.
@@ -2386,6 +2424,25 @@
</dl>
</li>
<li>
+ <dl class="switch">
+ <dt>
+ If <var>format</var> is equal to the strings <code>raw</code>,
+ <code>pkcs8</code>, or <code>spki</code>:
+ </dt>
+ <dd>
+ Set <var>bytes</var> be set to <var>key</var>.
+ </dd>
+ <dt>
+ If <var>format</var> is equal to the string <code>jwk</code>:
+ </dt>
+ <dd>
+ Let <var>bytes</var> be the result of executing the
+ <a href="#concept-parse-a-jwk">parse a JWK</a> algorithm, withe <var>key</var>
+ as the <code>data</code> to be parsed.
+ </dd>
+ </dl>
+ </li>
+ <li>
<p>
Let <var>result</var> be the result of performing the import key operation
specified by <var>normalizedKeyAlgorithm</var> using
@@ -2470,9 +2527,56 @@
</div>
</div>
+ <div id="JsonWebKey-dictionary" class="section">
+ <h2>15. JsonWebKey dictionary</h2>
+ <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
+dictionary <dfn id="dfn-RsaOtherPrimesInfo">RsaOtherPrimesInfo</dfn> {
+ <span class="comment">// The following fields are defined in Section 6.3.2.7 of <a href="#jwa">JSON Web Algorithms</a></span>
+ DOMString r;
+ DOMString d;
+ DOMString t;
+};
+
+dictionary <dfn id="dfn-JsonWebKey">JsonWebKey</dfn> {
+ <span class="comment">// The following fields are defined in Section 3.1 of <a href="#jwk">JSON Web Key</a></span>
+ DOMString kty;
+ DOMString use;
+ sequence<DOMString> key_ops;
+ DOMString alg;
+
+ <span class="comment">// The following fields are defined in <a href="#iana-section-jwk">JSON Web Key Parameters Registration</a></span>
+ boolean ext;
+
+ <span class="comment">// The following fields are defined in Section 6 of <a href="#jwa">JSON Web Algorithms</a></span>
+ DOMString crv;
+ DOMString x;
+ DOMString y;
+ DOMString d;
+ DOMString n;
+ DOMString e;
+ DOMString p;
+ DOMString q;
+ DOMString dp;
+ DOMString dq;
+ DOMString qi;
+ sequence<RsaOtherPrimesInfo> oth;
+ DOMString k;
+};
+ </code></pre></div></div>
+ <div id="JsonWebKey-description">
+ <h3>Description</h3>
+ <p class="norm">The following section is non-normative</p>
+ <p>
+ The <a href="#dfn-JsonWebKey">JsonWebKey</a> dictionary provides a way to represent
+ and exchange cryptographic keys represented by the <a href="#JWK">JSON Web Key</a>
+ structure, while allowing native and efficient use within Web Cryptography API
+ applications.
+ </p>
+ </div>
+ </div>
<div id="WorkerCrypto-interface" class="section">
- <h2>15. WorkerCrypto interface</h2>
+ <h2>16. WorkerCrypto interface</h2>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
interface <dfn id="dfn-WorkerCrypto">WorkerCrypto</dfn> {
readonly attribute <a href="#dfn-SubtleCrypto">SubtleCrypto</a> <dfn id="dfn-WorkerCrypto-subtle">subtle</dfn>;
@@ -2485,7 +2589,7 @@
};
</code></pre></div></div>
<div id="WorkerCrypto-description" class="section">
- <h3>15.1. Description</h3>
+ <h3>16.1. Description</h3>
<p>
The <a href="#dfn-WorkerCrypto">WorkerCrypto</a> interface provides cryptographic
functionality for background scripts, as specified by Web Workers [
@@ -2495,7 +2599,7 @@
</div>
<div id="big-integer" class="section">
- <h2>16. BigInteger</h2>
+ <h2>17. BigInteger</h2>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
typedef Uint8Array <dfn id="dfn-BigInteger">BigInteger</dfn>;
</code></pre></div></div>
@@ -2515,7 +2619,7 @@
</div>
<div id="keypair" class="section">
- <h2>17. KeyPair</h2>
+ <h2>18. KeyPair</h2>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
interface <dfn id="dfn-CryptoKeyPair">CryptoKeyPair</dfn> {
readonly attribute <a href="#dfn-CryptoKey">CryptoKey</a> publicKey;
@@ -2529,7 +2633,7 @@
</div>
<div id="algorithms" class="section">
- <h2>18. Algorithms</h2>
+ <h2>19. Algorithms</h2>
<div class="ednote"><div class="ednoteHeader">Editorial note</div>
<p>
Note: All algorithms listed should be considered as "features at risk",
@@ -2544,7 +2648,7 @@
</p>
</div>
<div id="algorithms-index" class="section">
- <h3>18.1. Registered algorithms</h3>
+ <h3>19.1. Registered algorithms</h3>
<table>
<thead>
<tr>
@@ -2883,7 +2987,7 @@
</table>
</div>
<div id="recommended-algorithms" class="section">
- <h3>18.2. Recommended algorithms</h3>
+ <h3>19.2. Recommended algorithms</h3>
<p class="norm">This section is non-normative</p>
<p>
As the API is meant to be extensible in order to keep up with future developments within
@@ -2926,7 +3030,7 @@
</p>
</div>
<div id="defining-an-algorithm" class="section">
- <h3>18.3. Defining an algorithm</h3>
+ <h3>19.3. Defining an algorithm</h3>
<p>
Each algorithm that is to be exposed via the Web Cryptography API
<span class="RFC2119">SHOULD</span> be registered via the Web Cryptography working group,
@@ -2935,7 +3039,7 @@
<span class="RFC2119">MUST</span> be processed as if the sections had been defined.
</p>
<div id="recognized-algorithm-name" class="section">
- <h4>18.3.1. Recognized algorithm name</h4>
+ <h4>19.3.1. Recognized algorithm name</h4>
<p>
Each registered algorithm <span class="RFC2119">MUST</span> have a canonical name
for which applications can refer to the algorithm. The canonical name
@@ -2946,14 +3050,14 @@
</p>
</div>
<div id="supported-operations" class="section">
- <h4>18.3.2. Supported operations</h4>
+ <h4>19.3.2. Supported operations</h4>
<p>
Each registered algorithm <span class="RFC2119">MUST</span> define the operations
that it supports.
</p>
</div>
<div id="algorithm-specific-params" class="section">
- <h4>18.3.3. Algorithm-specific parameters</h4>
+ <h4>19.3.3. Algorithm-specific parameters</h4>
<p>
Each registered algorithm <span class="RFC2119">MUST</span> define the expected
parameters, if any, that should be exposed via the <a href="#dfn-Algorithm">Algorithm</a>
@@ -2961,7 +3065,7 @@
</p>
</div>
<div id="algorithm-result" class="section">
- <h4>18.3.4. Algorithm results</h4>
+ <h4>19.3.4. Algorithm results</h4>
<p>
Each registered algorithm <span class="RFC2119">MUST</span> define the contents
of the result of performing the underlying cryptographic operation for every
@@ -2969,7 +3073,7 @@
</p>
</div>
<div id="algorithm-alias" class="section">
- <h4>18.3.5. <dfn id="dfn-algorithm-alias">Algorithm aliases</dfn></h4>
+ <h4>19.3.5. <dfn id="dfn-algorithm-alias">Algorithm aliases</dfn></h4>
<p>
Each registered algorithm <span class="RFC2119">MAY</span> define one or more aliases
that may define a fully normalized <a href="#dfn-Algorithm">Algorithm</a> object.
@@ -2982,9 +3086,9 @@
</div>
<div id="rsaes-pkcs1" class="section">
- <h3>18.4. RSAES-PKCS1-v1_5</h3>
+ <h3>19.4. RSAES-PKCS1-v1_5</h3>
<div id="rsaes-pkcs1-description" class="section">
- <h4>18.4.1. Description</h4>
+ <h4>19.4.1. Description</h4>
<p>
The <code>"RSAES-PKCS1-v1_5"</code> algorithm identifier is used to perform encryption
and decryption ordering to the RSAES-PKCS1-v1_5 algorithm specified in
@@ -2992,7 +3096,7 @@
</p>
</div>
<div id="rsaes-pkcs1-registration" class="section">
- <h4>18.4.2. Registration</h4>
+ <h4>19.4.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
this algorithm is <code>"RSAES-PKCS1-v1_5"</code>.
@@ -3029,13 +3133,13 @@
<tr>
<td>exportKey</td>
<td>None</td>
- <td>ArrayBuffer</td>
+ <td>object</td>
</tr>
</tbody>
</table>
</div>
<div id="RsaKeyGenParams-dictionary" class="section">
- <h4>18.4.3. RsaKeyGenParams dictionary</h4>
+ <h4>19.4.3. RsaKeyGenParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-RsaKeyGenParams">RsaKeyGenParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// The length, in bits, of the RSA modulus</span>
@@ -3046,7 +3150,7 @@
</code></pre></div></div>
</div>
<div id="RsaKeyAlgorithm-interface" class="section">
- <h4>18.4.4. RsaKeyAlgorithm interface</h4>
+ <h4>19.4.4. RsaKeyAlgorithm interface</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
interface <dfn id="dfn-RsaKeyAlgorithm">RsaKeyAlgorithm</dfn> : <a href="#dfn-KeyAlgorithm">KeyAlgorithm</a> {
<span class="comment">// The length, in bits, of the RSA modulus</span>
@@ -3057,7 +3161,7 @@
</code></pre></div></div>
</div>
<div id="rsaes-pkcs1-operations" class="section">
- <h4>18.4.5. Operations</h4>
+ <h4>19.4.5. Operations</h4>
<dl>
<dt>Encrypt</dt>
<dd>
@@ -3420,9 +3524,8 @@
<ol>
<li>
<p>
- Let <var>jwk</var> be the result of running the
- <a href="#concept-parse-a-jwk">parse a jwk</a>
- algorithm over <var>keyData</var>.
+ Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary represented by <var>keyData</var>.
</p>
</li>
<li>
@@ -3586,7 +3689,7 @@
</li>
<li>
<p>
- Let <var>result</var> be the result of <a href="#dfn-encode-a-subjectPublicKeyInfo">encoding a
+ Let <var>data</var> be the result of <a href="#dfn-encode-a-subjectPublicKeyInfo">encoding a
subjectPublicKeyInfo</a> with the following properties:
</p>
<ul>
@@ -3620,6 +3723,12 @@
</li>
</ul>
</li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>array</var>.
+ </p>
+ </li>
</ol>
</dd>
<dt>If <var>format</var> is <code>"pkcs8"</code>:</dt>
@@ -3633,7 +3742,7 @@
</li>
<li>
<p>
- Let <var>result</var> be the result of <a href="#dfn-encode-a-privateKeyInfo"> encoding a privateKeyInfo</a>
+ Let <var>data</var> be the result of <a href="#dfn-encode-a-privateKeyInfo"> encoding a privateKeyInfo</a>
with the following properties:
</p>
<ul>
@@ -3679,25 +3788,34 @@
</li>
</ul>
</li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
</ol>
</dd>
<dt>If <var>format</var> is <code>"jwk"</code>:</dt>
<dd>
<ul>
<li>
- <p>Let <var>jwk</var> be a new internal object.</p>
- </li>
- <li>
- <p>Set the <code>kty</code> property of <var>jwk</var> to the string
+ <p>
+ Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary.
+ </p>
+ </li>
+ <li>
+ <p>Set the <code>kty</code> attribute of <var>jwk</var> to the string
<code>"RSA"</code>.</p>
</li>
<li>
- <p>Set the <code>alg</code> property of <var>jwk</var> to the string
+ <p>Set the <code>alg</code> attribute of <var>jwk</var> to the string
<code>"RSA1_5"</code>.</p>
</li>
<li>
<p>
- Set the properties <code>n</code> and <code>e</code> of <var>jwk</var>
+ Set the attributes <code>n</code> and <code>e</code> of <var>jwk</var>
according to the corresponding definitions in <a href="#jwa">JSON Web
Algorithms</a>, Section 6.3.1.
</p>
@@ -3712,7 +3830,7 @@
<ol>
<li>
<p>
- Set the properties named <code>d</code>, <code>p</code>,
+ Set the attributes named <code>d</code>, <code>p</code>,
<code>q</code>, <code>dp</code>, <code>dq</code>, and
<code>qi</code> of <var>jwk</var> according to the
corresponding definitions in <a href="#jwa">JSON Web
@@ -3723,7 +3841,7 @@
<p>
If the underlying RSA private key represented by
<var>key</var> is represented by more than two primes, set the
- member named <code>oth</code> of <var>jwk</var> according to
+ attribute named <code>oth</code> of <var>jwk</var> according to
the corresponding definition in <a href="#jwa">JSON Web
Algorithms</a>, Section 6.3.2.7
</p>
@@ -3734,26 +3852,19 @@
</li>
<li>
<p>
- Set the <code>key_ops</code> property of <var>jwk</var> to the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
- </p>
- </li>
- <li>
- <p>
- Set the <code>ext</code> property of <var>jwk</var> to the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
+ Set the <code>key_ops</code> attribute of <var>jwk</var> to the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <code>ext</code> attribute of <var>jwk</var> to the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
<var>key</var>.
</p>
</li>
<li>
<p>
- Let <var>stringifiedJwk</var> be the result of encoding
- <var>jwk</var> according to the grammar specified in Section 15.12 of
- <a href="#ECMA-262">ECMA262</a>.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var> be the UTF-8 encoding of
- <var>stringifiedJwk</var>.
+ Let <var>result</var> be the result of converting <var>jwk</var>
+ to an ECMAScript Object.
</p>
</li>
</ul>
@@ -3768,13 +3879,7 @@
</li>
<li>
<p>
- Let <var>data</var> be a new <code>ArrayBuffer</code> containing
- <var>result</var>.
- </p>
- </li>
- <li>
- <p>
- Return <var>data</var>.
+ Return <var>result</var>.
</p>
</li>
</ol>
@@ -3784,9 +3889,9 @@
</div>
<div id="rsassa-pkcs1" class="section">
- <h3>18.5. RSASSA-PKCS1-v1_5</h3>
+ <h3>19.5. RSASSA-PKCS1-v1_5</h3>
<div id="rsassa-pkcs1-description" class="section">
- <h4>18.5.1. Description</h4>
+ <h4>19.5.1. Description</h4>
<p>
The <code>"RSASSA-PKCS1-v1_5"</code> algorithm identifier is used to perform
signing and verification using the RSASSA-PKCS1-v1_5 algorithm specified in
@@ -3794,7 +3899,7 @@
</p>
</div>
<div id="rsassa-pkcs1-registration" class="section">
- <h4>18.5.2. Registration</h4>
+ <h4>19.5.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
this algorithm is <code>"RSASSA-PKCS1-v1_5"</code>.
@@ -3831,13 +3936,13 @@
<tr>
<td>exportKey</td>
<td>None</td>
- <td>ArrayBuffer</td>
+ <td>object</td>
</tr>
</tbody>
</table>
</div>
<div id="RsaHashedKeyGenParams-dictionary" class="section">
- <h4>18.5.3. RsaHashedKeyGenParams dictionary</h4>
+ <h4>19.5.3. RsaHashedKeyGenParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-RsaHashedKeyGenParams">RsaHashedKeyGenParams</dfn> : <a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a> {
<span class="comment">// The hash algorithm to use</span>
@@ -3846,7 +3951,7 @@
</code></pre></div></div>
</div>
<div id="RsaHashedKeyAlgorithm-interface" class="section">
- <h4>18.5.4. RsaHashedKeyAlgorithm interface</h4>
+ <h4>19.5.4. RsaHashedKeyAlgorithm interface</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
[NoInterfaceObject]
interface <dfn id="dfn-RsaHashedKeyAlgorithm">RsaHashedKeyAlgorithm</dfn> : <a href="#dfn-RsaKeyAlgorithm">RsaKeyAlgorithm</a> {
@@ -3856,7 +3961,7 @@
</code></pre></div></div>
</div>
<div id="RsaHashedImportParams-dictionary" class="section">
- <h4>18.5.5. RsaHashedImportParams dictionary</h4>
+ <h4>19.5.5. RsaHashedImportParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-RsaHashedImportParams">RsaHashedImportParams</dfn> {
<span class="comment">// The hash algorithm to use</span>
@@ -3871,7 +3976,7 @@
</div>
</div>
<div id="rsassa-pkcs1-operations" class="section">
- <h4>18.5.6. Operations</h4>
+ <h4>19.5.6. Operations</h4>
<dl>
<dt>Sign</dt>
<dd>
@@ -4414,9 +4519,8 @@
<ol>
<li>
<p>
- Let <var>jwk</var> be the result of running the
- <a href="#concept-parse-a-jwk">parse a jwk</a>
- algorithm over <var>keyData</var>.
+ Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary represented by <var>keyData</var>.
</p>
</li>
<li>
@@ -4639,7 +4743,7 @@
</li>
<li>
<p>
- Let <var>result</var> be the result of <a href="#dfn-encode-a-subjectPublicKeyInfo">encoding a
+ Let <var>data</var> be the result of <a href="#dfn-encode-a-subjectPublicKeyInfo">encoding a
subjectPublicKeyInfo</a> with the following properties:
</p>
<ul>
@@ -4673,6 +4777,12 @@
</li>
</ul>
</li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
</ol>
</dd>
<dt>If <var>format</var> is <code>"pkcs8"</code>:</dt>
@@ -4686,7 +4796,7 @@
</li>
<li>
<p>
- Let <var>result</var> be the result of <a href="#dfn-encode-a-privateKeyInfo"> encoding a privateKeyInfo</a>
+ Let <var>data</var> be the result of <a href="#dfn-encode-a-privateKeyInfo"> encoding a privateKeyInfo</a>
with the following properties:
</p>
<ul>
@@ -4732,16 +4842,22 @@
</li>
</ul>
</li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
</ol>
</dd>
<dt>If <var>format</var> is <code>"jwk"</code>:</dt>
<dd>
<ul>
<li>
- <p>Let <var>jwk</var> be a new internal object.</p>
- </li>
- <li>
- <p>Set the <code>kty</code> field of <var>jwk</var> to the string
+ <p>Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a> dictionary.</p>
+ </li>
+ <li>
+ <p>Set the <code>kty</code> attribute of <var>jwk</var> to the string
<code>"RSA"</code>.</p>
</li>
<li>
@@ -4756,28 +4872,28 @@
<dt>If <var>hash</var> is <code>SHA-1</code>:</dt>
<dd>
<p>
- Set the <code>alg</code> field of <var>jwk</var> to the string
+ Set the <code>alg</code> attribute of <var>jwk</var> to the string
<code>RS1</code>.
</p>
</dd>
<dt>If <var>hash</var> is <code>SHA-256</code>:</dt>
<dd>
<p>
- Set the <code>alg</code> field of <var>jwk</var> to the string
+ Set the <code>alg</code> attribute of <var>jwk</var> to the string
<code>RS256</code>.
</p>
</dd>
<dt>If <var>hash</var> is <code>SHA-384</code>:</dt>
<dd>
<p>
- Set the <code>alg</code> field of <var>jwk</var> to the string
+ Set the <code>alg</code> attribute of <var>jwk</var> to the string
<code>RS384</code>.
</p>
</dd>
<dt>If <var>hash</var> is <code>SHA-512</code>:</dt>
<dd>
<p>
- Set the <code>alg</code> field of <var>jwk</var> to the string
+ Set the <code>alg</code> attribute of <var>jwk</var> to the string
<code>RS512</code>.
</p>
</dd>
@@ -4791,12 +4907,12 @@
</dl>
</li>
<li>
- <p>Set the <code>alg</code> field of <var>jwk</var> to the string
- <code>"RSA1_5"</code>.</p>
- </li>
- <li>
- <p>
- Set the fields <code>n</code> and <code>e</code> of <var>jwk</var>
+ <p>Set the <code>alg</code> attribute of <var>jwk</var> to the string
+ <code>RSA1_5</code>.</p>
+ </li>
+ <li>
+ <p>
+ Set the attributes <code>n</code> and <code>e</code> of <var>jwk</var>
according to the corresponding definitions in <a href="#jwa">JSON Web
Algorithms</a>, Section 6.3.1.
</p>
@@ -4811,7 +4927,7 @@
<ol>
<li>
<p>
- Set the fields named <code>d</code>, <code>p</code>,
+ Set the attributes named <code>d</code>, <code>p</code>,
<code>q</code>, <code>dp</code>, <code>dq</code>, and
<code>qi</code> of <var>jwk</var> according to the
corresponding definitions in <a href="#jwa">JSON Web
@@ -4822,7 +4938,7 @@
<p>
If the underlying RSA private key represented by
<var>key</var> is represented by more than two primes, set the
- field named <code>oth</code> of <var>jwk</var> according to
+ attribute named <code>oth</code> of <var>jwk</var> according to
the corresponding definition in <a href="#jwa">JSON Web
Algorithms</a>, Section 6.3.2.7
</p>
@@ -4833,26 +4949,19 @@
</li>
<li>
<p>
- Set the <code>key_ops</code> field of <var>jwk</var> to the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
- </p>
- </li>
- <li>
- <p>
- Set the <code>ext</code> field of <var>jwk</var> to the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
+ Set the <code>key_ops</code> attribute of <var>jwk</var> to the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <code>ext</code> attribute of <var>jwk</var> to the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
<var>key</var>.
</p>
</li>
<li>
<p>
- Let <var>stringifiedJwk</var> be the result of encoding
- <var>jwk</var> according to the grammar specified in Section 15.12 of
- <a href="#ECMA-262">ECMA262</a>.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var> be the UTF-8 encoding of
- <var>stringifiedJwk</var>.
+ Let <var>result</var> be the result of converting <var>jwk</var>
+ to an ECMAScript Object.
</p>
</li>
</ul>
@@ -4868,13 +4977,7 @@
</li>
<li>
<p>
- Let <var>data</var> be a new <code>ArrayBuffer</code> containing
- <var>result</var>.
- </p>
- </li>
- <li>
- <p>
- Return <var>data</var>.
+ Return <var>result</var>.
</p>
</li>
</ol>
@@ -4884,9 +4987,9 @@
</div>
<div id="rsa-pss" class="section">
- <h3>18.6. RSA-PSS</h3>
+ <h3>19.6. RSA-PSS</h3>
<div id="rsa-pss-description" class="section">
- <h4>18.6.1. Description</h4>
+ <h4>19.6.1. Description</h4>
<p>
The <code>"RSA-PSS"</code> algorithm identifier is used to perform signing
and verification using the RSASSA-PSS algorithm specified in
@@ -4895,7 +4998,7 @@
</p>
</div>
<div id="rsa-pss-registration" class="section">
- <h4>18.6.2. Registration</h4>
+ <h4>19.6.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
this algorithm is <code>"RSA-PSS"</code>.
@@ -4932,13 +5035,13 @@
<tr>
<td>exportKey</td>
<td>None</td>
- <td>ArrayBuffer</td>
+ <td>object</td>
</tr>
</tbody>
</table>
</div>
<div id="RsaPssParams-dictionary" class="section">
- <h4>18.6.3. RsaPssParams dictionary</h4>
+ <h4>19.6.3. RsaPssParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-RsaPssParams">RsaPssParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// The desired length of the random salt</span>
@@ -4947,7 +5050,7 @@
</code></pre></div></div>
</div>
<div id="rsa-pss-operations" class="section">
- <h4>18.6.4. Operations</h4>
+ <h4>19.6.4. Operations</h4>
<dl>
<dt>Sign</dt>
<dd>
@@ -5637,9 +5740,8 @@
<ol>
<li>
<p>
- Let <var>jwk</var> be the result of running the
- <a href="#concept-parse-a-jwk">parse a jwk</a>
- algorithm over <var>keyData</var>.
+ Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary represented by <var>keyData</var>.
</p>
</li>
<li>
@@ -5862,7 +5964,7 @@
</li>
<li>
<p>
- Let <var>result</var> be the result of <a href="#dfn-encode-a-subjectPublicKeyInfo">encoding a
+ Let <var>data</var> be the result of <a href="#dfn-encode-a-subjectPublicKeyInfo">encoding a
subjectPublicKeyInfo</a> with the following properties:
</p>
<ul>
@@ -5989,6 +6091,12 @@
</li>
</ul>
</li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
</ol>
</dd>
<dt>If <var>format</var> is <code>"pkcs8"</code>:</dt>
@@ -6002,7 +6110,7 @@
</li>
<li>
<p>
- Let <var>result</var> be the result of <a href="#dfn-encode-a-privateKeyInfo"> encoding a privateKeyInfo</a>
+ Let <var>data</var> be the result of <a href="#dfn-encode-a-privateKeyInfo"> encoding a privateKeyInfo</a>
with the following properties:
</p>
<ul>
@@ -6141,16 +6249,22 @@
</li>
</ul>
</li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
</ol>
</dd>
<dt>If <var>format</var> is <code>"jwk"</code>:</dt>
<dd>
<ul>
<li>
- <p>Let <var>jwk</var> be a new internal object.</p>
- </li>
- <li>
- <p>Set the <code>kty</code> field of <var>jwk</var> to the string
+ <p>Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a> dictionary.</p>
+ </li>
+ <li>
+ <p>Set the <code>kty</code> attribute of <var>jwk</var> to the string
<code>"RSA"</code>.</p>
</li>
<li>
@@ -6166,28 +6280,28 @@
<dt>If <var>hash</var> is <code>SHA-1</code>:</dt>
<dd>
<p>
- Set the <code>alg</code> field of <var>jwk</var> to the string
+ Set the <code>alg</code> attribute of <var>jwk</var> to the string
<code>PS1</code>.
</p>
</dd>
<dt>If <var>hash</var> is <code>SHA-256</code>:</dt>
<dd>
<p>
- Set the <code>alg</code> field of <var>jwk</var> to the string
+ Set the <code>alg</code> attribute of <var>jwk</var> to the string
<code>PS256</code>.
</p>
</dd>
<dt>If <var>hash</var> is <code>SHA-384</code>:</dt>
<dd>
<p>
- Set the <code>alg</code> field of <var>jwk</var> to the string
+ Set the <code>alg</code> attribute of <var>jwk</var> to the string
<code>PS384</code>.
</p>
</dd>
<dt>If <var>hash</var> is <code>SHA-512</code>:</dt>
<dd>
<p>
- Set the <code>alg</code> field of <var>jwk</var> to the string
+ Set the <code>alg</code> attribute of <var>jwk</var> to the string
<code>PS512</code>.
</p>
</dd>
@@ -6202,7 +6316,7 @@
</li>
<li>
<p>
- Set the fields <code>n</code> and <code>e</code> of <var>jwk</var>
+ Set the attributes <code>n</code> and <code>e</code> of <var>jwk</var>
according to the corresponding definitions in <a href="#jwa">JSON Web
Algorithms</a>, Section 6.3.1.
</p>
@@ -6217,7 +6331,7 @@
<ol>
<li>
<p>
- Set the fields named <code>d</code>, <code>p</code>,
+ Set the attributes named <code>d</code>, <code>p</code>,
<code>q</code>, <code>dp</code>, <code>dq</code>, and
<code>qi</code> of <var>jwk</var> according to the
corresponding definitions in <a href="#jwa">JSON Web
@@ -6228,7 +6342,7 @@
<p>
If the underlying RSA private key represented by
<var>key</var> is represented by more than two primes, set the
- field named <code>oth</code> of <var>jwk</var> according to
+ attribute named <code>oth</code> of <var>jwk</var> according to
the corresponding definition in <a href="#jwa">JSON Web
Algorithms</a>, Section 6.3.2.7
</p>
@@ -6239,26 +6353,19 @@
</li>
<li>
<p>
- Set the <code>key_ops</code> field of <var>jwk</var> to the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
- </p>
- </li>
- <li>
- <p>
- Set the <code>ext</code> field of <var>jwk</var> to the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
+ Set the <code>key_ops</code> attribute of <var>jwk</var> to the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <code>ext</code> attribute of <var>jwk</var> to the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
<var>key</var>.
</p>
</li>
<li>
<p>
- Let <var>stringifiedJwk</var> be the result of encoding
- <var>jwk</var> according to the grammar specified in Section 15.12 of
- <a href="#ECMA-262">ECMA262</a>.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var> be the UTF-8 encoding of
- <var>stringifiedJwk</var>.
+ Let <var>result</var> be the result of converting <var>jwk</var>
+ to an ECMAScript Object.
</p>
</li>
</ul>
@@ -6274,13 +6381,7 @@
</li>
<li>
<p>
- Let <var>data</var> be a new <code>ArrayBuffer</code> containing
- <var>result</var>.
- </p>
- </li>
- <li>
- <p>
- Return <var>data</var>.
+ Return <var>result</var>.
</p>
</li>
</ol>
@@ -6290,9 +6391,9 @@
</div>
<div id="rsa-oaep" class="section">
- <h3>18.7. RSA-OAEP</h3>
+ <h3>19.7. RSA-OAEP</h3>
<div id="rsa-oaep-description" class="section">
- <h4>18.7.1. Description</h4>
+ <h4>19.7.1. Description</h4>
<p>
The <code>"RSA-OAEP"</code> algorithm identifier is used to perform encryption
and decryption ordering to the RSAES-OAEP algorithm specified in
@@ -6301,7 +6402,7 @@
</p>
</div>
<div id="rsa-oaep-registration" class="section">
- <h4>18.7.2. Registration</h4>
+ <h4>19.7.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
this algorithm is <code>"RSA-OAEP"</code>.
@@ -6338,14 +6439,14 @@
<tr>
<td>exportKey</td>
<td>None</td>
- <td>ArrayBuffer</td>
+ <td>object</td>
</tr>
</tbody>
</table>
</div>
<div id="rsa-oaep-params" class="section">
- <h4>18.7.3. RsaOaepParams dictionary</h4>
+ <h4>19.7.3. RsaOaepParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-RsaOaepParams">RsaOaepParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// The optional label/application data to associate with the message</span>
@@ -6354,7 +6455,7 @@
</code></pre></div></div>
</div>
<div id="rsa-oaep-operations" class="section">
- <h4>18.7.4. Operations</h4>
+ <h4>19.7.4. Operations</h4>
<dl>
<dt>Encrypt</dt>
<dd>
@@ -7046,9 +7147,8 @@
<ol>
<li>
<p>
- Let <var>jwk</var> be the result of running the
- <a href="#concept-parse-a-jwk">parse a jwk</a>
- algorithm over <var>keyData</var>.
+ Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary represented by <var>keyData</var>.
</p>
</li>
<li>
@@ -7248,7 +7348,7 @@
</li>
<li>
<p>
- Let <var>result</var> be the result of <a href="#dfn-encode-a-subjectPublicKeyInfo">encoding a
+ Let <var>data</var> be the result of <a href="#dfn-encode-a-subjectPublicKeyInfo">encoding a
subjectPublicKeyInfo</a> with the following properties:
</p>
<ul>
@@ -7367,6 +7467,12 @@
</li>
</ul>
</li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
</ol>
</dd>
<dt>If <var>format</var> is <code>"pkcs8"</code>:</dt>
@@ -7380,7 +7486,7 @@
</li>
<li>
<p>
- Let <var>result</var> be the result of <a href="#dfn-encode-a-privateKeyInfo"> encoding a privateKeyInfo</a>
+ Let <var>data</var> be the result of <a href="#dfn-encode-a-privateKeyInfo"> encoding a privateKeyInfo</a>
with the following properties:
</p>
<ul>
@@ -7511,17 +7617,26 @@
</li>
</ul>
</li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
</ol>
</dd>
<dt>If <var>format</var> is <code>"jwk"</code>:</dt>
<dd>
<ul>
<li>
- <p>Let <var>jwk</var> be a new internal object.</p>
- </li>
- <li>
- <p>
- Set the <code>kty</code> field of <var>jwk</var> to the string
+ <p>
+ Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <code>kty</code> attribute of <var>jwk</var> to the string
<code>"RSA"</code>.
</p>
</li>
@@ -7535,7 +7650,7 @@
</dt>
<dd>
<p>
- Set the <code>alg</code> field of <var>jwk</var> to the string
+ Set the <code>alg</code> attribute of <var>jwk</var> to the string
<code>"RSA-OAEP"</code>.
</p>
</dd>
@@ -7547,7 +7662,7 @@
</dt>
<dd>
<p>
- Set the <code>alg</code> field of <var>jwk</var> to the string
+ Set the <code>alg</code> attribute of <var>jwk</var> to the string
<code>"RSA-OAEP-256"</code>.
</p>
</dd>
@@ -7559,7 +7674,7 @@
</dt>
<dd>
<p>
- Set the <code>alg</code> field of <var>jwk</var> to the string
+ Set the <code>alg</code> attribute of <var>jwk</var> to the string
<code>"RSA-OAEP-384"</code>.
</p>
</dd>
@@ -7571,7 +7686,7 @@
</dt>
<dd>
<p>
- Set the <code>alg</code> field of <var>jwk</var> to the string
+ Set the <code>alg</code> attribute of <var>jwk</var> to the string
<code>"RSA-OAEP-512"</code>.
</p>
</dd>
@@ -7579,7 +7694,7 @@
</li>
<li>
<p>
- Set the fields <code>n</code> and <code>e</code> of <var>jwk</var>
+ Set the attributes <code>n</code> and <code>e</code> of <var>jwk</var>
according to the corresponding definitions in <a href="#jwa">JSON Web
Algorithms</a>, Section 6.3.1.
</p>
@@ -7594,7 +7709,7 @@
<ol>
<li>
<p>
- Set the fields named <code>d</code>, <code>p</code>,
+ Set the attributes named <code>d</code>, <code>p</code>,
<code>q</code>, <code>dp</code>, <code>dq</code>, and
<code>qi</code> of <var>jwk</var> according to the
corresponding definitions in <a href="#jwa">JSON Web
@@ -7605,7 +7720,7 @@
<p>
If the underlying RSA private key represented by
<var>key</var> is represented by more than two primes, set the
- field named <code>oth</code> of <var>jwk</var> according to
+ attribute named <code>oth</code> of <var>jwk</var> according to
the corresponding definition in <a href="#jwa">JSON Web
Algorithms</a>, Section 6.3.2.7
</p>
@@ -7616,26 +7731,19 @@
</li>
<li>
<p>
- Set the <code>key_ops</code> field of <var>jwk</var> to the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
- </p>
- </li>
- <li>
- <p>
- Set the <code>ext</code> field of <var>jwk</var> to the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
+ Set the <code>key_ops</code> attribute of <var>jwk</var> to the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <code>ext</code> attribute of <var>jwk</var> to the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
<var>key</var>.
</p>
</li>
<li>
<p>
- Let <var>stringifiedJwk</var> be the result of encoding
- <var>jwk</var> according to the grammar specified in Section 15.12 of
- <a href="#ECMA-262">ECMA262</a>.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var> be the UTF-8 encoding of
- <var>stringifiedJwk</var>.
+ Let <var>result</var> be the result of converting <var>jwk</var>
+ to an ECMAScript Object.
</p>
</li>
</ul>
@@ -7651,13 +7759,7 @@
</li>
<li>
<p>
- Let <var>data</var> be a new <code>ArrayBuffer</code> containing
- <var>result</var>.
- </p>
- </li>
- <li>
- <p>
- Return <var>data</var>.
+ Return <var>result</var>.
</p>
</li>
</ol>
@@ -7667,9 +7769,9 @@
</div>
<div id="ecdsa" class="section">
- <h3>18.8. ECDSA</h3>
+ <h3>19.8. ECDSA</h3>
<div id="ecdsa-description" class="section">
- <h4>18.8.1. Description</h4>
+ <h4>19.8.1. Description</h4>
<p>
The <code>"ECDSA"</code> algorithm identifier is used to perform signing
and verification using the ECDSA algorithm specified in
@@ -7677,7 +7779,7 @@
</p>
</div>
<div id="ecdsa-registration" class="section">
- <h4>18.8.2. Registration</h4>
+ <h4>19.8.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
this algorithm is <code>"ECDSA"</code>.
@@ -7714,14 +7816,14 @@
<tr>
<td>exportKey</td>
<td>None</td>
- <td>ArrayBuffer</td>
+ <td>object</td>
</tr>
</tbody>
</table>
</div>
<div id="EcdsaParams-dictionary" class="section">
- <h4>18.8.3. EcdsaParams dictionary</h4>
+ <h4>19.8.3. EcdsaParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-EcdsaParams">EcdsaParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// The hash algorithm to use</span>
@@ -7730,7 +7832,7 @@
</code></pre></div></div>
</div>
<div id="EcKeyGenParams-dictionary" class="section">
- <h4>18.8.4. EcKeyGenParams dictionary</h4>
+ <h4>19.8.4. EcKeyGenParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
typedef DOMString <a href="#dfn-NamedCurve">NamedCurve</a>;
@@ -7754,7 +7856,7 @@
</dl>
</div>
<div id="EcKeyAlgorithm-interface" class="section">
- <h4>18.8.5. EcKeyAlgorithm interface</h4>
+ <h4>19.8.5. EcKeyAlgorithm interface</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
[NoInterfaceObject]
interface <dfn id="dfn-EcKeyAlgorithm">EcKeyAlgorithm</dfn> : <a href="#dfn-KeyAlgorithm">KeyAlgorithm</a> {
@@ -7764,7 +7866,7 @@
</code></pre></div></div>
</div>
<div id="EcKeyImportParams-dictionary" class="section">
- <h4>18.8.6. EcKeyImportParams dictionary</h4>
+ <h4>19.8.6. EcKeyImportParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-EcKeyImportParams">EcKeyImportParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// A named curve</span>
@@ -7774,7 +7876,7 @@
</div>
<div id="ecdsa-operations" class="section">
- <h4>18.8.7. Operations</h4>
+ <h4>19.8.7. Operations</h4>
<dl>
<dt>Sign</dt>
<dd>
@@ -8425,9 +8527,8 @@
<ol>
<li>
<p>
- Let <var>jwk</var> be the result of running the
- <a href="#concept-parse-a-jwk">parse a JWK</a> algorithm over
- <var>keyData</var>.
+ Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary represented by <var>keyData</var>.
</p>
</li>
<li>
@@ -8637,7 +8738,7 @@
</li>
<li>
<p>
- Let <var>result</var> be the result of <a href="#concept-encode-a-subjectPublicKeyInfo">encoding a
+ Let <var>data</var> be the result of <a href="#concept-encode-a-subjectPublicKeyInfo">encoding a
subjectPublicKeyInfo</a> with the following properties:
</p>
<ul>
@@ -8711,6 +8812,12 @@
</li>
</ul>
</li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
</ol>
</dd>
<dt>If <var>format</var> is <code>"pkcs8"</code>:</dt>
@@ -8724,7 +8831,7 @@
</li>
<li>
<p>
- Let <var>result</var> be the result of <a href="#concept-encode-a-privateKeyInfo">encoding a
+ Let <var>data</var> be the result of <a href="#concept-encode-a-privateKeyInfo">encoding a
privateKeyInfo</a> with the following properties:
</p>
<ul>
@@ -8820,6 +8927,12 @@
</li>
</ul>
</li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
</ol>
</dd>
<dt>If <var>format</var> is <code>"jwk"</code>:</dt>
@@ -8827,12 +8940,13 @@
<ol>
<li>
<p>
- Let <var>jwk</var> be a new internal object.
- </p>
- </li>
- <li>
- <p>
- Set the <code>kty</code> property of <var>jwk</var> to
+ Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <code>kty</code> attribute of <var>jwk</var> to
<code>"EC"</code>.
</p>
</li>
@@ -8844,7 +8958,7 @@
attribute of <var>key</var> is <code>P-256</code>:
</dt>
<dd>
- Set the <code>crv</code> property of <var>jwk</var> to
+ Set the <code>crv</code> attribute of <var>jwk</var> to
<code>"P-256"</code>
</dd>
<dt>
@@ -8853,7 +8967,7 @@
attribute of <var>key</var> is <code>P-384</code>:
</dt>
<dd>
- Set the <code>crv</code> property of <var>jwk</var> to
+ Set the <code>crv</code> attribute of <var>jwk</var> to
<code>"P-384"</code>
</dd>
<dt>
@@ -8862,21 +8976,21 @@
attribute of <var>key</var> is <code>P-521</code>:
</dt>
<dd>
- Set the <code>crv</code> property of <var>jwk</var> to
+ Set the <code>crv</code> attribute of <var>jwk</var> to
<code>"P-521"</code>
</dd>
</dl>
</li>
<li>
<p>
- Set the <code>x</code> property of <var>jwk</var> according to the
+ Set the <code>x</code> attribute of <var>jwk</var> according to the
definition in Section 6.2.1.2 of <a href="#jwa">JSON Web
Algorithms</a>.
</p>
</li>
<li>
<p>
- Set the <code>y</code> property of <var>jwk</var> according to the
+ Set the <code>y</code> attribute of <var>jwk</var> according to the
definition in Section 6.2.1.3 of <a href="#jwa">JSON Web
Algorithms</a>.
</p>
@@ -8889,7 +9003,7 @@
</dt>
<dd>
<p>
- Set the <code>d</code> property of <var>jwk</var> according to the
+ Set the <code>d</code> attribute of <var>jwk</var> according to the
definition in Section 6.2.2.1 of <a href="#jwa">JSON Web
Algorithms</a>.
</p>
@@ -8898,27 +9012,20 @@
</li>
<li>
<p>
- Set the <code>key_ops</code> property of <var>jwk</var> to the
+ Set the <code>key_ops</code> attribute of <var>jwk</var> to the
<a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
</p>
</li>
<li>
<p>
- Set the <code>ext</code> property of <var>jwk</var> to the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
+ Set the <code>ext</code> attribute of <var>jwk</var> to the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
<var>key</var>.
</p>
</li>
<li>
<p>
- Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
- into a string according to the grammar specified in Section 15.12 of
- <a href="#ECMA-262">ECMA262</a>.
- </p>
- </li>
- <li>
- <p>
- Let <var>data</var> be the UTF-8 encoding of
- <var>stringifiedJwk</var>.
+ Let <var>result</var> be the result of converting <var>jwk</var>
+ to an ECMAScript Object.
</p>
</li>
</ol>
@@ -8934,13 +9041,7 @@
</li>
<li>
<p>
- Let <var>data</var> be a new <code>ArrayBuffer</code> that contains
- <var>result</var>.
- </p>
- </li>
- <li>
- <p>
- Return <var>data</var>.
+ Return <var>result</var>.
</p>
</li>
</ol>
@@ -8950,16 +9051,16 @@
</div>
<div id="ecdh" class="section">
- <h3>18.9. ECDH</h3>
+ <h3>19.9. ECDH</h3>
<div id="ecdh-description" class="section">
- <h4>18.9.1. Description</h4>
+ <h4>19.9.1. Description</h4>
<p>
This describes using Elliptic Curve Diffie-Hellman (ECDH) for key generation and key
agreement, as specified by <a href="#X9.63">X9.63</a>.
</p>
</div>
<div id="ecdh-registration" class="section">
- <h4>18.9.2. Registration</h4>
+ <h4>19.9.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
this algorithm is <code>"ECDH"</code>.
@@ -8991,13 +9092,13 @@
<tr>
<td>exportKey</td>
<td>None</td>
- <td>ArrayBuffer</td>
+ <td>object</td>
</tr>
</tbody>
</table>
</div>
<div id="dh-EcdhKeyDeriveParams" class="section">
- <h4>18.9.3. EcdhKeyDeriveParams dictionary</h4>
+ <h4>19.9.3. EcdhKeyDeriveParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
typedef Uint8Array <dfn id="dfn-ECPoint">ECPoint</dfn>;
@@ -9008,7 +9109,7 @@
</code></pre></div></div>
</div>
<div id="ecdh-operations" class="section">
- <h4>18.9.4. Operations</h4>
+ <h4>19.9.4. Operations</h4>
<dl>
<dt>Generate Key</dt>
<dd>
@@ -9585,9 +9686,8 @@
<ol>
<li>
<p>
- Let <var>jwk</var> be the result of running the
- <a href="#concept-parse-a-jwk">parse a JWK</a> algorithm over
- <var>keyData</var>.
+ Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary represented by <var>keyData</var>.
</p>
</li>
<li>
@@ -10039,12 +10139,13 @@
<ol>
<li>
<p>
- Let <var>jwk</var> be a new internal object.
- </p>
- </li>
- <li>
- <p>
- Set the <code>kty</code> property of <var>jwk</var> to
+ Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <code>kty</code> attribute of <var>jwk</var> to
<code>"EC"</code>.
</p>
</li>
@@ -10056,7 +10157,7 @@
attribute of <var>key</var> is <code>P-256</code>:
</dt>
<dd>
- Set the <code>crv</code> property of <var>jwk</var> to
+ Set the <code>crv</code> attribute of <var>jwk</var> to
<code>"P-256"</code>
</dd>
<dt>
@@ -10065,7 +10166,7 @@
attribute of <var>key</var> is <code>P-384</code>:
</dt>
<dd>
- Set the <code>crv</code> property of <var>jwk</var> to
+ Set the <code>crv</code> attribute of <var>jwk</var> to
<code>"P-384"</code>
</dd>
<dt>
@@ -10074,21 +10175,21 @@
attribute of <var>key</var> is <code>P-521</code>:
</dt>
<dd>
- Set the <code>crv</code> property of <var>jwk</var> to
+ Set the <code>crv</code> attribute of <var>jwk</var> to
<code>"P-521"</code>
</dd>
</dl>
</li>
<li>
<p>
- Set the <code>x</code> property of <var>jwk</var> according to the
+ Set the <code>x</code> attribute of <var>jwk</var> according to the
definition in Section 6.2.1.2 of <a href="#jwa">JSON Web
Algorithms</a>.
</p>
</li>
<li>
<p>
- Set the <code>y</code> property of <var>jwk</var> according to the
+ Set the <code>y</code> attribute of <var>jwk</var> according to the
definition in Section 6.2.1.3 of <a href="#jwa">JSON Web
Algorithms</a>.
</p>
@@ -10101,7 +10202,7 @@
</dt>
<dd>
<p>
- Set the <code>d</code> property of <var>jwk</var> according to the
+ Set the <code>d</code> attribute of <var>jwk</var> according to the
definition in Section 6.2.2.1 of <a href="#jwa">JSON Web
Algorithms</a>.
</p>
@@ -10110,27 +10211,20 @@
</li>
<li>
<p>
- Set the <code>key_ops</code> property of <var>jwk</var> to the
+ Set the <code>key_ops</code> attribute of <var>jwk</var> to the
<a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
</p>
</li>
<li>
<p>
- Set the <code>ext</code> property of <var>jwk</var> to the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
+ Set the <code>ext</code> attribute of <var>jwk</var> to the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
<var>key</var>.
</p>
</li>
<li>
<p>
- Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
- into a string according to the grammar specified in Section 15.12 of
- <a href="#ECMA-262">ECMA262</a>.
- </p>
- </li>
- <li>
- <p>
- Let <var>data</var> be the UTF-8 encoding of
- <var>stringifiedJwk</var>.
+ Let <var>result</var> be the result of converting <var>jwk</var>
+ to an ECMAScript Object.
</p>
</li>
</ol>
@@ -10152,6 +10246,12 @@
point <var>Q</var> represented by <var>key</var> according to <a href="#X9.62">X9.62</a> Annex A.
</p>
</li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
</ol>
</dd>
<dt>Otherwise:</dt>
@@ -10165,13 +10265,7 @@
</li>
<li>
<p>
- Let <var>data</var> be a new <code>ArrayBuffer</code> that contains
- <var>result</var>.
- </p>
- </li>
- <li>
- <p>
- Return <var>data</var>.
+ Return <var>result</var>.
</p>
</li>
</ol>
@@ -10181,9 +10275,9 @@
</div>
<div id="aes-ctr" class="section">
- <h3>18.10. AES-CTR</h3>
+ <h3>19.10. AES-CTR</h3>
<div id="aes-ctr-description" class="section">
- <h4>18.10.1. Description</h4>
+ <h4>19.10.1. Description</h4>
<p class="norm">This section is non-normative.</p>
<p>
The <code>"AES-CTR"</code> algorithm identifier is used to perform
@@ -10192,7 +10286,7 @@
</p>
</div>
<div id="aes-ctr-registration" class="section">
- <h4>18.10.2. Registration</h4>
+ <h4>19.10.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
this algorithm is <code>"AES-CTR"</code>.
@@ -10229,7 +10323,7 @@
<tr>
<td>exportKey</td>
<td>None</td>
- <td>ArrayBuffer</td>
+ <td>object</td>
</tr>
<tr>
<td>get key length</td>
@@ -10241,7 +10335,7 @@
</div>
<div id="aes-ctr-params" class="section">
- <h4>18.10.3. AesCtrParams dictionary</h4>
+ <h4>19.10.3. AesCtrParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-AesCtrParams">AesCtrParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// The initial value of the counter block. counter <span class="RFC2119">MUST</span> be 16 bytes
@@ -10268,7 +10362,7 @@
</code></pre></div></div>
</div>
<div id="aes-keygen-params" class="section">
- <h4>18.10.5. AesKeyGenParams dictionary</h4>
+ <h4>19.10.5. AesKeyGenParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-AesKeyGenParams">AesKeyGenParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// The length, in bits, of the key.</span>
@@ -10277,7 +10371,7 @@
</code></pre></div></div>
</div>
<div id="aes-derivedkey-params" class="section">
- <h4>18.10.6. AesDerivedKeyParams dictionary</h4>
+ <h4>19.10.6. AesDerivedKeyParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-AesDerivedKeyParams">AesDerivedKeyParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// The length, in bits, of the key.</span>
@@ -10287,7 +10381,7 @@
</div>
<div id="aes-ctr-operations" class="section">
- <h4>18.10.7. Operations</h4>
+ <h4>19.10.7. Operations</h4>
<dl>
<dt>Encrypt</dt>
<dd>
@@ -10537,9 +10631,8 @@
<ol>
<li>
<p>
- Let <var>jwk</var> be the result of running the
- <a href="#concept-parse-a-jwk">parse a jwk</a>
- algorithm over <var>keyData</var>.
+ Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary represented by <var>keyData</var>.
</p>
</li>
<li>
@@ -10679,26 +10772,39 @@
<dl class="switch">
<dt>If <var>format</var> is <code>"raw"</code>:</dt>
<dd>
- Let <var>data</var> be the raw octets of the key represented by
- <var>key</var>.
+ <ol>
+ <li>
+ <p>
+ Let <var>data</var> be the raw octets of the key represented by
+ <var>key</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
+ </ol>
</dd>
<dt>If <var>format</var> is <code>"jwk"</code>:</dt>
<dd>
<ol>
<li>
<p>
- Let <var>jwk</var> be a new internal object.
- </p>
- </li>
- <li>
- <p>
- Set the <code>kty</code> property of <var>jwk</var> to the
+ Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <code>kty</code> attribute of <var>jwk</var> to the
string <code>"oct"</code>.
</p>
</li>
<li>
<p>
- Set the <code>k</code> property of <var>jwk</var> to be a string
+ Set the <code>k</code> attribute of <var>jwk</var> to be a string
containing the raw octets
of the key represented by <var>key</var>, encoded according to
Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>.
@@ -10708,42 +10814,35 @@
<dl class="switch">
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 128:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A128CTR"</code>.</dd>
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 192:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A192CTR"</code>.</dd>
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 256:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A256CTR"</code>.</dd>
</dl>
</li>
<li>
<p>
- Set the <code>key_ops</code> property of <var>jwk</var> to equal the
+ Set the <code>key_ops</code> attribute of <var>jwk</var> to equal the
<a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
</p>
</li>
<li>
<p>
- Set the <code>ext</code> property of <var>jwk</var> to equal the
+ Set the <code>ext</code> attribute of <var>jwk</var> to equal the
<a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
<var>key</var>.
</p>
</li>
<li>
<p>
- Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
- into a string according to the grammar specified in Section 15.12 of
- <a href="#ECMA-262">ECMA262</a>.
- </p>
- </li>
- <li>
- <p>
- Let <var>data</var> be the UTF-8 encoding of
- <var>stringifiedJwk</var>.
+ Let <var>result</var> be the result of converting <var>jwk</var>
+ to an ECMAScript Object.
</p>
</li>
</ol>
@@ -10752,12 +10851,7 @@
</li>
<li>
<p>
- Let <var>keyData</var> be a new ArrayBuffer containing <var>data</var>.
- </p>
- </li>
- <li>
- <p>
- Return <var>data</var>.
+ Return <var>result</var>.
</p>
</li>
</ol>
@@ -10802,9 +10896,9 @@
</div>
<div id="aes-cbc" class="section">
- <h3>18.11. AES-CBC</h3>
+ <h3>19.11. AES-CBC</h3>
<div id="aes-cbc-description" class="section">
- <h4>18.11.1. Description</h4>
+ <h4>19.11.1. Description</h4>
<p class="norm">This section is non-normative.</p>
<p>
The <code>"AES-CBC"</code> algorithm identifier is used to perform
@@ -10820,7 +10914,7 @@
</p>
</div>
<div id="aes-cbc-registration" class="section">
- <h4>18.11.2. Registration</h4>
+ <h4>19.11.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
this algorithm is <code>"AES-CBC"</code>.
@@ -10857,7 +10951,7 @@
<tr>
<td>exportKey</td>
<td>None</td>
- <td>ArrayBuffer</td>
+ <td>object</td>
</tr>
<tr>
<td>get key length</td>
@@ -10868,7 +10962,7 @@
</table>
</div>
<div id="aes-cbc-params" class="section">
- <h4>18.11.3. AesCbcParams dictionary</h4>
+ <h4>19.11.3. AesCbcParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-AesCbcParams">AesCbcParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// The initialization vector. <span class="RFC2119">MUST</span> be 16 bytes.</span>
@@ -10877,7 +10971,7 @@
</code></pre></div></div>
</div>
<div id="aes-cbc-operations" class="section">
- <h4>18.11.4. Operations</h4>
+ <h4>19.11.4. Operations</h4>
<dl>
<dt>Encrypt</dt>
<dd>
@@ -11128,9 +11222,8 @@
<ol>
<li>
<p>
- Let <var>jwk</var> be the result of running the
- <a href="#concept-parse-a-jwk">parse a jwk</a>
- algorithm over <var>keyData</var>.
+ Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary represented by <var>keyData</var>.
</p>
</li>
<li>
@@ -11271,26 +11364,39 @@
<dl class="switch">
<dt>If <var>format</var> is <code>"raw"</code>:</dt>
<dd>
- Let <var>data</var> be the raw octets of the key represented by
- <var>key</var>.
+ <ol>
+ <li>
+ <p>
+ Let <var>data</var> be the raw octets of the key represented by
+ <var>key</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
+ </ol>
</dd>
<dt>If <var>format</var> is <code>"jwk"</code>:</dt>
<dd>
<ol>
<li>
<p>
- Let <var>jwk</var> be a new internal object.
- </p>
- </li>
- <li>
- <p>
- Set the <code>kty</code> property of <var>jwk</var> to the
+ Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <code>kty</code> attribute of <var>jwk</var> to the
string <code>"oct"</code>.
</p>
</li>
<li>
<p>
- Set the <code>k</code> property of <var>jwk</var> to be a string
+ Set the <code>k</code> attribute of <var>jwk</var> to be a string
containing the raw octets
of the key represented by <var>key</var>, encoded according to
Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>.
@@ -11300,42 +11406,35 @@
<dl class="switch">
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 128:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A128CBC"</code>.</dd>
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 192:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A192CBC"</code>.</dd>
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 256:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A256CBC"</code>.</dd>
</dl>
</li>
<li>
<p>
- Set the <code>key_ops</code> property of <var>jwk</var> to equal the
+ Set the <code>key_ops</code> attribute of <var>jwk</var> to equal the
<a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
</p>
</li>
<li>
<p>
- Set the <code>ext</code> property of <var>jwk</var> to equal the
+ Set the <code>ext</code> attribute of <var>jwk</var> to equal the
<a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
<var>key</var>.
</p>
</li>
<li>
<p>
- Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
- into a string according to the grammar specified in Section 15.12 of
- <a href="#ECMA-262">ECMA262</a>.
- </p>
- </li>
- <li>
- <p>
- Let <var>data</var> be the UTF-8 encoding of
- <var>stringifiedJwk</var>.
+ Let <var>result</var> be the result of converting <var>jwk</var>
+ to an ECMAScript Object.
</p>
</li>
</ol>
@@ -11344,12 +11443,7 @@
</li>
<li>
<p>
- Let <var>keyData</var> be a new ArrayBuffer containing <var>data</var>.
- </p>
- </li>
- <li>
- <p>
- Return <var>data</var>.
+ Return <var>result</var>.
</p>
</li>
</ol>
@@ -11394,9 +11488,9 @@
</div>
<div id="aes-cmac" class="section">
- <h3>18.12. AES-CMAC</h3>
+ <h3>19.12. AES-CMAC</h3>
<div id="aes-cmac-description" class="section">
- <h4>18.12.1. Description</h4>
+ <h4>19.12.1. Description</h4>
<p class="norm">This section is non-normative.</p>
<p>
The <code>"AES-CMAC"</code> algorithm identifier is used to perform
@@ -11405,7 +11499,7 @@
</p>
</div>
<div id="aes-cmac-registration" class="section">
- <h4>18.12.2. Registration</h4>
+ <h4>19.12.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
this algorithm is <code>"AES-CMAC"</code>.
@@ -11442,7 +11536,7 @@
<tr>
<td>exportKey</td>
<td>None</td>
- <td>ArrayBuffer</td>
+ <td>object</td>
</tr>
<tr>
<td>get key length</td>
@@ -11453,7 +11547,7 @@
</table>
</div>
<div id="aes-cmac-params" class="section">
- <h4>18.12.3. AesCmacParams dictionary</h4>
+ <h4>19.12.3. AesCmacParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-AesCmacParams">AesCmacParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// The length, in bits, of the MAC.</span>
@@ -11462,7 +11556,7 @@
</code></pre></div></div>
</div>
<div id="aes-cmac-operations" class="section">
- <h4>18.12.4. Operations</h4>
+ <h4>19.12.4. Operations</h4>
<dl>
<dt>Sign</dt>
<dd>
@@ -11672,9 +11766,8 @@
<ol>
<li>
<p>
- Let <var>jwk</var> be the result of running the
- <a href="#concept-parse-a-jwk">parse a jwk</a>
- algorithm over <var>keyData</var>.
+ Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary represented by <var>keyData</var>.
</p>
</li>
<li>
@@ -11815,26 +11908,39 @@
<dl class="switch">
<dt>If <var>format</var> is <code>"raw"</code>:</dt>
<dd>
- Let <var>data</var> be the raw octets of the key represented by
- <var>key</var>.
+ <ol>
+ <li>
+ <p>
+ Let <var>data</var> be the raw octets of the key represented by
+ <var>key</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
+ </ol>
</dd>
<dt>If <var>format</var> is <code>"jwk"</code>:</dt>
<dd>
<ol>
<li>
<p>
- Let <var>jwk</var> be a new internal object.
- </p>
- </li>
- <li>
- <p>
- Set the <code>kty</code> property of <var>jwk</var> to the
+ Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <code>kty</code> attribute of <var>jwk</var> to the
string <code>"oct"</code>.
</p>
</li>
<li>
<p>
- Set the <code>k</code> property of <var>jwk</var> to be a string
+ Set the <code>k</code> attribute of <var>jwk</var> to be a string
containing the raw octets
of the key represented by <var>key</var>, encoded according to
Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>.
@@ -11844,42 +11950,35 @@
<dl class="switch">
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 128:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A128CMAC"</code>.</dd>
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 192:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A192CMAC"</code>.</dd>
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 256:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A256CMAC"</code>.</dd>
</dl>
</li>
<li>
<p>
- Set the <code>key_ops</code> property of <var>jwk</var> to equal the
+ Set the <code>key_ops</code> attribute of <var>jwk</var> to equal the
<a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
</p>
</li>
<li>
<p>
- Set the <code>ext</code> property of <var>jwk</var> to equal the
+ Set the <code>ext</code> attribute of <var>jwk</var> to equal the
<a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
<var>key</var>.
</p>
</li>
<li>
<p>
- Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
- into a string according to the grammar specified in Section 15.12 of
- <a href="#ECMA-262">ECMA262</a>.
- </p>
- </li>
- <li>
- <p>
- Let <var>data</var> be the UTF-8 encoding of
- <var>stringifiedJwk</var>.
+ Let <var>result</var> be the result of converting <var>jwk</var>
+ to an ECMAScript Object.
</p>
</li>
</ol>
@@ -11888,7 +11987,7 @@
</li>
<li>
<p>
- Return a new ArrayBuffer containing <var>data</var>.
+ Return <var>result</var>.
</p>
</li>
</ol>
@@ -11932,9 +12031,9 @@
</div>
</div>
<div id="aes-gcm" class="section">
- <h3>18.13. AES-GCM</h3>
+ <h3>19.13. AES-GCM</h3>
<div id="aes-gcm-description" class="section">
- <h4>18.13.1. Description</h4>
+ <h4>19.13.1. Description</h4>
<p class="norm">This section is non-normative.</p>
<p>
The <code>"AES-GCM"</code> algorithm identifier is used to perform
@@ -11943,7 +12042,7 @@
</p>
</div>
<div id="aes-gcm-registration" class="section">
- <h4>18.13.2. Registration</h4>
+ <h4>19.13.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
this algorithm is <code>"AES-GCM"</code>.
@@ -11980,7 +12079,7 @@
<tr>
<td>exportKey</td>
<td>None</td>
- <td>ArrayBuffer</td>
+ <td>object</td>
</tr>
<tr>
<td>get key length</td>
@@ -11991,7 +12090,7 @@
</table>
</div>
<div id="aes-gcm-params" class="section">
- <h4>18.13.3. AesGcmParams dictionary</h4>
+ <h4>19.13.3. AesGcmParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-AesGcmParams">AesGcmParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// The initialization vector to use. May be up to 2^64-1 bytes long.</span>
@@ -12004,7 +12103,7 @@
</code></pre></div></div>
</div>
<div id="aes-gcm-operations" class="section">
- <h4>18.13.4. Operations</h4>
+ <h4>19.13.4. Operations</h4>
<dl>
<dt>Encrypt</dt>
<dd>
@@ -12343,9 +12442,8 @@
<ol>
<li>
<p>
- Let <var>jwk</var> be the result of running the
- <a href="#concept-parse-a-jwk">parse a jwk</a>
- algorithm over <var>keyData</var>.
+ Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary represented by <var>keyData</var>.
</p>
</li>
<li>
@@ -12486,26 +12584,39 @@
<dl class="switch">
<dt>If <var>format</var> is <code>"raw"</code>:</dt>
<dd>
- Let <var>data</var> be the raw octets of the key represented by
- <var>key</var>.
+ <ol>
+ <li>
+ <p>
+ Let <var>data</var> be the raw octets of the key represented by
+ <var>key</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
+ </ol>
</dd>
<dt>If <var>format</var> is <code>"jwk"</code>:</dt>
<dd>
<ol>
<li>
<p>
- Let <var>jwk</var> be a new internal object.
- </p>
- </li>
- <li>
- <p>
- Set the <code>kty</code> property of <var>jwk</var> to the
+ Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <code>kty</code> attribute of <var>jwk</var> to the
string <code>"oct"</code>.
</p>
</li>
<li>
<p>
- Set the <code>k</code> property of <var>jwk</var> to be a string
+ Set the <code>k</code> attribute of <var>jwk</var> to be a string
containing the raw octets
of the key represented by <var>key</var>, encoded according to
Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>.
@@ -12515,42 +12626,35 @@
<dl class="switch">
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 128:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A128GCM"</code>.</dd>
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 192:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A192GCM"</code>.</dd>
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 256:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A256GCM"</code>.</dd>
</dl>
</li>
<li>
<p>
- Set the <code>key_ops</code> property of <var>jwk</var> to equal the
+ Set the <code>key_ops</code> attribute of <var>jwk</var> to equal the
<a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
</p>
</li>
<li>
<p>
- Set the <code>ext</code> property of <var>jwk</var> to equal the
+ Set the <code>ext</code> attribute of <var>jwk</var> to equal the
<a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
<var>key</var>.
</p>
</li>
<li>
<p>
- Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
- into a string according to the grammar specified in Section 15.12 of
- <a href="#ECMA-262">ECMA262</a>.
- </p>
- </li>
- <li>
- <p>
- Let <var>data</var> be the UTF-8 encoding of
- <var>stringifiedJwk</var>.
+ Let <var>result</var> be the result of converting <var>jwk</var>
+ to an ECMAScript Object.
</p>
</li>
</ol>
@@ -12564,7 +12668,7 @@
</li>
<li>
<p>
- Return a new ArrayBuffer containing <var>data</var>.
+ Return <var>result</var>.
</p>
</li>
</ol>
@@ -12609,9 +12713,9 @@
</div>
<div id="aes-cfb" class="section">
- <h3>18.14. AES-CFB</h3>
+ <h3>19.14. AES-CFB</h3>
<div id="aes-cfb-description" class="section">
- <h4>18.14.1. Description</h4>
+ <h4>19.14.1. Description</h4>
<p class="norm">This section is non-normative.</p>
<p>
The <code>"AES-CFB-8"</code> algorithm identifier is used to perform
@@ -12621,7 +12725,7 @@
</p>
</div>
<div id="aes-cfb-registration" class="section">
- <h4>18.14.2. Registration</h4>
+ <h4>19.14.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
this algorithm is <code>"AES-CFB-8"</code>.
@@ -12658,7 +12762,7 @@
<tr>
<td>exportKey</td>
<td>None</td>
- <td>ArrayBuffer</td>
+ <td>object</td>
</tr>
<tr>
<td>get key length</td>
@@ -12669,7 +12773,7 @@
</table>
</div>
<div id="aes-cfb-params" class="section">
- <h4>18.14.3. AesCfbParams dictionary</h4>
+ <h4>19.14.3. AesCfbParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-AesCfbParams">AesCfbParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// The initialization vector. <span class="RFC2119">MUST</span> be 16 bytes.</span>
@@ -12678,7 +12782,7 @@
</code></pre></div></div>
</div>
<div id="aes-cfb-operations" class="section">
- <h4>18.14.4. Operations</h4>
+ <h4>19.14.4. Operations</h4>
<dl>
<dt>Encrypt</dt>
<dd>
@@ -12905,9 +13009,8 @@
<ol>
<li>
<p>
- Let <var>jwk</var> be the result of running the
- <a href="#concept-parse-a-jwk">parse a jwk</a>
- algorithm over <var>keyData</var>.
+ Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary represented by <var>keyData</var>.
</p>
</li>
<li>
@@ -13047,26 +13150,39 @@
<dl class="switch">
<dt>If <var>format</var> is <code>"raw"</code>:</dt>
<dd>
- Let <var>data</var> be the raw octets of the key represented by
- <var>key</var>.
+ <ol>
+ <li>
+ <p>
+ Let <var>data</var> be the raw octets of the key represented by
+ <var>key</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
+ </ol>
</dd>
<dt>If <var>format</var> is <code>"jwk"</code>:</dt>
<dd>
<ol>
<li>
<p>
- Let <var>jwk</var> be a new internal object.
- </p>
- </li>
- <li>
- <p>
- Set the <code>kty</code> property of <var>jwk</var> to the
+ Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <code>kty</code> attribute of <var>jwk</var> to the
string <code>"oct"</code>.
</p>
</li>
<li>
<p>
- Set the <code>k</code> property of <var>jwk</var> to be a string
+ Set the <code>k</code> attribute of <var>jwk</var> to be a string
containng the raw octets
of the key represented by <var>key</var>, encoded according to
Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>.
@@ -13076,42 +13192,35 @@
<dl class="switch">
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 128:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A128CFB8"</code>.</dd>
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 192:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A192CFB8"</code>.</dd>
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 256:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A256CFB8"</code>.</dd>
</dl>
</li>
<li>
<p>
- Set the <code>key_ops</code> property of <var>jwk</var> to equal the
+ Set the <code>key_ops</code> attribute of <var>jwk</var> to equal the
<a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
</p>
</li>
<li>
<p>
- Set the <code>ext</code> property of <var>jwk</var> to equal the
+ Set the <code>ext</code> attribute of <var>jwk</var> to equal the
<a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
<var>key</var>.
</p>
</li>
<li>
<p>
- Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
- into a string according to the grammar specified in Section 15.12 of
- <a href="#ECMA-262">ECMA262</a>.
- </p>
- </li>
- <li>
- <p>
- Let <var>data</var> be the UTF-8 encoding of
- <var>stringifiedJwk</var>.
+ Let <var>result</var> be the result of converting <var>jwk</var>
+ to an ECMAScript Object.
</p>
</li>
</ol>
@@ -13120,12 +13229,7 @@
</li>
<li>
<p>
- Let <var>keyData</var> be a new ArrayBuffer containing <var>data</var>.
- </p>
- </li>
- <li>
- <p>
- Return <var>data</var>.
+ Return <var>result</var>.
</p>
</li>
</ol>
@@ -13170,9 +13274,9 @@
</div>
<div id="aes-kw" class="section">
- <h3>18.15. AES-KW</h3>
+ <h3>19.15. AES-KW</h3>
<div id="aes-kw-description" class="section">
- <h4>18.15.1. Description</h4>
+ <h4>19.15.1. Description</h4>
<p class="norm">This section is non-normative.</p>
<p>
The <code>"AES-KW"</code> algorithm identifier is used to perform
@@ -13181,7 +13285,7 @@
</p>
</div>
<div id="aes-kw-registration" class="section">
- <h4>18.15.2. Registration</h4>
+ <h4>19.15.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
this algorithm is <code>"AES-KW"</code>.
@@ -13218,7 +13322,7 @@
<tr>
<td>exportKey</td>
<td>None</td>
- <td>ArrayBuffer</td>
+ <td>object</td>
</tr>
<tr>
<td>get key length</td>
@@ -13229,7 +13333,7 @@
</table>
</div>
<div id="aes-kw-operations" class="section">
- <h4>18.15.3. Operations</h4>
+ <h4>19.15.3. Operations</h4>
<dl>
<dt>Wrap Key</dt>
<dd>
@@ -13412,9 +13516,8 @@
<ol>
<li>
<p>
- Let <var>jwk</var> be the result of running the
- <a href="#concept-parse-a-jwk">parse a jwk</a>
- algorithm over <var>keyData</var>.
+ Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary represented by <var>keyData</var>.
</p>
</li>
<li>
@@ -13554,26 +13657,39 @@
<dl class="switch">
<dt>If <var>format</var> is <code>"raw"</code>:</dt>
<dd>
- Let <var>data</var> be the raw octets of the key represented by
- <var>key</var>.
+ <ol>
+ <li>
+ <p>
+ Let <var>data</var> be the raw octets of the key represented by
+ <var>key</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
+ </ol>
</dd>
<dt>If <var>format</var> is <code>"jwk"</code>:</dt>
<dd>
<ol>
<li>
<p>
- Let <var>jwk</var> be a new internal object.
- </p>
- </li>
- <li>
- <p>
- Set the <code>kty</code> property of <var>jwk</var> to the
+ Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <code>kty</code> attribute of <var>jwk</var> to the
string <code>"oct"</code>.
</p>
</li>
<li>
<p>
- Set the <code>k</code> property of <var>jwk</var> to be a string
+ Set the <code>k</code> attribute of <var>jwk</var> to be a string
containng the raw octets
of the key represented by <var>key</var>, encoded according to
Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>.
@@ -13583,42 +13699,35 @@
<dl class="switch">
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 128:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A128KW"</code>.</dd>
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 192:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A192KW"</code>.</dd>
<dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
<var>key</var> is 256:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"A256KW"</code>.</dd>
</dl>
</li>
<li>
<p>
- Set the <code>key_ops</code> property of <var>jwk</var> to equal the
+ Set the <code>key_ops</code> attribute of <var>jwk</var> to equal the
<a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
</p>
</li>
<li>
<p>
- Set the <code>ext</code> property of <var>jwk</var> to equal the
+ Set the <code>ext</code> attribute of <var>jwk</var> to equal the
<a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
<var>key</var>.
</p>
</li>
<li>
<p>
- Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
- into a string according to the grammar specified in Section 15.12 of
- <a href="#ECMA-262">ECMA262</a>.
- </p>
- </li>
- <li>
- <p>
- Let <var>data</var> be the UTF-8 encoding of
- <var>stringifiedJwk</var>.
+ Let <var>result</var> be the result of converting <var>jwk</var>
+ to an ECMAScript Object.
</p>
</li>
</ol>
@@ -13627,7 +13736,7 @@
</li>
<li>
<p>
- Return a new ArrayBuffer containing <var>data</var>.
+ Return <var>result</var>.
</p>
</li>
</ol>
@@ -13672,9 +13781,9 @@
</div>
<div id="hmac" class="section">
- <h3>18.16. HMAC</h3>
+ <h3>19.16. HMAC</h3>
<div id="hmac-description" class="section">
- <h4>18.16.1. Description</h4>
+ <h4>19.16.1. Description</h4>
<p class="norm">This section is non-normative.</p>
<p>
The <code>HMAC</code> algorithm calculates and verifies hash-based message
@@ -13682,7 +13791,7 @@
</p>
</div>
<div id="hmac-registration" class="section">
- <h4>18.16.2. Registration</h4>
+ <h4>19.16.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
this algorithm is <code>"HMAC"</code>.
@@ -13719,7 +13828,7 @@
<tr>
<td>exportKey</td>
<td>None</td>
- <td>ArrayBuffer</td>
+ <td>object</td>
</tr>
<tr>
<td>get key length</td>
@@ -13730,7 +13839,7 @@
</table>
</div>
<div id="hmac-importparams" class="section">
- <h4>18.16.3. HmacImportParams dictionary</h4>
+ <h4>19.16.3. HmacImportParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-HmacImportParams">HmacImportParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// The inner hash function to use.</span>
@@ -13741,7 +13850,7 @@
</code></pre></div></div>
</div>
<div id="hmac-keyalgorithm" class="section">
- <h4>18.16.4. HmacKeyAlgorithm interface</h4>
+ <h4>19.16.4. HmacKeyAlgorithm interface</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
[NoInterfaceObject]
interface <dfn id="dfn-HmacKeyAlgorithm">HmacKeyAlgorithm</dfn> : <a href="#dfn-KeyAlgorithm">KeyAlgorithm</a> {
@@ -13753,7 +13862,7 @@
</code></pre></div></div>
</div>
<div id="hmac-keygen-params" class="section">
- <h4>18.16.5. HmacKeyGenParams dictionary</h4>
+ <h4>19.16.5. HmacKeyGenParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-HmacKeyGenParams">HmacKeyGenParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// The inner hash function to use.</span>
@@ -13766,7 +13875,7 @@
</code></pre></div></div>
</div>
<div id="hmac-derivedkey-params" class="section">
- <h4>18.16.6. HmacDerivedKeyParams dictionary</h4>
+ <h4>19.16.6. HmacDerivedKeyParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-HmacDerivedKeyParams">HmacDerivedKeyParams</dfn> : <a href="#dfn-HmacImportParams">HmacImportParams</a> {
<span class="comment">// The length (in bits) of the key to generate. If unspecified, the
@@ -13777,7 +13886,7 @@
</code></pre></div></div>
</div>
<div id="hmac-operations" class="section">
- <h4>18.16.7. Operations</h4>
+ <h4>19.16.7. Operations</h4>
<dl>
<dt>Sign</dt>
<dd>
@@ -13997,9 +14106,8 @@
<ol>
<li>
<p>
- Let <var>jwk</var> be the result of running the
- <a href="#concept-parse-a-jwk">parse a jwk</a>
- algorithm over <var>keyData</var>.
+ Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary represented by <var>keyData</var>.
</p>
</li>
<li>
@@ -14298,26 +14406,39 @@
<dl class="switch">
<dt>If <var>format</var> is <code>"raw"</code>:</dt>
<dd>
- Let <var>data</var> be the raw octets of the key represented by
- <var>key</var>.
+ <ol>
+ <li>
+ <p>
+ Let <var>data</var> be the raw octets of the key represented by
+ <var>key</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
+ </ol>
</dd>
<dt>If <var>format</var> is <code>"jwk"</code>:</dt>
<dd>
<ol>
<li>
<p>
- Let <var>jwk</var> be a new internal object.
- </p>
- </li>
- <li>
- <p>
- Set the <code>kty</code> property of <var>jwk</var> to the
+ Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+ dictionary.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <code>kty</code> attribute of <var>jwk</var> to the
string <code>"oct"</code>.
</p>
</li>
<li>
<p>
- Set the <code>k</code> property of <var>jwk</var> to be a string
+ Set the <code>k</code> attribute of <var>jwk</var> to be a string
containng the raw octets
of the key represented by <var>key</var>, encoded according to
Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>.
@@ -14341,46 +14462,39 @@
<dl class="switch">
<dt>If the <a href="#dfn-KeyAlgorithm-name">name</a> attribute of
<var>hash</var> is <code>"SHA-1"</code>:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"HS1"</code>.</dd>
<dt>If the <a href="#dfn-KeyAlgorithm-name">name</a> attribute of
<var>hash</var> is <code>"SHA-256"</code>:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"HS256"</code>.</dd>
<dt>If the <a href="#dfn-KeyAlgorithm-name">name</a> attribute of
<var>hash</var> is <code>"SHA-384"</code>:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"HS384"</code>.</dd>
<dt>If the <a href="#dfn-KeyAlgorithm-name">name</a> attribute of
<var>hash</var> is <code>"SHA-512"</code>:</dt>
- <dd>Set the <code>alg</code> property of <var>jwk</var> to
+ <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
the string <code>"HS512"</code>.</dd>
</dl>
</li>
<li>
<p>
- Set the <code>key_ops</code> property of <var>jwk</var> to equal the
+ Set the <code>key_ops</code> attribute of <var>jwk</var> to equal the
<a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
</p>
</li>
<li>
<p>
- Set the <code>ext</code> property of <var>jwk</var> to equal the
+ Set the <code>ext</code> attribute of <var>jwk</var> to equal the
<a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
<var>key</var>.
</p>
</li>
<li>
<p>
- Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
- into a string according to the grammar specified in Section 15.12 of
- <a href="#ECMA-262">ECMA262</a>.
- </p>
- </li>
- <li>
- <p>
- Let <var>data</var> be the UTF-8 encoding of
- <var>stringifiedJwk</var>.
+ Let <var>result</var> be the result of converting <var>jwk</var>
+ to an ECMAScript Object.
</p>
</li>
</ol>
@@ -14389,7 +14503,7 @@
</li>
<li>
<p>
- Return a new ArrayBuffer containing <var>data</var>.
+ Return <var>result</var>.
</p>
</li>
</ol>
@@ -14450,9 +14564,9 @@
</div>
</div>
<div id="dh" class="section">
- <h3>18.17. Diffie-Hellman</h3>
+ <h3>19.17. Diffie-Hellman</h3>
<div id="dh-description" class="section">
- <h4>18.17.1. Description</h4>
+ <h4>19.17.1. Description</h4>
<p class="norm">This section is non-normative.</p>
<p>
This describes using Diffie-Hellman for key generation and key agreement, as specified
@@ -14460,7 +14574,7 @@
</p>
</div>
<div id="dh-registration" class="section">
- <h4>18.17.2. Registration</h4>
+ <h4>19.17.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
this algorithm is <code>"DH"</code>.
@@ -14492,13 +14606,13 @@
<tr>
<td>exportKey</td>
<td>None</td>
- <td>ArrayBuffer</td>
+ <td>object</td>
</tr>
</tbody>
</table>
</div>
<div id="dh-DhKeyGenParams" class="section">
- <h4>18.17.3. DhKeyGenParams dictionary</h4>
+ <h4>19.17.3. DhKeyGenParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-DhKeyGenParams">DhKeyGenParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// The prime p.</span>
@@ -14509,7 +14623,7 @@
</code></pre></div></div>
</div>
<div id="dh-DhKeyAlgorithm" class="section">
- <h4>18.17.4. DhKeyAlgorithm interface</h4>
+ <h4>19.17.4. DhKeyAlgorithm interface</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
[NoInterfaceObject]
interface <dfn id="dfn-DhKeyAlgorithm">DhKeyAlgorithm</dfn> : <a href="#dfn-KeyAlgorithm">KeyAlgorithm</a> {
@@ -14521,7 +14635,7 @@
</code></pre></div></div>
</div>
<div id="dh-DhKeyDeriveParams" class="section">
- <h4>18.17.5. DhKeyDeriveParams dictionary</h4>
+ <h4>19.17.5. DhKeyDeriveParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-DhKeyDeriveParams">DhKeyDeriveParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// The peer's public value.</span>
@@ -14530,7 +14644,7 @@
</code></pre></div></div>
</div>
<div id="dh-DhImportKeyParams" class="section">
- <h4>18.17.6. DhImportKeyParams dictionary</h4>
+ <h4>19.17.6. DhImportKeyParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-DhImportKeyParams">DhImportKeyParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// The prime p.</span>
@@ -14541,7 +14655,7 @@
</code></pre></div></div>
</div>
<div id="dh-operations" class="section">
- <h4>18.17.7. Operations</h4>
+ <h4>19.17.7. Operations</h4>
<dl>
<dt>Generate Key</dt>
<dd>
@@ -15150,26 +15264,35 @@
If <var>format</var> is <code>"raw"</code>:
</dt>
<dd>
- <dl class="switch">
- <dt>
- If the <a href="#dfn-CryptoKey-type">type</a> attribute of
- <var>key</var> is <code>"public"</code>:
- </dt>
- <dd>
- Let <var>result</var> be the Public Value, <var>PV</var>, associated
- with <var>key</var> as specified in Section 7 of [<a href="#PKCS3">PKCS
- #3</a>].
- </dd>
- <dt>
- If the <a href="#dfn-CryptoKey-type">type</a> attribute of
- <var>key</var> is <code>"private"</code>:
- </dt>
- <dd>
- Let <var>result</var> be the octet string that represents the private
- value <var>x</var> associated with <var>key</var> as a big integer, most
- significant octet first.
- </dd>
- </dl>
+ <ol>
+ <li>
+ <dl class="switch">
+ <dt>
+ If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+ <var>key</var> is <code>"public"</code>:
+ </dt>
+ <dd>
+ Let <var>data</var> be the Public Value, <var>PV</var>, associated
+ with <var>key</var> as specified in Section 7 of [<a href="#PKCS3">PKCS #3</a>].
+ </dd>
+ <dt>
+ If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+ <var>key</var> is <code>"private"</code>:
+ </dt>
+ <dd>
+ Let <var>data</var> be the octet string that represents the private
+ value <var>x</var> associated with <var>key</var> as a big integer,
+ most significant octet first.
+ </dd>
+ </dl>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
+ </ol>
</dd>
<dt>
If <var>format</var> is <code>"spki"</code>:
@@ -15184,7 +15307,7 @@
</li>
<li>
<p>
- Let <var>result</var> be the result of <a href="#concept-encode-a-subjectPublicKeyInfo">encoding a
+ Let <var>data</var> be the result of <a href="#concept-encode-a-subjectPublicKeyInfo">encoding a
subjectPublicKeyInfo</a> with the following properties:
</p>
<ul>
@@ -15237,6 +15360,12 @@
</li>
</ul>
</li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
</ol>
</dd>
<dt>
@@ -15252,7 +15381,7 @@
</li>
<li>
<p>
- Let <var>result</var> be the result of <a href="#concept-encode-a-privateKeyInfo">encoding a
+ Let <var>data</var> be the result of <a href="#concept-encode-a-privateKeyInfo">encoding a
privateKeyInfo</a> with the following properties:
</p>
<ul>
@@ -15305,6 +15434,12 @@
</li>
</ul>
</li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+ <var>data</var>.
+ </p>
+ </li>
</ol>
</dd>
<dt>Otherwise:</dt>
@@ -15316,13 +15451,7 @@
</li>
<li>
<p>
- Let <var>data</var> be a new <code>ArrayBuffer</code> containing
- <var>result</var>.
- </p>
- </li>
- <li>
- <p>
- Return <var>data</var>.
+ Return <var>result</var>.
</p>
</li>
</ol>
@@ -15331,16 +15460,16 @@
</div>
</div>
<div id="sha" class="section">
- <h3>18.18. SHA</h3>
+ <h3>19.18. SHA</h3>
<div id="sha-description" class="section">
- <h4>18.18.1. Description</h4>
+ <h4>19.18.1. Description</h4>
<p>
This describes the SHA-1 and SHA-2 families, as specified by
[<a href="#FIPS180-4">FIPS PUB 180-4</a>].
</p>
</div>
<div id="sha-registration" class="section">
- <h4>18.18.2. Registration</h4>
+ <h4>19.18.2. Registration</h4>
<p>
The following algorithms are added as <a href="#recognized-algorithm-name">
recognized algorithm names</a>:
@@ -15373,7 +15502,7 @@
</table>
</div>
<div id="sha-operations" class="section">
- <h4>18.18.3. Operations</h4>
+ <h4>19.18.3. Operations</h4>
<dl>
<dt>Digest</dt>
<dd>
@@ -15440,9 +15569,9 @@
</div>
</div>
<div id="concatkdf" class="section">
- <h3>18.19. Concat KDF</h3>
+ <h3>19.19. Concat KDF</h3>
<div id="concatkdf-description" class="section">
- <h4>18.19.1. Description</h4>
+ <h4>19.19.1. Description</h4>
<p>
The <code>"CONCAT"</code> algorithm identifier is used to perform key derivation
using the key derivation algorithm defined in Section 5.8.1 of NIST SP 800-56A
@@ -15450,7 +15579,7 @@
</p>
</div>
<div id="concatkdf-registration" class="section">
- <h4>18.19.2. Registration</h4>
+ <h4>19.19.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
this algorithm is <code>"CONCAT"</code>.
@@ -15483,7 +15612,7 @@
</table>
</div>
<div id="concat-params" class="section">
- <h4>18.19.3. ConcatParams dictionary</h4>
+ <h4>19.19.3. ConcatParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-ConcatParams">ConcatParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// The digest method to use to derive the keying material.</span>
@@ -15505,7 +15634,7 @@
</code></pre></div></div>
</div>
<div id="concat-operations" class="section">
- <h4>18.19.4. Operations</h4>
+ <h4>19.19.4. Operations</h4>
<dl>
<dt>Derive Bits</dt>
<dd>
@@ -15654,9 +15783,9 @@
</div>
</div>
<div id="hkdf-ctr" class="section">
- <h3>18.20. HKDF-CTR</h3>
+ <h3>19.20. HKDF-CTR</h3>
<div id="hkdf-ctr-description" class="section">
- <h4>18.20.1. Description</h4>
+ <h4>19.20.1. Description</h4>
<p class="norm">This section is non-normative.</p>
<p>
The <code>"HKDF-CTR"</code> algorithm identifier is used to
@@ -15667,7 +15796,7 @@
</p>
</div>
<div id="hkdf-ctr-registration" class="section">
- <h4>18.20.2. Registration</h4>
+ <h4>19.20.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a>
for this algorithm is <code>"HKDF-CTR"</code>.
@@ -15700,7 +15829,7 @@
</table>
</div>
<div id="hkdf-ctr-params" class="section">
- <h4>18.20.3. HkdfCtrParams dictionary</h4>
+ <h4>19.20.3. HkdfCtrParams dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-HkdfCtrParams">HkdfCtrParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
<span class="comment">// The algorithm to use with HMAC (e.g.: <a href="#sha-256">SHA-256</a>)</span>
@@ -15724,7 +15853,7 @@
</div>
</div>
<div id="hkdf2-ctr-operations" class="section">
- <h4>18.20.4. Operations</h4>
+ <h4>19.20.4. Operations</h4>
<dl>
<dt>Derive Bits</dt>
<dd>
@@ -15935,9 +16064,9 @@
</div>
<div id="pbkdf2" class="section">
- <h3>18.21. PBKDF2</h3>
+ <h3>19.21. PBKDF2</h3>
<div id="pbkdf2-description" class="section">
- <h4>18.21.1. Description</h4>
+ <h4>19.21.1. Description</h4>
<p class="norm">This section is non-normative.</p>
<p>
The <code>"PBKDF2"</code> algorithm identifier is used to
@@ -15947,7 +16076,7 @@
</p>
</div>
<div id="pbkdf2-registration" class="section">
- <h4>18.21.2. Registration</h4>
+ <h4>19.21.2. Registration</h4>
<p>
The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
this algorithm is <code>"PBKDF2"</code>.
@@ -15985,7 +16114,7 @@
</table>
</div>
<div id="pbkdf2-params" class="section">
- <h4>18.21.3. Pbkdf2Params dictionary</h4>
+ <h4>19.21.3. Pbkdf2Params dictionary</h4>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
dictionary <dfn id="dfn-Pbkdf2Params">Pbkdf2Params</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
CryptoOperationData <dfn id="dfn-Pbkdf2Params-salt">salt</dfn>;
@@ -15995,7 +16124,7 @@
</code></pre></div></div>
</div>
<div id="pbkdf2-operations" class="section">
- <h4>18.21.4. Operations</h4>
+ <h4>19.21.4. Operations</h4>
<dl>
<dt>Derive bits</dt>
<dd>
@@ -16213,7 +16342,7 @@
</div>
<div id="algorithm-normalizing-rules" class="section">
- <h2>19. Algorithm normalizing rules</h2>
+ <h2>20. Algorithm normalizing rules</h2>
<p>
The <a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> typedef permits algorithms
to be specified as either an <a href="#dfn-Algorithm">Algorithm</a> dictionary or a <a href="#dfn-DOMString">DOMString</a>. The <a href="#dfn-DOMString">DOMString</a> option
@@ -16299,9 +16428,9 @@
</ol>
</div>
<div id="examples-section" class="section">
- <h2>20. JavaScript Example Code</h2>
+ <h2>21. JavaScript Example Code</h2>
<div id="examples-signing" class="section">
- <h3>20.1. Generate a signing key pair, sign some data</h3>
+ <h3>21.1. Generate a signing key pair, sign some data</h3>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">ECMAScript</span></div><div class="blockContent"><pre class="code"><code class="es-code">
<span class="comment">// Algorithm Object</span>
@@ -16335,7 +16464,7 @@
</code></pre></div></div>
</div>
<div id="examples-symmetric-encryption" class="section">
- <h3>20.2. Symmetric Encryption</h3>
+ <h3>21.2. Symmetric Encryption</h3>
<div class="block"><div class="blockTitleDiv"><span class="blockTitle">ECMAScript</span></div><div class="blockContent"><pre class="code"><code class="es-code">
var clearDataArrayBufferView = convertPlainTextToArrayBufferView("Plain Text Data");
<span class="comment">// TODO: create example utility function that converts text -> ArrayBufferView</span>
@@ -16363,9 +16492,9 @@
</div>
</div>
<div id="iana-section" class="section">
- <h2>21. IANA Considerations</h2>
+ <h2>22. IANA Considerations</h2>
<div id="iana-section-jws-jwa" class="section">
- <h3>21.1. JSON Web Signature and Encryption Algorithms Registration</h3>
+ <h3>22.1. JSON Web Signature and Encryption Algorithms Registration</h3>
<p>
This section registers the following algorithm identifiers in the IANA JSON Web
Signature and Encryption Algorithms Registry for use with JSON Web Key. Note that the
@@ -16503,7 +16632,7 @@
</ul>
</div>
<div id="iana-section-jwk" class="section">
- <h3>21.2. JSON Web Key Parameters Registration</h3>
+ <h3>22.2. JSON Web Key Parameters Registration</h3>
<ul>
<li>Parameter Name: "ext"</li>
<li>Parameter Description: Extractable</li>
@@ -16515,7 +16644,7 @@
</div>
</div>
<div id="acknowledgements-section" class="section">
- <h2>22. Acknowledgements</h2>
+ <h2>23. Acknowledgements</h2>
<p>
The editors would like to thank Adam Barth, Alex Russell, Ali Asad, Arun Ranganathan,
Brian Smith, Brian Warner, Channy Yun, Eric Roman, Glenn Adams, Jim Schaad, Kai Engert,
@@ -16538,9 +16667,9 @@
</p>
</div>
<div id="references" class="section">
- <h2>23. References</h2>
+ <h2>24. References</h2>
<div id="normative-references" class="section">
- <h3>23.1. Normative References</h3>
+ <h3>24.1. Normative References</h3>
<dl>
<dt id="DOM4">DOM4</dt>
<dd>
@@ -16633,7 +16762,7 @@
</dl>
</div>
<div id="informative-references" class="section">
- <h3>23.2. Informative References</h3>
+ <h3>24.2. Informative References</h3>
<dl>
<dt id="CDSA">CDSA</dt>
<dd>