--- a/spec/Overview-WebCryptoAPI.xml Wed Feb 19 13:55:41 2014 -0800
+++ b/spec/Overview-WebCryptoAPI.xml Wed Feb 19 16:45:04 2014 -0800
@@ -1088,8 +1088,8 @@
</li>
<li>
<p>
- If <code>key</code>.<a href="#dfn-Key-KeyUsage"><code>usages</code></a> does not
- contain the <code>"encrypt"</code> <a href="#dfn-KeyUsage"><code>KeyUsage</code></a>,
+ If the <a href="#dfn-Key-usages">usages</a> property of <code>key</code> does not
+ contain an entry that is a case-sensitive string match for <code>"encrypt"</code>,
terminate this algorithm with an error.
</p>
</li>
@@ -1151,8 +1151,8 @@
</li>
<li>
<p>
- If <code>key</code>.<a href="#dfn-Key-KeyUsage"><code>usages</code></a> does not
- contain the <code>"decrypt"</code> <a href="#dfn-KeyUsage"><code>KeyUsage</code></a>,
+ If the <a href="#dfn-Key-usages">usages</a> property of <code>key</code> does not
+ contain an entry that is a case-sensitive string match for <code>"decrypt"</code>,
terminate this algorithm with an error.
</p>
</li>
@@ -1213,8 +1213,8 @@
</li>
<li>
<p>
- If <code>key</code>.<a href="#dfn-Key-KeyUsage"><code>usages</code></a> does not
- contain the <code>"sign"</code> <a href="#dfn-KeyUsage"><code>KeyUsage</code></a>,
+ If the <a href="#dfn-Key-usages">usages</a> property of <code>key</code> does not
+ contain an entry that is a case-sensitive string match for <code>"sign"</code>,
terminate this algorithm with an error.
</p>
</li>
@@ -1275,8 +1275,8 @@
</li>
<li>
<p>
- If <code>key</code>.<a href="#dfn-Key-KeyUsage"><code>usages</code></a> does not
- contain the <code>"verify"</code> <a href="#dfn-KeyUsage"><code>KeyUsage</code></a>,
+ If the <a href="#dfn-Key-usages">usages</a> property of <code>key</code> does not
+ contain an entry that is a case-sensitive string match for <code>"verify"</code>,
terminate this algorithm with an error.
</p>
</li>
@@ -1494,8 +1494,8 @@
</li>
<li>
<p>
- If <code>baseKey</code>.<a href="#dfn-Key-KeyUsage"><code>usages</code></a> does not
- contain the <code>"deriveKey"</code> <a href="#dfn-KeyUsage"><code>KeyUsage</code></a>,
+ If the <a href="#dfn-Key-usages">usages</a> property of <code>baseKey</code> does not
+ contain an entry that is a case-sensitive string match for <code>"deriveKey"</code>,
terminate this algorithm with an error.
</p>
</li>
@@ -1542,13 +1542,6 @@
</li>
<li>
<p>
- If <var>baseKey</var>.<a href="#dfn-Key-usages"><code>usages</code></a> does not
- contain the <code>"deriveKey"</code> <a href="#dfn-KeyUsage"><code>KeyUsage</code></a>,
- terminate this algorithm with an error.
- </p>
- </li>
- <li>
- <p>
Let <var>result</var> be the result of executing the key derivation algorithm
defined by the algorithm indicated in <var>normalizedAlgorithm</var> using
<code>key</code> as <var>key</var>, <code>extractable</code> as
@@ -1588,8 +1581,8 @@
</li>
<li>
<p>
- If <code>baseKey</code>.<a href="#dfn-Key-KeyUsage"><code>usages</code></a> does not
- contain the <code>"deriveBits"</code> <a href="#dfn-KeyUsage"><code>KeyUsage</code></a>,
+ If the <a href="#dfn-Key-usages">usages</a> property of <code>baseKey</code> does not
+ contain an entry that is a case-sensitive string match for <code>"deriveBits"</code>,
terminate this algorithm with an error.
</p>
</li>
@@ -1656,9 +1649,9 @@
</p>
<ol>
<li>
- <ul>
- <li>
- <p>If <code>algorithm</code> is defined:</p>
+ <dl class="switch">
+ <dt>If <code>algorithm</code> is not null:</dt>
+ <dd>
<ol>
<li>
<p>
@@ -1676,11 +1669,12 @@
</p>
</li>
</ol>
- </li>
- <li>
- <p>Otherwise, let <var>normalizedAlgorithm</var> be <code>null</code>.</p>
- </li>
- </ul>
+ </dd>
+ <dt>Otherwise:</dt>
+ <dd>
+ Let <var>normalizedAlgorithm</var> be null.
+ </dd>
+ </dl>
</li>
<li>
<p>
@@ -1699,14 +1693,6 @@
</li>
<li>
<p>
- Let <var>format</var>, <var>keyData</var>, <var>extractable</var> and
- <var>usages</var> be the <code>format</code>, <code>keyData</code>,
- <code>extractable</code> and <code>usages</code> parameters to the
- <dfn id="dfn-SubtleCrypto-method-importKey">importKey</dfn> method respectively.
- </p>
- </li>
- <li>
- <p>
Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var>
its associated resolver.
</p>
@@ -1738,31 +1724,13 @@
</li>
</ol>
</li>
-
- <li>
- <p>
- If <var>keyData</var>, interpreted accoding to <var>format</var>, specifies
- parameters that are inconsistent with the parameters supplied to
- <dfn id="dfn-SubtleCrypto-method-importKey">importKey</dfn>, terminate this
- algorithm with an error.
- </p>
- </li>
<li>
<p>
Let <var>result</var> be the <a href="#dfn-Key"><code>Key</code></a> object that
- results from interpreting <var>keyData</var> accoding to <var>format</var> using
- the key import algorithm indicated in <var>normalizedAlgorithm</var>.
- </p>
- </li>
- <li>
- <p>
- Set <var>result</var>.<a href="#dfn-Key-extractable"><code>extractable</code></a>
- to be <var>extractable</var>.
- </p>
- </li>
- <li>
- <p>
- Set <var>result</var>.<a href="#dfn-Key-usages"><code>usages</code></a> to be <var>usages</var>.
+ results from performing the Import Key operation defined by
+ <var>normalizedAlgorithm</var> using <code>keyData</code> as <var>keyData</var>,
+ <code>format</code> as <var>format</var>, <code>extractable</code> as
+ <var>extractable</var> and <code>usages</code> as <var>usages</var>.
</p>
</li>
<li>
@@ -1790,13 +1758,6 @@
</li>
<li>
<p>
- Let <var>key</var> and <var>format</var> be the values of the <code>key</code> and
- <code>format</code> parameters to the <dfn
- id="dfn-SubtleCrypto-method-exportKey">exportKey</dfn> method respectively.
- </p>
- </li>
- <li>
- <p>
Let <var>promise</var> be a new <code>Promise</code> object and
<var>resolver</var> its associated resolver.
</p>
@@ -1831,14 +1792,22 @@
</li>
<li>
<p>
- If <var>key</var>.<a href="#dfn-Key-extractable"><code>extractable</code></a> is
- not true, terminate this algorithm with an error.
+ If the <a href="#dfn-Key-extractable">extractable</a> property of <code>key</code>
+ is false, terminate this algorithm with an error.
</p>
</li>
<li>
<p>
- Let <var>result</var> be the result of encoding <var>key</var> according to
- <var>format</var>.
+ Let <var>result</var> be the result of performing the Export Key operation specified
+ by the algorithm identified by the <a href="#dfn-Key-algorithm">algorithm</a>
+ property of <code>key</code> using <code>key</code> as <var>key</var> and
+ <code>format</code> as <var>format</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Execute <var>resolver</var>'s <code>resolve(value)</code> algorithm, with
+ <var>result</var> as the <code>value</code> argument.
</p>
</li>
</ol>
@@ -1910,8 +1879,8 @@
<li>
<p>
If the <a href="#dfn-Key-usages">usages</a> property of <code>wrappingKey</code>
- does not contain the <code>"wrapKey"</code> <a href="#dfn-KeyUsage">KeyUsage</a>,
- terminate this algorithm with an error.
+ does not contain an entry that is a case-sensitive string match for
+ <code>"wrapKey"</code>, terminate this algorithm with an error.
</p>
</li>
<li>
@@ -1939,16 +1908,16 @@
<dd>
<p>
Let <var>result</var> be the result of performing the Wrap Key operation
- specified by <var>normalizedAlgorithm</var> with <var>bytes</var> as
- <var>plaintext</var>.
+ specified by <var>normalizedAlgorithm</var> with <code>wrappingKey</code>
+ as <var>key</var> and <var>bytes</var> as <var>plaintext</var>.
</p>
</dd>
<dt>Otherwise, if <var>normalizedAlgorithm</var> specifies an Encrypt operation:</dt>
<dd>
<p>
Let <var>result</var> be the result of performing the Encrypt operation
- specified by <var>normalizedAlgorithm</var> with <var>bytes</var> as
- <var>plaintext</var>.
+ specified by <var>normalizedAlgorithm</var> with <code>wrappingKey</code>
+ as <var>key</var> and <var>bytes</var> as <var>plaintext</var>.
</p>
</dd>
<dt>Otherwise:</dt>
@@ -2068,8 +2037,8 @@
<li>
<p>
If the <a href="#dfn-Key-usages">usages</a> property of <code>unwrappingKey</code>
- does not contain the <code>"unwrapKey"</code> <a href="#dfn-KeyUsage">KeyUsage</a>,
- terminate this algorithm with an error.
+ does not contain an entry that is a case-sensitive string match for
+ <code>"unwrapKey"</code>, terminate this algorithm with an error.
</p>
</li>
<li>
@@ -2077,7 +2046,8 @@
<dt>If <var>normalizedUnwrapAlgorithm</var> specifies a Unwrap Key operation:</dt>
<dd>
Let <var>bytes</var> be the result of performing the Unwrap Key operation
- specified by <var>normalizedUnwrapAlgorithm</var> with <code>wrappedKey</code> as
+ specified by <var>normalizedUnwrapAlgorithm</var> with
+ <code>unwrappingKey</code> as <var>key</var> and <code>wrappedKey</code> as
<var>ciphertext</var>.
</dd>
<dt>
@@ -2086,7 +2056,8 @@
</dt>
<dd>
Let <var>bytes</var> be the result of performing the Decrypt operation
- specified by <var>normalizedUnwrapAlgorithm</var> with <code>wrappedKey</code> as
+ specified by <var>normalizedUnwrapAlgorithm</var> with
+ <code>unwrappingKey</code> as <var>key</var> and <code>wrappedKey</code> as
<var>ciphertext</var>.
</dd>
<dt>Otherwise:</dt>
@@ -2744,7 +2715,8 @@
<ol>
<li>
<p>
- If <var>key</var> does not have key type <code>public</code>, terminate this
+ If the <a href="#dfn-Key-type">type</a> property of <var>key</var>
+ is not a case-sensitive string match for <code>"public"</code>, terminate this
algorithm with an error.
</p>
</li>
@@ -2753,13 +2725,16 @@
Perform the encrytion operation defined in Section 7.2 of [<cite><a
href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var>
as the recipient's RSA public key and the contents of <var>plaintext</var> as
- M.
+ <var>M</var>.
<dl class="switch">
<dt>If performing the operation results in an error:</dt>
<dd>Terminate this algorithm with an error.</dd>
<dt>Otherwise:</dt>
- <dd>Let <var>ciphertext</var> be a new <code>ArrayBuffer</code>
- containing the value C that results from performing the operation.</dd>
+ <dd>
+ Let <var>ciphertext</var> be a new ArrayBuffer
+ containing the value <var>C</var> that results from performing the
+ operation.
+ </dd>
</dl>
</p>
</li>
@@ -2770,23 +2745,27 @@
<ol>
<li>
<p>
- If <var>key</var> does not have key type <code>private</code>, terminate this
+ If the <a href="#dfn-Key-type">type</a> property of <var>key</var>
+ is not a case-sensitive string match for <code>"private"</code>, terminate this
algorithm with an error.
</p>
</li>
<li>
<p>
Perform the decryption operation defined in Section 7.2 of [<cite><a
- href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var>
- as the recipient's RSA private key and the contents of <var>ciphertext</var> as
- C.
+ href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var>
+ as the recipient's RSA private key and the contents of <var>ciphertext</var> as
+ <var>C</var>.
<dl class="switch">
<dt>If performing the operation results in an error:</dt>
<dd>Terminate this algorithm with an error.</dd>
<dt>Otherwise:</dt>
- <dd>Let <var>plaintext</var> be a new <code>ArrayBuffer</code>
- containing the value M that results from performing the operation.</dd>
+ <dd>
+ Let <var>plaintext</var> be a new ArrayBuffer
+ containing the value <var>M</var> that results from performing the
+ operation.
+ </dd>
</dl>
</p>
</li>
@@ -2798,16 +2777,26 @@
<li>
<p>
If any of the members of <a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a> are
- not present in <var>normalizedAlgorithm</var>, or have incorrect types,
- terminate this algorithm with an error.
+ not present in <var>normalizedAlgorithm</var>, terminate this algorithm with
+ an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>usages</var> contains an entry which is not a case-sensitive string
+ match for <code>"encrypt"</code>, <code>"decrypt"</code>,
+ <code>"wrapKey"</code> or <code>"unwrapKey"</code>, terminate this algorithm
+ with an error.
</p>
</li>
<li>
<p>
Generate an RSA key pair, as defined in [<cite><a
- href="#RFC3447">RFC3447</a></cite>], with RSA modulus length
- <var>normalizedAlgorithm</var><code>.modulusLength</code> and RSA public
- exponent <var>normalizedAlgorithm</var><code>.publicExponent</code>.
+ href="#RFC3447">RFC3447</a></cite>], with RSA modulus length equal to the
+ <a href="#dfn-RsaKeyGenParams-modulusLength">modulusLength</a> property of
+ <var>normalizedAlgorithm</var> and RSA public exponent equal to the
+ <a href="#dfn-RsaKeyGenParams-publicExponent">publicExponent</a> property of
+ <var>normalizedAlgorithm</var>.
<dl class="switch">
<dt>If generation of the key pair fails:</dt>
<dd>Terminate this algorithm with an error.</dd>
@@ -2816,48 +2805,112 @@
<ol>
<li>
<p>
- Let <var>result</var> be a new <a
- href="#dfn-KeyPair"><code>KeyPair</code></a> object
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey</code> be a new <a
- href="#dfn-Key"><code>Key</code></a> object representing the
- public key of the generated key pair.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey.extractable</code> be
- <code>true</code>
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey.keyUsages</code> be the
- intersection of <var>usages</var> and <code>[ "encrypt", "wrapKey"
- ]</code>.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.privateKey</code> be a new <a
- href="#dfn-Key"><code>Key</code></a> object representing the
- private key of the generated key pair.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.privateKey.extractable</code> be
- <var>extractable</var>.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.privateKey.keyUsages</code> be the
- intersection of <var>usages</var> and <code>[ "decrypt",
- "unwrapKey" ]</code>.
+ Let <var>algorithm</var> be a new
+ <a href="#dfn-RsaKeyAlgorithm">RsaKeyAlgorithm</a> object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-KeyAlgorithm-name">name</a> property of
+ <var>algorithm</var> to <code>"RSAES-PKCS1-v1_5"</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the
+ <a href="#dfn-RsaKeyAlgorithm-modulusLength">modulusLength</a>
+ property of <var>algorithm</var> to equal the
+ <a href="#dfn-RsaKeyGenParams-modulusLength">modulusLength</a>
+ property of <var>normalizedAlgorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the
+ <a href="#dfn-RsaKeyAlgorithm-publicExponent">publicExponent</a>
+ property of <var>algorithm</var> to equal the
+ <a href="#dfn-RsaKeyGenParams-publicExponent">publicExponent</a>
+ property of <var>normalizedAlgorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>publicKey</var> be a new <a href="#dfn-Key">Key</a> object
+ representing the public key of the generated key pair.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-Type">type</a> property of <var>publicKey</var>
+ to <code>"public"</code>
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-algorithm">algorithm</a> property of
+ <var>publicKey</var> to be <var>algorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-extractable">extractable</a> property of
+ <var>publicKey</var> to true.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-usages">usages</a> property of
+ <var>publicKey</var> to be the intersection of <var>usages</var>
+ and <code>[ "encrypt", "wrapKey" ]</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>privateKey</var> be a new <a href="#dfn-Key">Key</a> object
+ representing the private key of the generated key pair.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-Type">type</a> property of <var>privateKey</var>
+ to <code>"private"</code>
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-algorithm">algorithm</a> property of
+ <var>privateKey</var> to be <var>algorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-extractable">extractable</a> property of
+ <var>privateKey</var> to <var>extractable</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-usages">usages</a> property of
+ <var>privateKey</var> to be the intersection of <var>usages</var>
+ and <code>[ "decrypt", "unwrapKey" ]</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <a href="#dfn-KeyPair">KeyPair</a>
+ object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#def-KeyPair-publicKey">publicKey</a> property
+ of <var>result</var> to be <var>publicKey</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#def-KeyPair-privateKey">privateKey</a> property
+ of <var>result</var> to be <var>privateKey</var>.
</p>
</li>
<li>
@@ -3230,7 +3283,8 @@
<ol>
<li>
<p>
- If <var>key</var> does not have key type <code>private</code>, terminate this
+ If the <a href="#dfn-Key-type">type</a> property of <var>key</var>
+ is not a case-sensitive string match for <code>"private"</code>, terminate this
algorithm with an error.
</p>
</li>
@@ -3239,16 +3293,19 @@
Perform the signature generation operation defined in Section 8.2 of
[<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by
<var>key</var> as the signer's private key and the contents of
- <var>message</var> as M and using the hash function specified in
- <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option for the
- EMSA-PKCS1-v1_5 encoding method.
+ <var>message</var> as <var>M</var> and using the hash function specified in
+ the <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> property of the
+ <a href="#dfn-Key-algorithm">algorithm</a> property of <var>key</var> as the
+ Hash option for the EMSA-PKCS1-v1_5 encoding method.
<dl class="switch">
<dt>If performing the operation results in an error:</dt>
<dd>Terminate this algorithm with an error.</dd>
<dt>Otherwise:</dt>
- <dd>Let <var>signature</var> be the value S that results from
- performing the operation.</dd>
+ <dd>
+ Let <var>signature</var> be the value <var>S</var> that results from
+ performing the operation.
+ </dd>
</dl>
</p>
</li>
@@ -3260,7 +3317,8 @@
<ol>
<li>
<p>
- If <var>key</var> does not have key type <code>public</code>, terminate this
+ If the <a href="#dfn-Key-type">type</a> property of <var>key</var>
+ is not a case-sensitive string match for <code>"public"</code>, terminate this
algorithm with an error.
</p>
</li>
@@ -3269,16 +3327,20 @@
Perform the signature verification operation defined in Section 8.2 of
[<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by
<var>key</var> as the signer's RSA public key and the contents of
- <var>message</var> as M and <var>signature</var> as S and using the hash
- function specified in <var>normalizedAlgorithm</var><code>.hash</code> as the
- Hash option for the EMSA-PKCS1-v1_5 encoding method.
+ <var>message</var> as <var>M</var> and <var>signature</var> as <var>S</var>
+ and using the hash function specified in the
+ <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> property of the
+ <a href="#dfn-Key-algorithm">algorithm</a> property of
+ <var>key</var> as the Hash option for the EMSA-PKCS1-v1_5 encoding method.
<dl class="switch">
<dt>If performing the operation results in an error:</dt>
<dd>Terminate this algorithm with an error.</dd>
<dt>Otherwise:</dt>
- <dd>Let <var>result</var> be a boolean with value true if the
- result of the operations was "valid signature" and a boolean with value
- false otherwise.</dd>
+ <dd>
+ Let <var>result</var> be a boolean with value true if the
+ result of the operations was "valid signature" and a boolean with value
+ false otherwise.
+ </dd>
</dl>
</p>
</li>
@@ -3289,85 +3351,164 @@
<ol>
<li>
<p>
- If any of the members of <a href="#dfn-RsaHashedKeyGenParams">RsaHashedKeyGenParams</a>
- are not present in <var>normalizedAlgorithm</var>, or have incorrect types,
- terminate this algorithm with an error.
+ If any of the members of
+ <a href="#dfn-RsaHashedKeyGenParams">RsaHashedKeyGenParams</a> are not present
+ in <var>normalizedAlgorithm</var>, terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>usages</var> contains an entry which is not a case-sensitive string
+ match for <code>"sign"</code> or <code>"verify"</code>, terminate this
+ algorithm with an error.
</p>
</li>
<li>
<p>
Generate an RSA key pair, as defined in [<cite><a
- href="#RFC3447">RFC3447</a></cite>], with RSA modulus length
- <var>normalizedAlgorithm</var><code>.modulusLength</code> and RSA public
- exponent <var>normalizedAlgorithm</var><code>.publicExponent</code>.
- </p>
- </li>
- <li>
- <p>
- If generation of the key pair fails, terminate this algorithm with an
- error.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var> be a new <a
- href="#dfn-KeyPair"><code>KeyPair</code></a> object
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey</code> be a new <a
- href="#dfn-Key"><code>Key</code></a> object representing the
- public key of the generated key pair.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey.extractable</code> be
- <code>true</code>
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey.keyUsages</code> be the
- intersection of <var>usages</var> and <code>[ "verify" ]</code>.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.privateKey</code> be a new <a
- href="#dfn-Key"><code>Key</code></a> object representing the
- private key of the generated key pair.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.privateKey.extractable</code> be
- <var>extractable</var>.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.privateKey.keyUsages</code> be the
- intersection of <var>usages</var> and <code>[ "sign" ]</code>.
- </p>
- </li>
- <li>
- <p>
- Return <var>result</var>.
+ href="#RFC3447">RFC3447</a></cite>], with RSA modulus length equal to the
+ <a href="#dfn-RsaKeyGenParams-modulusLength">modulusLength</a> property of
+ <var>normalizedAlgorithm</var> and RSA public exponent equal to the
+ <a href="#dfn-RsaKeyGenParams-publicExponent">publicExponent</a> property of
+ <var>normalizedAlgorithm</var>.
+ <dl class="switch">
+ <dt>If generation of the key pair fails:</dt>
+ <dd>Terminate this algorithm with an error.</dd>
+ <dt>Otherwise:</dt>
+ <dd>
+ <ol>
+ <li>
+ <p>
+ Let <var>algorithm</var> be a new
+ <a href="#dfn-RsaHashedKeyAlgorithm">RsaHashedKeyAlgorithm</a>
+ object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-KeyAlgorithm-name">name</a> property of
+ <var>algorithm</var> to <code>"RSASSA-PKCS1-v1_5"</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the
+ <a href="#dfn-RsaKeyAlgorithm-modulusLength">modulusLength</a>
+ property of <var>algorithm</var> to equal the
+ <a href="#dfn-RsaKeyGenParams-modulusLength">modulusLength</a>
+ property of <var>normalizedAlgorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the
+ <a href="#dfn-RsaKeyAlgorithm-publicExponent">publicExponent</a>
+ property of <var>algorithm</var> to equal the
+ <a href="#dfn-RsaKeyGenParams-publicExponent">publicExponent</a>
+ property of <var>normalizedAlgorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> property
+ of <var>algorithm</var> to equal the
+ <a href="#dfn-RsaHashedKeyGenParams">hash</a> property of
+ <var>normalizedAlgorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>publicKey</var> be a new <a href="#dfn-Key">Key</a> object
+ representing the public key of the generated key pair.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-type">type</a> property of <var>publicKey</var>
+ to <code>"public"</code>
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-algorithm">algorithm</a> property of
+ <var>publicKey</var> to be <var>algorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-extractable">extractable</a> property of
+ <var>publicKey</var> to true.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-usages">usages</a> property of
+ <var>publicKey</var> to be the intersection of <var>usages</var>
+ and <code>[ "verify" ]</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>privateKey</var> be a new <a href="#dfn-Key">Key</a> object
+ representing the private key of the generated key pair.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-Type">type</a> property of <var>privateKey</var>
+ to <code>"private"</code>
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-algorithm">algorithm</a> property of
+ <var>privateKey</var> to be <var>algorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-extractable">extractable</a> property of
+ <var>privateKey</var> to <var>extractable</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-usages">usages</a> property of
+ <var>privateKey</var> to be the intersection of <var>usages</var>
+ and <code>[ "sign" ]</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <a href="#dfn-KeyPair">KeyPair</a>
+ object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#def-KeyPair-publicKey">publicKey</a> property
+ of <var>result</var> to be <var>publicKey</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#def-KeyPair-privateKey">privateKey</a> property
+ of <var>result</var> to be <var>privateKey</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Return <var>result</var>.
+ </p>
+ </li>
+ </ol>
+ </dd>
+ </dl>
</p>
</li>
</ol>
<div class="ednote">
<p>
- TODO: Specify how both the publicKey.algorithm and privateKey.algorithm
- are instances of <a href="#dfn-RsaHashedKeyAlgorithm">RsaHashedKeyAlgorithm</a>
- </p>
- <p>
- TODO: Specify that the operation should fail if KeyUsages other than
- <code>"sign"</code> and <code>"verify"</code> are used.
- </p>
- <p>
TODO: Specify how the normalizedAlgorithm needs to be an instance of
the relevant RsaHashed*Params dictionary, with particular attention to the fact
that WebIDL violations should be handled asynchronously.
@@ -3455,27 +3596,32 @@
<ol>
<li>
<p>
- If <var>key</var> does not have key type <code>private</code>, terminate this
+ If the <a href="#dfn-Key-type">type</a> property of <var>key</var>
+ is not a case-sensitive string match for <code>"private"</code>, terminate this
algorithm with an error.
</p>
</li>
<li>
<p>
If any of the members of <a href="#dfn-RsaPssParams">RsaPssParams</a> are not
- present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate
- this algorithm with an error.
+ present in <var>normalizedAlgorithm</var>, terminate this algorithm with an
+ error.
</p>
</li>
<li>
<p>
Perform the signature generation operation defined in Section 8.1 of [<cite><a
href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var>
- as the signer's private key, K, and the contents of <var>message</var> as the
- message to be signed, M, and using the hash function specified in
- <var>key</var><code>.algorithm.hash</code> as the Hash option, MGF1
- (defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as
- the MGF option and <var>normalizedAlgorithm</var><code>.saltLength</code> as the
- salt length option for the EMM-PSS-ENCODE operation.
+ as the signer's private key, <var>K</var>, and the contents of
+ <var>message</var> as the message to be signed, <var>M</var>, and using the
+ hash function specified by the
+ <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> property of the
+ <a href="#dfn-Key-algorithm">algorithm</a> property of <var>key</var>
+ as the Hash option, MGF1 (defined in Section B.2.1 of
+ [<cite><a href="#RFC3447">RFC3447</a></cite>]) as the MGF option and
+ the <a href="#dfn-RsaPssParams-saltLength">saltLength</a> property of
+ <var>normalizedAlgorithm</var> as the salt length option for the EMM-PSS-ENCODE
+ operation.
<dl class="switch">
<dt>If performing the operation results in an error:</dt>
<dd>Terminate this algorithm with an error.</dd>
@@ -3493,27 +3639,32 @@
<ol>
<li>
<p>
- If <var>key</var> does not have key type <code>public</code>, terminate this
+ If the <a href="#dfn-Key-type">type</a> property of <var>key</var>
+ is not a case-sensitive string match for <code>"public"</code>, terminate this
algorithm with an error.
</p>
</li>
<li>
<p>
If any of the members of <a href="#dfn-RsaPssParams">RsaPssParams</a> are not
- present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate
- this algorithm with an error.
+ present in <var>normalizedAlgorithm</var>, terminate this algorithm with an
+ error.
</p>
</li>
<li>
<p>
Perform the signature verification operation defined in Section 8.1 of [<cite><a
href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var>
- as the signer's RSA public key and the contents of <var>message</var> as M and
- the contents of <var>signature</var> as S and using the hash function specified
- in <var>key</var><code>.algorithm.hash</code> as the Hash option, MGF1
- (defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as
- the MGF option and <var>normalizedAlgorithm</var><code>.saltLength</code> as the
- salt length option for the EMSA-PSS-VERIFY operation.
+ as the signer's RSA public key and the contents of <var>message</var> as
+ <var>M</var> and the contents of <var>signature</var> as <var>S</var> and using
+ the hash function specified by the
+ <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> property of the
+ <a href="#dfn-Key-algorithm">algorithm</a> property of <var>key</var> as the
+ Hash option, MGF1 (defined in Section B.2.1 of
+ [<cite><a href="#RFC3447">RFC3447</a></cite>]) as the MGF option and the
+ <a href="#dfn-RsaPssParams-saltLength">saltLength</a> property of
+ <var>normalizedAlgorithm</var> as the salt length option for the
+ EMSA-PSS-VERIFY operation.
<dl class="switch">
<dt>If performing the operation results in an error:</dt>
<dd>Terminate this algorithm with an error.</dd>
@@ -3532,65 +3683,149 @@
<ol>
<li>
<p>
- If any of the members of <a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a> are
- not present in <var>normalizedAlgorithm</var>, or have incorrect types,
- terminate this algorithm with an error.
+ If any of the members of
+ <a href="#dfn-RsaHashedKeyGenParams">RsaHashedKeyGenParams</a> are not present
+ in <var>normalizedAlgorithm</var>, terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>usages</var> contains an entry which is not a case-sensitive string
+ match for <code>"sign"</code> or <code>"verify"</code>, terminate this
+ algorithm with an error.
</p>
</li>
<li>
<p>
Generate an RSA key pair, as defined in [<cite><a
- href="#RFC3447">RFC3447</a></cite>], with RSA modulus length
- <var>normalizedAlgorithm</var><code>.modulusLength</code> and RSA public
- exponent <var>normalizedAlgorithm</var><code>.publicExponent</code>.
+ href="#RFC3447">RFC3447</a></cite>], with RSA modulus length equal to the
+ <a href="#dfn-RsaKeyGenParams-modulusLength">modulusLength</a> property of
+ <var>normalizedAlgorithm</var> and RSA public exponent equal to the
+ <a href="#dfn-RsaKeyGenParams-publicExponent">publicExponent</a> property of
+ <var>normalizedAlgorithm</var>.
<dl class="switch">
- <dt>If performing the operation results in an error:</dt>
+ <dt>If generation of the key pair fails:</dt>
<dd>Terminate this algorithm with an error.</dd>
<dt>Otherwise:</dt>
<dd>
<ol>
<li>
<p>
- Let <var>result</var> be a new <a
- href="#dfn-KeyPair"><code>KeyPair</code></a> object
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey</code> be a new <a
- href="#dfn-Key"><code>Key</code></a> object representing the public
- key of the generated key pair.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey.extractable</code> be
- <code>true</code>
+ Let <var>algorithm</var> be a new
+ <a href="#dfn-RsaHashedKeyAlgorithm">RsaHashedKeyAlgorithm</a>
+ object.
</p>
</li>
<li>
<p>
- Let <var>result</var><code>.publicKey.keyUsages</code> be the
- intersection of <var>usages</var> and <code>[ "verify" ]</code>.
+ Set the <a href="#dfn-KeyAlgorithm-name">name</a> property of
+ <var>algorithm</var> to <code>"RSA-PSS"</code>.
</p>
</li>
<li>
<p>
- Let <var>result</var><code>.privateKey</code> be a new <a
- href="#dfn-Key"><code>Key</code></a> object representing the private
- key of the generated key pair.
+ Set the
+ <a href="#dfn-RsaKeyAlgorithm-modulusLength">modulusLength</a>
+ property of <var>algorithm</var> to equal the
+ <a href="#dfn-RsaKeyGenParams-modulusLength">modulusLength</a>
+ property of <var>normalizedAlgorithm</var>.
</p>
</li>
<li>
<p>
- Let <var>result</var><code>.privateKey.extractable</code> be
- <var>extractable</var>.
+ Set the
+ <a href="#dfn-RsaKeyAlgorithm-publicExponent">publicExponent</a>
+ property of <var>algorithm</var> to equal the
+ <a href="#dfn-RsaKeyGenParams-publicExponent">publicExponent</a>
+ property of <var>normalizedAlgorithm</var>.
</p>
</li>
<li>
<p>
- Let <var>result</var><code>.privateKey.keyUsages</code> be the
- intersection of <var>usages</var> and <code>[ "sign" ]</code>.
+ Set the <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> property
+ of <var>algorithm</var> to equal the
+ <a href="#dfn-RsaHashedKeyGenParams">hash</a> property of
+ <var>normalizedAlgorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>publicKey</var> be a new <a href="#dfn-Key">Key</a> object
+ representing the public key of the generated key pair.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-type">type</a> property of <var>publicKey</var>
+ to <code>"public"</code>
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-algorithm">algorithm</a> property of
+ <var>publicKey</var> to be <var>algorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-extractable">extractable</a> property of
+ <var>publicKey</var> to true.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-usages">usages</a> property of
+ <var>publicKey</var> to be the intersection of <var>usages</var>
+ and <code>[ "verify" ]</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>privateKey</var> be a new <a href="#dfn-Key">Key</a> object
+ representing the private key of the generated key pair.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-Type">type</a> property of <var>privateKey</var>
+ to <code>"private"</code>
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-algorithm">algorithm</a> property of
+ <var>privateKey</var> to be <var>algorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-extractable">extractable</a> property of
+ <var>privateKey</var> to <var>extractable</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-usages">usages</a> property of
+ <var>privateKey</var> to be the intersection of <var>usages</var>
+ and <code>[ "sign" ]</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <a href="#dfn-KeyPair">KeyPair</a>
+ object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#def-KeyPair-publicKey">publicKey</a> property
+ of <var>result</var> to be <var>publicKey</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#def-KeyPair-privateKey">privateKey</a> property
+ of <var>result</var> to be <var>privateKey</var>.
</p>
</li>
<li>
@@ -3613,14 +3848,6 @@
<div class="ednote">
<p>
- TODO: Specify how both the publicKey.algorithm and privateKey.algorithm
- are instances of <a href="#dfn-RsaHashedKeyAlgorithm">RsaHashedKeyAlgorithm</a>
- </p>
- <p>
- TODO: Specify that the operation should fail if KeyUsages other than
- <code>"sign"</code> and <code>"verify"</code> are used.
- </p>
- <p>
TODO: Specify how the normalizedAlgorithm needs to be an instance of
the relevant RsaHashed*Params dictionary, with particular attention to the fact
that WebIDL violations should be handled asynchronously.
@@ -3704,14 +3931,15 @@
<ol>
<li>
<p>
- If <var>key</var> does not have key type <code>public</code>, terminate this
+ If the <a href="#dfn-Key-type">type</a> property of <var>key</var>
+ is not a case-sensitive string match for <code>"public"</code>, terminate this
algorithm with an error.
</p>
</li>
<li>
<p>
If any of the members of <a href="#dfn-RsaOaepParams">RsaOaepParams</a> are
- not present in <var>normalizedAlgorithm</var>, or have incorrect types,
+ not present in <var>normalizedAlgorithm</var>,
terminate this algorithm with an error.
</p>
</li>
@@ -3720,18 +3948,23 @@
Perform the encrytion operation defined in Section 7.1 of [<cite><a
href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var>
as the recipient's RSA public key, the contents of <var>plaintext</var> as the
- message to be encrypted, M, and
- <var>normalizedAlgorithm</var><code>.label</code> as the label, L, and with
- the hash function identified by
- <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option and MGF1
- (defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as
- the MGF option.
+ message to be encrypted, <var>M</var> and the
+ <a href="#dfn-RsaOaepParams-label">label</a> property of
+ <var>normalizedAlgorithm</var> as the label, <var>L</var>, and with the hash
+ function specified by the
+ <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> property of the
+ <a href="#dfn-Key-algorithm">algorithm</a> property of <var>key</var> as the
+ Hash option and MGF1 (defined in Section B.2.1 of
+ [<cite><a href="#RFC3447">RFC3447</a></cite>]) as the MGF option.
<dl class="switch">
<dt>If performing the operation results in an error:</dt>
<dd>Terminate this algorithm with an error.</dd>
<dt>Otherwise:</dt>
- <dd>Let <var>ciphertext</var> be a new <code>ArrayBuffer</code>
- containing the value C that results from performing the operation.</dd>
+ <dd>
+ Let <var>ciphertext</var> be a new <code>ArrayBuffer</code>
+ containing the value <var>C</var> that results from performing the
+ operation.
+ </dd>
</dl>
</p>
</li>
@@ -3742,14 +3975,15 @@
<ol>
<li>
<p>
- If <var>key</var> does not have key type <code>private</code>, terminate this
+ If the <a href="#dfn-Key-type">type</a> property of <var>key</var>
+ is not a case-sensitive string match for <code>"private"</code>, terminate this
algorithm with an error.
</p>
</li>
<li>
<p>
If any of the members of <a href="#dfn-RsaOaepParams">RsaOaepParams</a> are
- not present in <var>normalizedAlgorithm</var>, or have incorrect types,
+ not present in <var>normalizedAlgorithm</var>,
terminate this algorithm with an error.
</p>
</li>
@@ -3758,18 +3992,24 @@
Perform the decryption operation defined in Section 7.1 of [<cite><a
href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var>
as the recipient's RSA private key, the contents of <var>ciphertext</var> as
- the cipertext to be decrypted, C, and
- <var>normalizedAlgorithm</var><code>.label</code> as the label, L, and with
- the hash function identified by
- <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option and MGF1
+ the cipertext to be decrypted, C, and the
+ <a href="#dfn-RsaOaepParams-label">label</a> property of
+ <var>normalizedAlgorithm</var> as the label, <var>L</var>, and with the hash
+ function specified by the
+ <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> property of the
+ <a href="#dfn-Key-algorithm">algorithm</a> property of <var>key</var> as the
+ Hash option and MGF1
(defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as
the MGF option.
<dl class="switch">
<dt>If performing the operation results in an error:</dt>
<dd>Terminate this algorithm with an error.</dd>
<dt>Otherwise:</dt>
- <dd>let <var>plaintext</var> be a new <code>ArrayBuffer</code>
- containing the value M that results from performing the operation.</dd>
+ <dd>
+ Let <var>plaintext</var> be a new <code>ArrayBuffer</code>
+ containing the value <var>M</var> that results from performing the
+ operation.
+ </dd>
</dl>
</p>
</li>
@@ -3780,67 +4020,150 @@
<ol>
<li>
<p>
- If any of the members of <a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a>
- are not present in <var>normalizedAlgorithm</var>, or have incorrect types,
- terminate this algorithm with an error.
+ If any of the members of
+ <a href="#dfn-RsaHashedKeyGenParams">RsaHashedKeyGenParams</a> are not present
+ in <var>normalizedAlgorithm</var>, terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>usages</var> contains an entry which is not a case-sensitive string
+ match for <code>"encrypt"</code>, <code>"decrypt</code>,
+ <code>wrapKey</code> or <code>unwrapKey</code>, terminate this
+ algorithm with an error.
</p>
</li>
<li>
<p>
Generate an RSA key pair, as defined in [<cite><a
- href="#RFC3447">RFC3447</a></cite>], with RSA modulus length
- <var>normalizedAlgorithm</var><code>.modulusLength</code> and RSA public
- exponent <var>normalizedAlgorithm</var><code>.publicExponent</code>.
+ href="#RFC3447">RFC3447</a></cite>], with RSA modulus length equal to the
+ <a href="#dfn-RsaKeyGenParams-modulusLength">modulusLength</a> property of
+ <var>normalizedAlgorithm</var> and RSA public exponent equal to the
+ <a href="#dfn-RsaKeyGenParams-publicExponent">publicExponent</a> property of
+ <var>normalizedAlgorithm</var>.
<dl class="switch">
- <dt>If performing the operation results in an error:</dt>
+ <dt>If generation of the key pair fails:</dt>
<dd>Terminate this algorithm with an error.</dd>
<dt>Otherwise:</dt>
<dd>
<ol>
<li>
<p>
- Let <var>result</var> be a new <a
- href="#dfn-KeyPair"><code>KeyPair</code></a> object
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey</code> be a new <a
- href="#dfn-Key"><code>Key</code></a> object representing the
- public key of the generated key pair.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey.extractable</code> be
- <code>true</code>
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey.keyUsages</code> be the
- intersection of <var>usages</var> and <code>[ "encrypt", "wrapKey"
- ]</code>.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.privateKey</code> be a new <a
- href="#dfn-Key"><code>Key</code></a> object representing the
- private key of the generated key pair.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.privateKey.extractable</code> be
- <var>extractable</var>.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.privateKey.keyUsages</code> be the
- intersection of <var>usages</var> and <code>[ "decrypt",
- "unwrapKey" ]</code>.
+ Let <var>algorithm</var> be a new
+ <a href="#dfn-RsaHashedKeyAlgorithm">RsaHashedKeyAlgorithm</a>
+ object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-KeyAlgorithm-name">name</a> property of
+ <var>algorithm</var> to <code>"RSA-OAEP"</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the
+ <a href="#dfn-RsaKeyAlgorithm-modulusLength">modulusLength</a>
+ property of <var>algorithm</var> to equal the
+ <a href="#dfn-RsaKeyGenParams-modulusLength">modulusLength</a>
+ property of <var>normalizedAlgorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the
+ <a href="#dfn-RsaKeyAlgorithm-publicExponent">publicExponent</a>
+ property of <var>algorithm</var> to equal the
+ <a href="#dfn-RsaKeyGenParams-publicExponent">publicExponent</a>
+ property of <var>normalizedAlgorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> property
+ of <var>algorithm</var> to equal the
+ <a href="#dfn-RsaHashedKeyGenParams">hash</a> property of
+ <var>normalizedAlgorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>publicKey</var> be a new <a href="#dfn-Key">Key</a> object
+ representing the public key of the generated key pair.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-type">type</a> property of <var>publicKey</var>
+ to <code>"public"</code>
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-algorithm">algorithm</a> property of
+ <var>publicKey</var> to be <var>algorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-extractable">extractable</a> property of
+ <var>publicKey</var> to true.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-usages">usages</a> property of
+ <var>publicKey</var> to be the intersection of <var>usages</var>
+ and <code>[ "encrypt", "wrapKey" ]</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>privateKey</var> be a new <a href="#dfn-Key">Key</a> object
+ representing the private key of the generated key pair.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-Type">type</a> property of <var>privateKey</var>
+ to <code>"private"</code>
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-algorithm">algorithm</a> property of
+ <var>privateKey</var> to be <var>algorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-extractable">extractable</a> property of
+ <var>privateKey</var> to <var>extractable</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-usages">usages</a> property of
+ <var>privateKey</var> to be the intersection of <var>usages</var>
+ and <code>[ "decrypt", "unwrapKey" ]</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <a href="#dfn-KeyPair">KeyPair</a>
+ object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#def-KeyPair-publicKey">publicKey</a> property
+ of <var>result</var> to be <var>publicKey</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#def-KeyPair-privateKey">privateKey</a> property
+ of <var>result</var> to be <var>privateKey</var>.
</p>
</li>
<li>
@@ -3863,14 +4186,6 @@
</div>
<div class="ednote">
<p>
- TODO: Specify how both the publicKey.algorithm and privateKey.algorithm
- are instances of <a href="#dfn-RsaHashedKeyAlgorithm">RsaHashedKeyAlgorithm</a>
- </p>
- <p>
- TODO: Specify that the operation should fail if KeyUsages other than
- <code>"sign"</code> and <code>"verify"</code> are used.
- </p>
- <p>
TODO: Specify how the normalizedAlgorithm needs to be an instance of
the relevant RsaHashed*Params dictionary, with particular attention to the fact
that WebIDL violations should be handled asynchronously.
@@ -4238,77 +4553,135 @@
<li>
<p>
If any of the members of <a href="#dfn-EcKeyGenParams">EcKeyGenParams</a> are
- not present in <var>normalizedAlgorithm</var>, or have incorrect types,
+ not present in <var>normalizedAlgorithm</var>,
terminate this algorithm with an error.
</p>
</li>
<li>
<p>
- If <var>usages</var> contains a value which is not either <code>deriveKey</code>
- or <code>dervieBits</code>, terminate this algorithm with an error.
+ If <var>usages</var> contains a value which is not a case-sensitive string match
+ for one of <code>"deriveKey"</code> or <code>"deriveBits"</code>,
+ terminate this algorithm with an error.
</p>
</li>
<li>
<p>
Generate an Eliptic Curve key pair, as defined in [<a href="#X9.63">X9.63</a>]
with domain parameters for the curve identified by
- <var>normalizedAlgorithm</var><code>.namedCurve</code>.
+ the <a href="#dfn-ExKeyGenParams-namedCurve">namedCurve</a> property of
+ <var>normalizedAlgorithm</var>.
<dl class="switch">
<dt>If performing the operation results in an error:</dt>
<dd>Terminate this algorithm with an error.</dd>
<dt>Otherwise:</dt>
<dd>
<ol>
- <li>
- <p>
- Let <var>result</var> be a new <a
- href="#dfn-KeyPair"><code>KeyPair</code></a> object
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey</code> be a new <a
- href="#dfn-Key"><code>Key</code></a> object representing the public
- key of the generated key pair.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey.extractable</code> be
- <code>true</code>
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey.keyUsages</code> be
- <var>usages</var>.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.privateKey</code> be a new <a
- href="#dfn-Key"><code>Key</code></a> object representing the private
- key of the generated key pair.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.privateKey.extractable</code> be
- <var>extractable</var>.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.privateKey.keyUsages</code> be
- <var>usages</var>.
- </p>
- </li>
- <li>
- <p>
- Return <var>result</var>.
- </p>
- </li>
- </ol>
+ <li>
+ <p>
+ Let <var>algorithm</var> be a new
+ <a href="#dfn-EcKeyAlgorithm">EcKeyAlgorithm</a>
+ object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Algorithm-name">name</a> property of
+ <var>algorithm</var> to <code>"ECDH"</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+ property of <var>algorithm</var> to equal the
+ <a href="#dfn-EcKeyGenParams">namedCurve</a> property of
+ <var>normalizedAlgorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>publicKey</var> be a new <a href="#dfn-Key">Key</a> object
+ representing the public key of the generated key pair.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-type">type</a> property of <var>publicKey</var>
+ to <code>"public"</code>
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-algorithm">algorithm</a> property of
+ <var>publicKey</var> to be <var>algorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-extractable">extractable</a> property of
+ <var>publicKey</var> to true.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-usages">usages</a> property of
+ <var>publicKey</var> to be the empty list.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>privateKey</var> be a new <a href="#dfn-Key">Key</a> object
+ representing the private key of the generated key pair.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-Type">type</a> property of <var>privateKey</var>
+ to <code>"private"</code>
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-algorithm">algorithm</a> property of
+ <var>privateKey</var> to be <var>algorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-extractable">extractable</a> property of
+ <var>privateKey</var> to <var>extractable</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-usages">usages</a> property of
+ <var>privateKey</var> to be the intersection of <var>usages</var>
+ and <code>[ "deriveKey", "deriveBits" ]</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <a href="#dfn-KeyPair">KeyPair</a>
+ object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#def-KeyPair-publicKey">publicKey</a> property
+ of <var>result</var> to be <var>publicKey</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#def-KeyPair-privateKey">privateKey</a> property
+ of <var>result</var> to be <var>privateKey</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Return <var>result</var>.
+ </p>
+ </li>
+ </ol>
</dd>
</dl>
</p>
@@ -4320,7 +4693,8 @@
<ol>
<li>
<p>
- If <var>key</var> does not have key type <code>private</code>, terminate this
+ If the <a href="#dfn-Key-type">type</a> property of <var>key</var>
+ is not a case-sensitive string match for <code>"private"</code>, terminate this
algorithm with an error.
</p>
</li>
@@ -4328,15 +4702,16 @@
<p>
If any of the members of <a
href="#dfn-EcdhKeyDeriveParams">EcdhKeyDeriveParams</a> are not present in
- <var>normalizedAlgorithm</var>, or have incorrect types, terminate this
+ <var>normalizedAlgorithm</var>, terminate this
algorithm with an error.
</p>
</li>
<li>
<p>
Perform the ECDH primitive specified in <a href="#X9.63">X9.63</a> Section 5.4.1
- with <var>key</var> as the EC private key d and
- <var>normalizedAlgorithm</var><code>.public</code> as the EC public key Q.
+ with <var>key</var> as the EC private key <var>d</var> and the
+ <a href="#dfn-EcdhKeyDeriveParams-public">public</a> property of
+ <var>normalizedAlgorithm</var> as the EC public key <var>Q</var>.
<dl class="switch">
<dt>If performing the operation results in an error:</dt>
<dd>Terminate this algorithm with an error.</dd>
@@ -4352,26 +4727,15 @@
recommended curves P-256, P-384, and P-521 is 1, so the standard and modified ECDH
primitives are equivalent for those curves.
</div>
- <li>
- <div class="ednote">
- Define how the finite field member <var>result</var> is converted to a bit
- string
- </div>
- </li>
- <li>
- <div class="ednote">
- Define how a key for algorithm <var>normalizedDerivedKeyAlgorithm</var> is
- derived from a bit string
- </div>
- </li>
</ol>
<div class="ednote">
<p>
- Define how the finite field member <var>result</var> is converted to a bit-string.
- </p>
- <p>
- Define how a key for the <var>normalizedDerivedKeyAlgorithm</var> is derived from
- a given bit string (when not feeding into another KDF, such as Concat).
+ TODO: Define how the finite field member <var>result</var> is converted to a bit
+ string.
+ </p>
+ <p>
+ TODO: Define how a key for algorithm <var>normalizedDerivedKeyAlgorithm</var> is
+ derived from a bit string.
</p>
</div>
</dd>
@@ -4380,7 +4744,8 @@
<ol>
<li>
<p>
- If <var>key</var> does not have key type <code>private</code>, terminate this
+ If the <a href="#dfn-Key-type">type</a> property of <var>key</var>
+ is not a case-sensitive string match for <code>"private"</code>, terminate this
algorithm with an error.
</p>
</li>
@@ -4388,15 +4753,16 @@
<p>
If any of the members of <a
href="#dfn-EcdhKeyDeriveParams">EcdhKeyDeriveParams</a> are not present in
- <var>normalizedAlgorithm</var>, or have incorrect types, terminate this
+ <var>normalizedAlgorithm</var>, terminate this
algorithm with an error.
</p>
</li>
<li>
<p>
Perform the ECDH primitive specified in <a href="#X9.63">X9.63</a> Section 5.4.1
- with <var>key</var> as the EC private key d and
- <var>normalizedAlgorithm</var><code>.public</code> as the EC public key Q.
+ with <var>key</var> as the EC private key <var>d</var> and the
+ <a href="#dfn-EcdhKeyDeriveParams-public">public</a> property of
+ <var>normalizedAlgorithm</var> as the EC public key <var>Q</var>.
<dl class="switch">
<dt>If performing the operation results in an error:</dt>
<dd>Terminate this algorithm with an error.</dd>
@@ -4408,12 +4774,11 @@
</ol>
<div class="ednote">
<p>
- Define how the finite field member <var>result</var> is converted to a bit
+ TODO: Define how the finite field member <var>result</var> is converted to a bit
string.
</p>
</div>
</dd>
-
</div>
</div>
@@ -6436,6 +6801,11 @@
as described in Section 6.3 of NIST SP 800-38A
[<a href="#SP800-38A">SP800-38A</a>].
</p>
+ <div class="ednote">
+ <p>
+ TODO: Decide whether other variants, such as CFB-128, should be supported.
+ </p>
+ </div>
</div>
<div id="aes-cfb-registration" class="section">
<h4>Registration</h4>
@@ -7104,9 +7474,8 @@
<li>
<p>
If <var>usages</var> contains an entry which is not a case-sensitive string
- match for one of <code>"encrypt"</code>, <code>"decrypt"</code>,
- <code>"wrapKey"</code> or <code>"unwrapKey"</code>, terminate this algorithm
- with an error.
+ match for one of <code>"wrapKey"</code> or <code>"unwrapKey"</code>,
+ terminate this algorithm with an error.
</p>
</li>
<li>
@@ -7202,7 +7571,7 @@
</li>
<li>
<p>
- Let <var>key</var> be a new <code><a href="#dfn-key">Key</a></code>
+ Let <var>key</var> be a new <a href="#dfn-key">Key</a>
object representing an AES key with value <var>data</var>.
</p>
</li>
--- a/spec/Overview.html Wed Feb 19 13:55:41 2014 -0800
+++ b/spec/Overview.html Wed Feb 19 16:45:04 2014 -0800
@@ -44,7 +44,7 @@
communications.
</p>
- <div class="ednote"><div class="ednoteHeader">Editorial note</div><p>There are 30 further editorial notes in the document.</p></div>
+ <div class="ednote"><div class="ednoteHeader">Editorial note</div><p>There are 29 further editorial notes in the document.</p></div>
</div>
<div class="section">
@@ -1096,8 +1096,8 @@
</li>
<li>
<p>
- If <code>key</code>.<a href="#dfn-Key-KeyUsage"><code>usages</code></a> does not
- contain the <code>"encrypt"</code> <a href="#dfn-KeyUsage"><code>KeyUsage</code></a>,
+ If the <a href="#dfn-Key-usages">usages</a> property of <code>key</code> does not
+ contain an entry that is a case-sensitive string match for <code>"encrypt"</code>,
terminate this algorithm with an error.
</p>
</li>
@@ -1159,8 +1159,8 @@
</li>
<li>
<p>
- If <code>key</code>.<a href="#dfn-Key-KeyUsage"><code>usages</code></a> does not
- contain the <code>"decrypt"</code> <a href="#dfn-KeyUsage"><code>KeyUsage</code></a>,
+ If the <a href="#dfn-Key-usages">usages</a> property of <code>key</code> does not
+ contain an entry that is a case-sensitive string match for <code>"decrypt"</code>,
terminate this algorithm with an error.
</p>
</li>
@@ -1221,8 +1221,8 @@
</li>
<li>
<p>
- If <code>key</code>.<a href="#dfn-Key-KeyUsage"><code>usages</code></a> does not
- contain the <code>"sign"</code> <a href="#dfn-KeyUsage"><code>KeyUsage</code></a>,
+ If the <a href="#dfn-Key-usages">usages</a> property of <code>key</code> does not
+ contain an entry that is a case-sensitive string match for <code>"sign"</code>,
terminate this algorithm with an error.
</p>
</li>
@@ -1283,8 +1283,8 @@
</li>
<li>
<p>
- If <code>key</code>.<a href="#dfn-Key-KeyUsage"><code>usages</code></a> does not
- contain the <code>"verify"</code> <a href="#dfn-KeyUsage"><code>KeyUsage</code></a>,
+ If the <a href="#dfn-Key-usages">usages</a> property of <code>key</code> does not
+ contain an entry that is a case-sensitive string match for <code>"verify"</code>,
terminate this algorithm with an error.
</p>
</li>
@@ -1502,8 +1502,8 @@
</li>
<li>
<p>
- If <code>baseKey</code>.<a href="#dfn-Key-KeyUsage"><code>usages</code></a> does not
- contain the <code>"deriveKey"</code> <a href="#dfn-KeyUsage"><code>KeyUsage</code></a>,
+ If the <a href="#dfn-Key-usages">usages</a> property of <code>baseKey</code> does not
+ contain an entry that is a case-sensitive string match for <code>"deriveKey"</code>,
terminate this algorithm with an error.
</p>
</li>
@@ -1550,13 +1550,6 @@
</li>
<li>
<p>
- If <var>baseKey</var>.<a href="#dfn-Key-usages"><code>usages</code></a> does not
- contain the <code>"deriveKey"</code> <a href="#dfn-KeyUsage"><code>KeyUsage</code></a>,
- terminate this algorithm with an error.
- </p>
- </li>
- <li>
- <p>
Let <var>result</var> be the result of executing the key derivation algorithm
defined by the algorithm indicated in <var>normalizedAlgorithm</var> using
<code>key</code> as <var>key</var>, <code>extractable</code> as
@@ -1596,8 +1589,8 @@
</li>
<li>
<p>
- If <code>baseKey</code>.<a href="#dfn-Key-KeyUsage"><code>usages</code></a> does not
- contain the <code>"deriveBits"</code> <a href="#dfn-KeyUsage"><code>KeyUsage</code></a>,
+ If the <a href="#dfn-Key-usages">usages</a> property of <code>baseKey</code> does not
+ contain an entry that is a case-sensitive string match for <code>"deriveBits"</code>,
terminate this algorithm with an error.
</p>
</li>
@@ -1664,9 +1657,9 @@
</p>
<ol>
<li>
- <ul>
- <li>
- <p>If <code>algorithm</code> is defined:</p>
+ <dl class="switch">
+ <dt>If <code>algorithm</code> is not null:</dt>
+ <dd>
<ol>
<li>
<p>
@@ -1684,11 +1677,12 @@
</p>
</li>
</ol>
- </li>
- <li>
- <p>Otherwise, let <var>normalizedAlgorithm</var> be <code>null</code>.</p>
- </li>
- </ul>
+ </dd>
+ <dt>Otherwise:</dt>
+ <dd>
+ Let <var>normalizedAlgorithm</var> be null.
+ </dd>
+ </dl>
</li>
<li>
<p>
@@ -1707,14 +1701,6 @@
</li>
<li>
<p>
- Let <var>format</var>, <var>keyData</var>, <var>extractable</var> and
- <var>usages</var> be the <code>format</code>, <code>keyData</code>,
- <code>extractable</code> and <code>usages</code> parameters to the
- <dfn id="dfn-SubtleCrypto-method-importKey">importKey</dfn> method respectively.
- </p>
- </li>
- <li>
- <p>
Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var>
its associated resolver.
</p>
@@ -1746,31 +1732,13 @@
</li>
</ol>
</li>
-
- <li>
- <p>
- If <var>keyData</var>, interpreted accoding to <var>format</var>, specifies
- parameters that are inconsistent with the parameters supplied to
- <dfn id="dfn-SubtleCrypto-method-importKey">importKey</dfn>, terminate this
- algorithm with an error.
- </p>
- </li>
<li>
<p>
Let <var>result</var> be the <a href="#dfn-Key"><code>Key</code></a> object that
- results from interpreting <var>keyData</var> accoding to <var>format</var> using
- the key import algorithm indicated in <var>normalizedAlgorithm</var>.
- </p>
- </li>
- <li>
- <p>
- Set <var>result</var>.<a href="#dfn-Key-extractable"><code>extractable</code></a>
- to be <var>extractable</var>.
- </p>
- </li>
- <li>
- <p>
- Set <var>result</var>.<a href="#dfn-Key-usages"><code>usages</code></a> to be <var>usages</var>.
+ results from performing the Import Key operation defined by
+ <var>normalizedAlgorithm</var> using <code>keyData</code> as <var>keyData</var>,
+ <code>format</code> as <var>format</var>, <code>extractable</code> as
+ <var>extractable</var> and <code>usages</code> as <var>usages</var>.
</p>
</li>
<li>
@@ -1797,12 +1765,6 @@
</li>
<li>
<p>
- Let <var>key</var> and <var>format</var> be the values of the <code>key</code> and
- <code>format</code> parameters to the <dfn id="dfn-SubtleCrypto-method-exportKey">exportKey</dfn> method respectively.
- </p>
- </li>
- <li>
- <p>
Let <var>promise</var> be a new <code>Promise</code> object and
<var>resolver</var> its associated resolver.
</p>
@@ -1837,14 +1799,22 @@
</li>
<li>
<p>
- If <var>key</var>.<a href="#dfn-Key-extractable"><code>extractable</code></a> is
- not true, terminate this algorithm with an error.
+ If the <a href="#dfn-Key-extractable">extractable</a> property of <code>key</code>
+ is false, terminate this algorithm with an error.
</p>
</li>
<li>
<p>
- Let <var>result</var> be the result of encoding <var>key</var> according to
- <var>format</var>.
+ Let <var>result</var> be the result of performing the Export Key operation specified
+ by the algorithm identified by the <a href="#dfn-Key-algorithm">algorithm</a>
+ property of <code>key</code> using <code>key</code> as <var>key</var> and
+ <code>format</code> as <var>format</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Execute <var>resolver</var>'s <code>resolve(value)</code> algorithm, with
+ <var>result</var> as the <code>value</code> argument.
</p>
</li>
</ol>
@@ -1914,8 +1884,8 @@
<li>
<p>
If the <a href="#dfn-Key-usages">usages</a> property of <code>wrappingKey</code>
- does not contain the <code>"wrapKey"</code> <a href="#dfn-KeyUsage">KeyUsage</a>,
- terminate this algorithm with an error.
+ does not contain an entry that is a case-sensitive string match for
+ <code>"wrapKey"</code>, terminate this algorithm with an error.
</p>
</li>
<li>
@@ -1943,16 +1913,16 @@
<dd>
<p>
Let <var>result</var> be the result of performing the Wrap Key operation
- specified by <var>normalizedAlgorithm</var> with <var>bytes</var> as
- <var>plaintext</var>.
+ specified by <var>normalizedAlgorithm</var> with <code>wrappingKey</code>
+ as <var>key</var> and <var>bytes</var> as <var>plaintext</var>.
</p>
</dd>
<dt>Otherwise, if <var>normalizedAlgorithm</var> specifies an Encrypt operation:</dt>
<dd>
<p>
Let <var>result</var> be the result of performing the Encrypt operation
- specified by <var>normalizedAlgorithm</var> with <var>bytes</var> as
- <var>plaintext</var>.
+ specified by <var>normalizedAlgorithm</var> with <code>wrappingKey</code>
+ as <var>key</var> and <var>bytes</var> as <var>plaintext</var>.
</p>
</dd>
<dt>Otherwise:</dt>
@@ -2071,8 +2041,8 @@
<li>
<p>
If the <a href="#dfn-Key-usages">usages</a> property of <code>unwrappingKey</code>
- does not contain the <code>"unwrapKey"</code> <a href="#dfn-KeyUsage">KeyUsage</a>,
- terminate this algorithm with an error.
+ does not contain an entry that is a case-sensitive string match for
+ <code>"unwrapKey"</code>, terminate this algorithm with an error.
</p>
</li>
<li>
@@ -2080,7 +2050,8 @@
<dt>If <var>normalizedUnwrapAlgorithm</var> specifies a Unwrap Key operation:</dt>
<dd>
Let <var>bytes</var> be the result of performing the Unwrap Key operation
- specified by <var>normalizedUnwrapAlgorithm</var> with <code>wrappedKey</code> as
+ specified by <var>normalizedUnwrapAlgorithm</var> with
+ <code>unwrappingKey</code> as <var>key</var> and <code>wrappedKey</code> as
<var>ciphertext</var>.
</dd>
<dt>
@@ -2089,7 +2060,8 @@
</dt>
<dd>
Let <var>bytes</var> be the result of performing the Decrypt operation
- specified by <var>normalizedUnwrapAlgorithm</var> with <code>wrappedKey</code> as
+ specified by <var>normalizedUnwrapAlgorithm</var> with
+ <code>unwrappingKey</code> as <var>key</var> and <code>wrappedKey</code> as
<var>ciphertext</var>.
</dd>
<dt>Otherwise:</dt>
@@ -2747,7 +2719,8 @@
<ol>
<li>
<p>
- If <var>key</var> does not have key type <code>public</code>, terminate this
+ If the <a href="#dfn-Key-type">type</a> property of <var>key</var>
+ is not a case-sensitive string match for <code>"public"</code>, terminate this
algorithm with an error.
</p>
</li>
@@ -2755,13 +2728,16 @@
<p>
Perform the encrytion operation defined in Section 7.2 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var>
as the recipient's RSA public key and the contents of <var>plaintext</var> as
- M.
+ <var>M</var>.
<dl class="switch">
<dt>If performing the operation results in an error:</dt>
<dd>Terminate this algorithm with an error.</dd>
<dt>Otherwise:</dt>
- <dd>Let <var>ciphertext</var> be a new <code>ArrayBuffer</code>
- containing the value C that results from performing the operation.</dd>
+ <dd>
+ Let <var>ciphertext</var> be a new ArrayBuffer
+ containing the value <var>C</var> that results from performing the
+ operation.
+ </dd>
</dl>
</p>
</li>
@@ -2772,22 +2748,26 @@
<ol>
<li>
<p>
- If <var>key</var> does not have key type <code>private</code>, terminate this
+ If the <a href="#dfn-Key-type">type</a> property of <var>key</var>
+ is not a case-sensitive string match for <code>"private"</code>, terminate this
algorithm with an error.
</p>
</li>
<li>
<p>
Perform the decryption operation defined in Section 7.2 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var>
- as the recipient's RSA private key and the contents of <var>ciphertext</var> as
- C.
+ as the recipient's RSA private key and the contents of <var>ciphertext</var> as
+ <var>C</var>.
<dl class="switch">
<dt>If performing the operation results in an error:</dt>
<dd>Terminate this algorithm with an error.</dd>
<dt>Otherwise:</dt>
- <dd>Let <var>plaintext</var> be a new <code>ArrayBuffer</code>
- containing the value M that results from performing the operation.</dd>
+ <dd>
+ Let <var>plaintext</var> be a new ArrayBuffer
+ containing the value <var>M</var> that results from performing the
+ operation.
+ </dd>
</dl>
</p>
</li>
@@ -2799,15 +2779,25 @@
<li>
<p>
If any of the members of <a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a> are
- not present in <var>normalizedAlgorithm</var>, or have incorrect types,
- terminate this algorithm with an error.
- </p>
- </li>
- <li>
- <p>
- Generate an RSA key pair, as defined in [<cite><a href="#RFC3447">RFC3447</a></cite>], with RSA modulus length
- <var>normalizedAlgorithm</var><code>.modulusLength</code> and RSA public
- exponent <var>normalizedAlgorithm</var><code>.publicExponent</code>.
+ not present in <var>normalizedAlgorithm</var>, terminate this algorithm with
+ an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>usages</var> contains an entry which is not a case-sensitive string
+ match for <code>"encrypt"</code>, <code>"decrypt"</code>,
+ <code>"wrapKey"</code> or <code>"unwrapKey"</code>, terminate this algorithm
+ with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ Generate an RSA key pair, as defined in [<cite><a href="#RFC3447">RFC3447</a></cite>], with RSA modulus length equal to the
+ <a href="#dfn-RsaKeyGenParams-modulusLength">modulusLength</a> property of
+ <var>normalizedAlgorithm</var> and RSA public exponent equal to the
+ <a href="#dfn-RsaKeyGenParams-publicExponent">publicExponent</a> property of
+ <var>normalizedAlgorithm</var>.
<dl class="switch">
<dt>If generation of the key pair fails:</dt>
<dd>Terminate this algorithm with an error.</dd>
@@ -2816,45 +2806,112 @@
<ol>
<li>
<p>
- Let <var>result</var> be a new <a href="#dfn-KeyPair"><code>KeyPair</code></a> object
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the
- public key of the generated key pair.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey.extractable</code> be
- <code>true</code>
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey.keyUsages</code> be the
- intersection of <var>usages</var> and <code>[ "encrypt", "wrapKey"
- ]</code>.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.privateKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the
- private key of the generated key pair.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.privateKey.extractable</code> be
- <var>extractable</var>.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.privateKey.keyUsages</code> be the
- intersection of <var>usages</var> and <code>[ "decrypt",
- "unwrapKey" ]</code>.
+ Let <var>algorithm</var> be a new
+ <a href="#dfn-RsaKeyAlgorithm">RsaKeyAlgorithm</a> object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-KeyAlgorithm-name">name</a> property of
+ <var>algorithm</var> to <code>"RSAES-PKCS1-v1_5"</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the
+ <a href="#dfn-RsaKeyAlgorithm-modulusLength">modulusLength</a>
+ property of <var>algorithm</var> to equal the
+ <a href="#dfn-RsaKeyGenParams-modulusLength">modulusLength</a>
+ property of <var>normalizedAlgorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the
+ <a href="#dfn-RsaKeyAlgorithm-publicExponent">publicExponent</a>
+ property of <var>algorithm</var> to equal the
+ <a href="#dfn-RsaKeyGenParams-publicExponent">publicExponent</a>
+ property of <var>normalizedAlgorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>publicKey</var> be a new <a href="#dfn-Key">Key</a> object
+ representing the public key of the generated key pair.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-Type">type</a> property of <var>publicKey</var>
+ to <code>"public"</code>
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-algorithm">algorithm</a> property of
+ <var>publicKey</var> to be <var>algorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-extractable">extractable</a> property of
+ <var>publicKey</var> to true.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-usages">usages</a> property of
+ <var>publicKey</var> to be the intersection of <var>usages</var>
+ and <code>[ "encrypt", "wrapKey" ]</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>privateKey</var> be a new <a href="#dfn-Key">Key</a> object
+ representing the private key of the generated key pair.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-Type">type</a> property of <var>privateKey</var>
+ to <code>"private"</code>
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-algorithm">algorithm</a> property of
+ <var>privateKey</var> to be <var>algorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-extractable">extractable</a> property of
+ <var>privateKey</var> to <var>extractable</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-usages">usages</a> property of
+ <var>privateKey</var> to be the intersection of <var>usages</var>
+ and <code>[ "decrypt", "unwrapKey" ]</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <a href="#dfn-KeyPair">KeyPair</a>
+ object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#def-KeyPair-publicKey">publicKey</a> property
+ of <var>result</var> to be <var>publicKey</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#def-KeyPair-privateKey">privateKey</a> property
+ of <var>result</var> to be <var>privateKey</var>.
</p>
</li>
<li>
@@ -3225,7 +3282,8 @@
<ol>
<li>
<p>
- If <var>key</var> does not have key type <code>private</code>, terminate this
+ If the <a href="#dfn-Key-type">type</a> property of <var>key</var>
+ is not a case-sensitive string match for <code>"private"</code>, terminate this
algorithm with an error.
</p>
</li>
@@ -3234,16 +3292,19 @@
Perform the signature generation operation defined in Section 8.2 of
[<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by
<var>key</var> as the signer's private key and the contents of
- <var>message</var> as M and using the hash function specified in
- <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option for the
- EMSA-PKCS1-v1_5 encoding method.
+ <var>message</var> as <var>M</var> and using the hash function specified in
+ the <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> property of the
+ <a href="#dfn-Key-algorithm">algorithm</a> property of <var>key</var> as the
+ Hash option for the EMSA-PKCS1-v1_5 encoding method.
<dl class="switch">
<dt>If performing the operation results in an error:</dt>
<dd>Terminate this algorithm with an error.</dd>
<dt>Otherwise:</dt>
- <dd>Let <var>signature</var> be the value S that results from
- performing the operation.</dd>
+ <dd>
+ Let <var>signature</var> be the value <var>S</var> that results from
+ performing the operation.
+ </dd>
</dl>
</p>
</li>
@@ -3255,7 +3316,8 @@
<ol>
<li>
<p>
- If <var>key</var> does not have key type <code>public</code>, terminate this
+ If the <a href="#dfn-Key-type">type</a> property of <var>key</var>
+ is not a case-sensitive string match for <code>"public"</code>, terminate this
algorithm with an error.
</p>
</li>
@@ -3264,16 +3326,20 @@
Perform the signature verification operation defined in Section 8.2 of
[<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by
<var>key</var> as the signer's RSA public key and the contents of
- <var>message</var> as M and <var>signature</var> as S and using the hash
- function specified in <var>normalizedAlgorithm</var><code>.hash</code> as the
- Hash option for the EMSA-PKCS1-v1_5 encoding method.
+ <var>message</var> as <var>M</var> and <var>signature</var> as <var>S</var>
+ and using the hash function specified in the
+ <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> property of the
+ <a href="#dfn-Key-algorithm">algorithm</a> property of
+ <var>key</var> as the Hash option for the EMSA-PKCS1-v1_5 encoding method.
<dl class="switch">
<dt>If performing the operation results in an error:</dt>
<dd>Terminate this algorithm with an error.</dd>
<dt>Otherwise:</dt>
- <dd>Let <var>result</var> be a boolean with value true if the
- result of the operations was "valid signature" and a boolean with value
- false otherwise.</dd>
+ <dd>
+ Let <var>result</var> be a boolean with value true if the
+ result of the operations was "valid signature" and a boolean with value
+ false otherwise.
+ </dd>
</dl>
</p>
</li>
@@ -3284,81 +3350,163 @@
<ol>
<li>
<p>
- If any of the members of <a href="#dfn-RsaHashedKeyGenParams">RsaHashedKeyGenParams</a>
- are not present in <var>normalizedAlgorithm</var>, or have incorrect types,
- terminate this algorithm with an error.
- </p>
- </li>
- <li>
- <p>
- Generate an RSA key pair, as defined in [<cite><a href="#RFC3447">RFC3447</a></cite>], with RSA modulus length
- <var>normalizedAlgorithm</var><code>.modulusLength</code> and RSA public
- exponent <var>normalizedAlgorithm</var><code>.publicExponent</code>.
- </p>
- </li>
- <li>
- <p>
- If generation of the key pair fails, terminate this algorithm with an
- error.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var> be a new <a href="#dfn-KeyPair"><code>KeyPair</code></a> object
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the
- public key of the generated key pair.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey.extractable</code> be
- <code>true</code>
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey.keyUsages</code> be the
- intersection of <var>usages</var> and <code>[ "verify" ]</code>.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.privateKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the
- private key of the generated key pair.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.privateKey.extractable</code> be
- <var>extractable</var>.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.privateKey.keyUsages</code> be the
- intersection of <var>usages</var> and <code>[ "sign" ]</code>.
- </p>
- </li>
- <li>
- <p>
- Return <var>result</var>.
+ If any of the members of
+ <a href="#dfn-RsaHashedKeyGenParams">RsaHashedKeyGenParams</a> are not present
+ in <var>normalizedAlgorithm</var>, terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>usages</var> contains an entry which is not a case-sensitive string
+ match for <code>"sign"</code> or <code>"verify"</code>, terminate this
+ algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ Generate an RSA key pair, as defined in [<cite><a href="#RFC3447">RFC3447</a></cite>], with RSA modulus length equal to the
+ <a href="#dfn-RsaKeyGenParams-modulusLength">modulusLength</a> property of
+ <var>normalizedAlgorithm</var> and RSA public exponent equal to the
+ <a href="#dfn-RsaKeyGenParams-publicExponent">publicExponent</a> property of
+ <var>normalizedAlgorithm</var>.
+ <dl class="switch">
+ <dt>If generation of the key pair fails:</dt>
+ <dd>Terminate this algorithm with an error.</dd>
+ <dt>Otherwise:</dt>
+ <dd>
+ <ol>
+ <li>
+ <p>
+ Let <var>algorithm</var> be a new
+ <a href="#dfn-RsaHashedKeyAlgorithm">RsaHashedKeyAlgorithm</a>
+ object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-KeyAlgorithm-name">name</a> property of
+ <var>algorithm</var> to <code>"RSASSA-PKCS1-v1_5"</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the
+ <a href="#dfn-RsaKeyAlgorithm-modulusLength">modulusLength</a>
+ property of <var>algorithm</var> to equal the
+ <a href="#dfn-RsaKeyGenParams-modulusLength">modulusLength</a>
+ property of <var>normalizedAlgorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the
+ <a href="#dfn-RsaKeyAlgorithm-publicExponent">publicExponent</a>
+ property of <var>algorithm</var> to equal the
+ <a href="#dfn-RsaKeyGenParams-publicExponent">publicExponent</a>
+ property of <var>normalizedAlgorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> property
+ of <var>algorithm</var> to equal the
+ <a href="#dfn-RsaHashedKeyGenParams">hash</a> property of
+ <var>normalizedAlgorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>publicKey</var> be a new <a href="#dfn-Key">Key</a> object
+ representing the public key of the generated key pair.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-type">type</a> property of <var>publicKey</var>
+ to <code>"public"</code>
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-algorithm">algorithm</a> property of
+ <var>publicKey</var> to be <var>algorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-extractable">extractable</a> property of
+ <var>publicKey</var> to true.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-usages">usages</a> property of
+ <var>publicKey</var> to be the intersection of <var>usages</var>
+ and <code>[ "verify" ]</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>privateKey</var> be a new <a href="#dfn-Key">Key</a> object
+ representing the private key of the generated key pair.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-Type">type</a> property of <var>privateKey</var>
+ to <code>"private"</code>
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-algorithm">algorithm</a> property of
+ <var>privateKey</var> to be <var>algorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-extractable">extractable</a> property of
+ <var>privateKey</var> to <var>extractable</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-usages">usages</a> property of
+ <var>privateKey</var> to be the intersection of <var>usages</var>
+ and <code>[ "sign" ]</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <a href="#dfn-KeyPair">KeyPair</a>
+ object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#def-KeyPair-publicKey">publicKey</a> property
+ of <var>result</var> to be <var>publicKey</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#def-KeyPair-privateKey">privateKey</a> property
+ of <var>result</var> to be <var>privateKey</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Return <var>result</var>.
+ </p>
+ </li>
+ </ol>
+ </dd>
+ </dl>
</p>
</li>
</ol>
<div class="ednote"><div class="ednoteHeader">Editorial note</div>
<p>
- TODO: Specify how both the publicKey.algorithm and privateKey.algorithm
- are instances of <a href="#dfn-RsaHashedKeyAlgorithm">RsaHashedKeyAlgorithm</a>
- </p>
- <p>
- TODO: Specify that the operation should fail if KeyUsages other than
- <code>"sign"</code> and <code>"verify"</code> are used.
- </p>
- <p>
TODO: Specify how the normalizedAlgorithm needs to be an instance of
the relevant RsaHashed*Params dictionary, with particular attention to the fact
that WebIDL violations should be handled asynchronously.
@@ -3446,26 +3594,31 @@
<ol>
<li>
<p>
- If <var>key</var> does not have key type <code>private</code>, terminate this
+ If the <a href="#dfn-Key-type">type</a> property of <var>key</var>
+ is not a case-sensitive string match for <code>"private"</code>, terminate this
algorithm with an error.
</p>
</li>
<li>
<p>
If any of the members of <a href="#dfn-RsaPssParams">RsaPssParams</a> are not
- present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate
- this algorithm with an error.
+ present in <var>normalizedAlgorithm</var>, terminate this algorithm with an
+ error.
</p>
</li>
<li>
<p>
Perform the signature generation operation defined in Section 8.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var>
- as the signer's private key, K, and the contents of <var>message</var> as the
- message to be signed, M, and using the hash function specified in
- <var>key</var><code>.algorithm.hash</code> as the Hash option, MGF1
- (defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as
- the MGF option and <var>normalizedAlgorithm</var><code>.saltLength</code> as the
- salt length option for the EMM-PSS-ENCODE operation.
+ as the signer's private key, <var>K</var>, and the contents of
+ <var>message</var> as the message to be signed, <var>M</var>, and using the
+ hash function specified by the
+ <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> property of the
+ <a href="#dfn-Key-algorithm">algorithm</a> property of <var>key</var>
+ as the Hash option, MGF1 (defined in Section B.2.1 of
+ [<cite><a href="#RFC3447">RFC3447</a></cite>]) as the MGF option and
+ the <a href="#dfn-RsaPssParams-saltLength">saltLength</a> property of
+ <var>normalizedAlgorithm</var> as the salt length option for the EMM-PSS-ENCODE
+ operation.
<dl class="switch">
<dt>If performing the operation results in an error:</dt>
<dd>Terminate this algorithm with an error.</dd>
@@ -3483,26 +3636,31 @@
<ol>
<li>
<p>
- If <var>key</var> does not have key type <code>public</code>, terminate this
+ If the <a href="#dfn-Key-type">type</a> property of <var>key</var>
+ is not a case-sensitive string match for <code>"public"</code>, terminate this
algorithm with an error.
</p>
</li>
<li>
<p>
If any of the members of <a href="#dfn-RsaPssParams">RsaPssParams</a> are not
- present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate
- this algorithm with an error.
+ present in <var>normalizedAlgorithm</var>, terminate this algorithm with an
+ error.
</p>
</li>
<li>
<p>
Perform the signature verification operation defined in Section 8.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var>
- as the signer's RSA public key and the contents of <var>message</var> as M and
- the contents of <var>signature</var> as S and using the hash function specified
- in <var>key</var><code>.algorithm.hash</code> as the Hash option, MGF1
- (defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as
- the MGF option and <var>normalizedAlgorithm</var><code>.saltLength</code> as the
- salt length option for the EMSA-PSS-VERIFY operation.
+ as the signer's RSA public key and the contents of <var>message</var> as
+ <var>M</var> and the contents of <var>signature</var> as <var>S</var> and using
+ the hash function specified by the
+ <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> property of the
+ <a href="#dfn-Key-algorithm">algorithm</a> property of <var>key</var> as the
+ Hash option, MGF1 (defined in Section B.2.1 of
+ [<cite><a href="#RFC3447">RFC3447</a></cite>]) as the MGF option and the
+ <a href="#dfn-RsaPssParams-saltLength">saltLength</a> property of
+ <var>normalizedAlgorithm</var> as the salt length option for the
+ EMSA-PSS-VERIFY operation.
<dl class="switch">
<dt>If performing the operation results in an error:</dt>
<dd>Terminate this algorithm with an error.</dd>
@@ -3521,61 +3679,148 @@
<ol>
<li>
<p>
- If any of the members of <a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a> are
- not present in <var>normalizedAlgorithm</var>, or have incorrect types,
- terminate this algorithm with an error.
+ If any of the members of
+ <a href="#dfn-RsaHashedKeyGenParams">RsaHashedKeyGenParams</a> are not present
+ in <var>normalizedAlgorithm</var>, terminate this algorithm with an error.
</p>
</li>
<li>
<p>
- Generate an RSA key pair, as defined in [<cite><a href="#RFC3447">RFC3447</a></cite>], with RSA modulus length
- <var>normalizedAlgorithm</var><code>.modulusLength</code> and RSA public
- exponent <var>normalizedAlgorithm</var><code>.publicExponent</code>.
+ If <var>usages</var> contains an entry which is not a case-sensitive string
+ match for <code>"sign"</code> or <code>"verify"</code>, terminate this
+ algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ Generate an RSA key pair, as defined in [<cite><a href="#RFC3447">RFC3447</a></cite>], with RSA modulus length equal to the
+ <a href="#dfn-RsaKeyGenParams-modulusLength">modulusLength</a> property of
+ <var>normalizedAlgorithm</var> and RSA public exponent equal to the
+ <a href="#dfn-RsaKeyGenParams-publicExponent">publicExponent</a> property of
+ <var>normalizedAlgorithm</var>.
<dl class="switch">
- <dt>If performing the operation results in an error:</dt>
+ <dt>If generation of the key pair fails:</dt>
<dd>Terminate this algorithm with an error.</dd>
<dt>Otherwise:</dt>
<dd>
<ol>
<li>
<p>
- Let <var>result</var> be a new <a href="#dfn-KeyPair"><code>KeyPair</code></a> object
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the public
- key of the generated key pair.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey.extractable</code> be
- <code>true</code>
+ Let <var>algorithm</var> be a new
+ <a href="#dfn-RsaHashedKeyAlgorithm">RsaHashedKeyAlgorithm</a>
+ object.
</p>
</li>
<li>
<p>
- Let <var>result</var><code>.publicKey.keyUsages</code> be the
- intersection of <var>usages</var> and <code>[ "verify" ]</code>.
+ Set the <a href="#dfn-KeyAlgorithm-name">name</a> property of
+ <var>algorithm</var> to <code>"RSA-PSS"</code>.
</p>
</li>
<li>
<p>
- Let <var>result</var><code>.privateKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the private
- key of the generated key pair.
+ Set the
+ <a href="#dfn-RsaKeyAlgorithm-modulusLength">modulusLength</a>
+ property of <var>algorithm</var> to equal the
+ <a href="#dfn-RsaKeyGenParams-modulusLength">modulusLength</a>
+ property of <var>normalizedAlgorithm</var>.
</p>
</li>
<li>
<p>
- Let <var>result</var><code>.privateKey.extractable</code> be
- <var>extractable</var>.
+ Set the
+ <a href="#dfn-RsaKeyAlgorithm-publicExponent">publicExponent</a>
+ property of <var>algorithm</var> to equal the
+ <a href="#dfn-RsaKeyGenParams-publicExponent">publicExponent</a>
+ property of <var>normalizedAlgorithm</var>.
</p>
</li>
<li>
<p>
- Let <var>result</var><code>.privateKey.keyUsages</code> be the
- intersection of <var>usages</var> and <code>[ "sign" ]</code>.
+ Set the <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> property
+ of <var>algorithm</var> to equal the
+ <a href="#dfn-RsaHashedKeyGenParams">hash</a> property of
+ <var>normalizedAlgorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>publicKey</var> be a new <a href="#dfn-Key">Key</a> object
+ representing the public key of the generated key pair.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-type">type</a> property of <var>publicKey</var>
+ to <code>"public"</code>
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-algorithm">algorithm</a> property of
+ <var>publicKey</var> to be <var>algorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-extractable">extractable</a> property of
+ <var>publicKey</var> to true.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-usages">usages</a> property of
+ <var>publicKey</var> to be the intersection of <var>usages</var>
+ and <code>[ "verify" ]</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>privateKey</var> be a new <a href="#dfn-Key">Key</a> object
+ representing the private key of the generated key pair.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-Type">type</a> property of <var>privateKey</var>
+ to <code>"private"</code>
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-algorithm">algorithm</a> property of
+ <var>privateKey</var> to be <var>algorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-extractable">extractable</a> property of
+ <var>privateKey</var> to <var>extractable</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-usages">usages</a> property of
+ <var>privateKey</var> to be the intersection of <var>usages</var>
+ and <code>[ "sign" ]</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <a href="#dfn-KeyPair">KeyPair</a>
+ object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#def-KeyPair-publicKey">publicKey</a> property
+ of <var>result</var> to be <var>publicKey</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#def-KeyPair-privateKey">privateKey</a> property
+ of <var>result</var> to be <var>privateKey</var>.
</p>
</li>
<li>
@@ -3598,14 +3843,6 @@
<div class="ednote"><div class="ednoteHeader">Editorial note</div>
<p>
- TODO: Specify how both the publicKey.algorithm and privateKey.algorithm
- are instances of <a href="#dfn-RsaHashedKeyAlgorithm">RsaHashedKeyAlgorithm</a>
- </p>
- <p>
- TODO: Specify that the operation should fail if KeyUsages other than
- <code>"sign"</code> and <code>"verify"</code> are used.
- </p>
- <p>
TODO: Specify how the normalizedAlgorithm needs to be an instance of
the relevant RsaHashed*Params dictionary, with particular attention to the fact
that WebIDL violations should be handled asynchronously.
@@ -3689,14 +3926,15 @@
<ol>
<li>
<p>
- If <var>key</var> does not have key type <code>public</code>, terminate this
+ If the <a href="#dfn-Key-type">type</a> property of <var>key</var>
+ is not a case-sensitive string match for <code>"public"</code>, terminate this
algorithm with an error.
</p>
</li>
<li>
<p>
If any of the members of <a href="#dfn-RsaOaepParams">RsaOaepParams</a> are
- not present in <var>normalizedAlgorithm</var>, or have incorrect types,
+ not present in <var>normalizedAlgorithm</var>,
terminate this algorithm with an error.
</p>
</li>
@@ -3704,18 +3942,23 @@
<p>
Perform the encrytion operation defined in Section 7.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var>
as the recipient's RSA public key, the contents of <var>plaintext</var> as the
- message to be encrypted, M, and
- <var>normalizedAlgorithm</var><code>.label</code> as the label, L, and with
- the hash function identified by
- <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option and MGF1
- (defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as
- the MGF option.
+ message to be encrypted, <var>M</var> and the
+ <a href="#dfn-RsaOaepParams-label">label</a> property of
+ <var>normalizedAlgorithm</var> as the label, <var>L</var>, and with the hash
+ function specified by the
+ <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> property of the
+ <a href="#dfn-Key-algorithm">algorithm</a> property of <var>key</var> as the
+ Hash option and MGF1 (defined in Section B.2.1 of
+ [<cite><a href="#RFC3447">RFC3447</a></cite>]) as the MGF option.
<dl class="switch">
<dt>If performing the operation results in an error:</dt>
<dd>Terminate this algorithm with an error.</dd>
<dt>Otherwise:</dt>
- <dd>Let <var>ciphertext</var> be a new <code>ArrayBuffer</code>
- containing the value C that results from performing the operation.</dd>
+ <dd>
+ Let <var>ciphertext</var> be a new <code>ArrayBuffer</code>
+ containing the value <var>C</var> that results from performing the
+ operation.
+ </dd>
</dl>
</p>
</li>
@@ -3726,14 +3969,15 @@
<ol>
<li>
<p>
- If <var>key</var> does not have key type <code>private</code>, terminate this
+ If the <a href="#dfn-Key-type">type</a> property of <var>key</var>
+ is not a case-sensitive string match for <code>"private"</code>, terminate this
algorithm with an error.
</p>
</li>
<li>
<p>
If any of the members of <a href="#dfn-RsaOaepParams">RsaOaepParams</a> are
- not present in <var>normalizedAlgorithm</var>, or have incorrect types,
+ not present in <var>normalizedAlgorithm</var>,
terminate this algorithm with an error.
</p>
</li>
@@ -3741,18 +3985,24 @@
<p>
Perform the decryption operation defined in Section 7.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var>
as the recipient's RSA private key, the contents of <var>ciphertext</var> as
- the cipertext to be decrypted, C, and
- <var>normalizedAlgorithm</var><code>.label</code> as the label, L, and with
- the hash function identified by
- <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option and MGF1
+ the cipertext to be decrypted, C, and the
+ <a href="#dfn-RsaOaepParams-label">label</a> property of
+ <var>normalizedAlgorithm</var> as the label, <var>L</var>, and with the hash
+ function specified by the
+ <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> property of the
+ <a href="#dfn-Key-algorithm">algorithm</a> property of <var>key</var> as the
+ Hash option and MGF1
(defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as
the MGF option.
<dl class="switch">
<dt>If performing the operation results in an error:</dt>
<dd>Terminate this algorithm with an error.</dd>
<dt>Otherwise:</dt>
- <dd>let <var>plaintext</var> be a new <code>ArrayBuffer</code>
- containing the value M that results from performing the operation.</dd>
+ <dd>
+ Let <var>plaintext</var> be a new <code>ArrayBuffer</code>
+ containing the value <var>M</var> that results from performing the
+ operation.
+ </dd>
</dl>
</p>
</li>
@@ -3763,63 +4013,149 @@
<ol>
<li>
<p>
- If any of the members of <a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a>
- are not present in <var>normalizedAlgorithm</var>, or have incorrect types,
- terminate this algorithm with an error.
- </p>
- </li>
- <li>
- <p>
- Generate an RSA key pair, as defined in [<cite><a href="#RFC3447">RFC3447</a></cite>], with RSA modulus length
- <var>normalizedAlgorithm</var><code>.modulusLength</code> and RSA public
- exponent <var>normalizedAlgorithm</var><code>.publicExponent</code>.
+ If any of the members of
+ <a href="#dfn-RsaHashedKeyGenParams">RsaHashedKeyGenParams</a> are not present
+ in <var>normalizedAlgorithm</var>, terminate this algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ If <var>usages</var> contains an entry which is not a case-sensitive string
+ match for <code>"encrypt"</code>, <code>"decrypt</code>,
+ <code>wrapKey</code> or <code>unwrapKey</code>, terminate this
+ algorithm with an error.
+ </p>
+ </li>
+ <li>
+ <p>
+ Generate an RSA key pair, as defined in [<cite><a href="#RFC3447">RFC3447</a></cite>], with RSA modulus length equal to the
+ <a href="#dfn-RsaKeyGenParams-modulusLength">modulusLength</a> property of
+ <var>normalizedAlgorithm</var> and RSA public exponent equal to the
+ <a href="#dfn-RsaKeyGenParams-publicExponent">publicExponent</a> property of
+ <var>normalizedAlgorithm</var>.
<dl class="switch">
- <dt>If performing the operation results in an error:</dt>
+ <dt>If generation of the key pair fails:</dt>
<dd>Terminate this algorithm with an error.</dd>
<dt>Otherwise:</dt>
<dd>
<ol>
<li>
<p>
- Let <var>result</var> be a new <a href="#dfn-KeyPair"><code>KeyPair</code></a> object
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the
- public key of the generated key pair.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey.extractable</code> be
- <code>true</code>
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey.keyUsages</code> be the
- intersection of <var>usages</var> and <code>[ "encrypt", "wrapKey"
- ]</code>.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.privateKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the
- private key of the generated key pair.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.privateKey.extractable</code> be
- <var>extractable</var>.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.privateKey.keyUsages</code> be the
- intersection of <var>usages</var> and <code>[ "decrypt",
- "unwrapKey" ]</code>.
+ Let <var>algorithm</var> be a new
+ <a href="#dfn-RsaHashedKeyAlgorithm">RsaHashedKeyAlgorithm</a>
+ object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-KeyAlgorithm-name">name</a> property of
+ <var>algorithm</var> to <code>"RSA-OAEP"</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the
+ <a href="#dfn-RsaKeyAlgorithm-modulusLength">modulusLength</a>
+ property of <var>algorithm</var> to equal the
+ <a href="#dfn-RsaKeyGenParams-modulusLength">modulusLength</a>
+ property of <var>normalizedAlgorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the
+ <a href="#dfn-RsaKeyAlgorithm-publicExponent">publicExponent</a>
+ property of <var>algorithm</var> to equal the
+ <a href="#dfn-RsaKeyGenParams-publicExponent">publicExponent</a>
+ property of <var>normalizedAlgorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> property
+ of <var>algorithm</var> to equal the
+ <a href="#dfn-RsaHashedKeyGenParams">hash</a> property of
+ <var>normalizedAlgorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>publicKey</var> be a new <a href="#dfn-Key">Key</a> object
+ representing the public key of the generated key pair.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-type">type</a> property of <var>publicKey</var>
+ to <code>"public"</code>
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-algorithm">algorithm</a> property of
+ <var>publicKey</var> to be <var>algorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-extractable">extractable</a> property of
+ <var>publicKey</var> to true.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-usages">usages</a> property of
+ <var>publicKey</var> to be the intersection of <var>usages</var>
+ and <code>[ "encrypt", "wrapKey" ]</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>privateKey</var> be a new <a href="#dfn-Key">Key</a> object
+ representing the private key of the generated key pair.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-Type">type</a> property of <var>privateKey</var>
+ to <code>"private"</code>
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-algorithm">algorithm</a> property of
+ <var>privateKey</var> to be <var>algorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-extractable">extractable</a> property of
+ <var>privateKey</var> to <var>extractable</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-usages">usages</a> property of
+ <var>privateKey</var> to be the intersection of <var>usages</var>
+ and <code>[ "decrypt", "unwrapKey" ]</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <a href="#dfn-KeyPair">KeyPair</a>
+ object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#def-KeyPair-publicKey">publicKey</a> property
+ of <var>result</var> to be <var>publicKey</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#def-KeyPair-privateKey">privateKey</a> property
+ of <var>result</var> to be <var>privateKey</var>.
</p>
</li>
<li>
@@ -3842,14 +4178,6 @@
</div>
<div class="ednote"><div class="ednoteHeader">Editorial note</div>
<p>
- TODO: Specify how both the publicKey.algorithm and privateKey.algorithm
- are instances of <a href="#dfn-RsaHashedKeyAlgorithm">RsaHashedKeyAlgorithm</a>
- </p>
- <p>
- TODO: Specify that the operation should fail if KeyUsages other than
- <code>"sign"</code> and <code>"verify"</code> are used.
- </p>
- <p>
TODO: Specify how the normalizedAlgorithm needs to be an instance of
the relevant RsaHashed*Params dictionary, with particular attention to the fact
that WebIDL violations should be handled asynchronously.
@@ -4216,74 +4544,135 @@
<li>
<p>
If any of the members of <a href="#dfn-EcKeyGenParams">EcKeyGenParams</a> are
- not present in <var>normalizedAlgorithm</var>, or have incorrect types,
+ not present in <var>normalizedAlgorithm</var>,
terminate this algorithm with an error.
</p>
</li>
<li>
<p>
- If <var>usages</var> contains a value which is not either <code>deriveKey</code>
- or <code>dervieBits</code>, terminate this algorithm with an error.
+ If <var>usages</var> contains a value which is not a case-sensitive string match
+ for one of <code>"deriveKey"</code> or <code>"deriveBits"</code>,
+ terminate this algorithm with an error.
</p>
</li>
<li>
<p>
Generate an Eliptic Curve key pair, as defined in [<a href="#X9.63">X9.63</a>]
with domain parameters for the curve identified by
- <var>normalizedAlgorithm</var><code>.namedCurve</code>.
+ the <a href="#dfn-ExKeyGenParams-namedCurve">namedCurve</a> property of
+ <var>normalizedAlgorithm</var>.
<dl class="switch">
<dt>If performing the operation results in an error:</dt>
<dd>Terminate this algorithm with an error.</dd>
<dt>Otherwise:</dt>
<dd>
<ol>
- <li>
- <p>
- Let <var>result</var> be a new <a href="#dfn-KeyPair"><code>KeyPair</code></a> object
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the public
- key of the generated key pair.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey.extractable</code> be
- <code>true</code>
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.publicKey.keyUsages</code> be
- <var>usages</var>.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.privateKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the private
- key of the generated key pair.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.privateKey.extractable</code> be
- <var>extractable</var>.
- </p>
- </li>
- <li>
- <p>
- Let <var>result</var><code>.privateKey.keyUsages</code> be
- <var>usages</var>.
- </p>
- </li>
- <li>
- <p>
- Return <var>result</var>.
- </p>
- </li>
- </ol>
+ <li>
+ <p>
+ Let <var>algorithm</var> be a new
+ <a href="#dfn-EcKeyAlgorithm">EcKeyAlgorithm</a>
+ object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Algorithm-name">name</a> property of
+ <var>algorithm</var> to <code>"ECDH"</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
+ property of <var>algorithm</var> to equal the
+ <a href="#dfn-EcKeyGenParams">namedCurve</a> property of
+ <var>normalizedAlgorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>publicKey</var> be a new <a href="#dfn-Key">Key</a> object
+ representing the public key of the generated key pair.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-type">type</a> property of <var>publicKey</var>
+ to <code>"public"</code>
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-algorithm">algorithm</a> property of
+ <var>publicKey</var> to be <var>algorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-extractable">extractable</a> property of
+ <var>publicKey</var> to true.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-usages">usages</a> property of
+ <var>publicKey</var> to be the empty list.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>privateKey</var> be a new <a href="#dfn-Key">Key</a> object
+ representing the private key of the generated key pair.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-Type">type</a> property of <var>privateKey</var>
+ to <code>"private"</code>
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-algorithm">algorithm</a> property of
+ <var>privateKey</var> to be <var>algorithm</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-extractable">extractable</a> property of
+ <var>privateKey</var> to <var>extractable</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#dfn-Key-usages">usages</a> property of
+ <var>privateKey</var> to be the intersection of <var>usages</var>
+ and <code>[ "deriveKey", "deriveBits" ]</code>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Let <var>result</var> be a new <a href="#dfn-KeyPair">KeyPair</a>
+ object.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#def-KeyPair-publicKey">publicKey</a> property
+ of <var>result</var> to be <var>publicKey</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Set the <a href="#def-KeyPair-privateKey">privateKey</a> property
+ of <var>result</var> to be <var>privateKey</var>.
+ </p>
+ </li>
+ <li>
+ <p>
+ Return <var>result</var>.
+ </p>
+ </li>
+ </ol>
</dd>
</dl>
</p>
@@ -4295,22 +4684,24 @@
<ol>
<li>
<p>
- If <var>key</var> does not have key type <code>private</code>, terminate this
+ If the <a href="#dfn-Key-type">type</a> property of <var>key</var>
+ is not a case-sensitive string match for <code>"private"</code>, terminate this
algorithm with an error.
</p>
</li>
<li>
<p>
If any of the members of <a href="#dfn-EcdhKeyDeriveParams">EcdhKeyDeriveParams</a> are not present in
- <var>normalizedAlgorithm</var>, or have incorrect types, terminate this
+ <var>normalizedAlgorithm</var>, terminate this
algorithm with an error.
</p>
</li>
<li>
<p>
Perform the ECDH primitive specified in <a href="#X9.63">X9.63</a> Section 5.4.1
- with <var>key</var> as the EC private key d and
- <var>normalizedAlgorithm</var><code>.public</code> as the EC public key Q.
+ with <var>key</var> as the EC private key <var>d</var> and the
+ <a href="#dfn-EcdhKeyDeriveParams-public">public</a> property of
+ <var>normalizedAlgorithm</var> as the EC public key <var>Q</var>.
<dl class="switch">
<dt>If performing the operation results in an error:</dt>
<dd>Terminate this algorithm with an error.</dd>
@@ -4326,26 +4717,15 @@
recommended curves P-256, P-384, and P-521 is 1, so the standard and modified ECDH
primitives are equivalent for those curves.
</div>
- <li>
- <div class="ednote"><div class="ednoteHeader">Editorial note</div>
- Define how the finite field member <var>result</var> is converted to a bit
- string
- </div>
- </li>
- <li>
- <div class="ednote"><div class="ednoteHeader">Editorial note</div>
- Define how a key for algorithm <var>normalizedDerivedKeyAlgorithm</var> is
- derived from a bit string
- </div>
- </li>
</ol>
<div class="ednote"><div class="ednoteHeader">Editorial note</div>
<p>
- Define how the finite field member <var>result</var> is converted to a bit-string.
- </p>
- <p>
- Define how a key for the <var>normalizedDerivedKeyAlgorithm</var> is derived from
- a given bit string (when not feeding into another KDF, such as Concat).
+ TODO: Define how the finite field member <var>result</var> is converted to a bit
+ string.
+ </p>
+ <p>
+ TODO: Define how a key for algorithm <var>normalizedDerivedKeyAlgorithm</var> is
+ derived from a bit string.
</p>
</div>
</dd>
@@ -4354,22 +4734,24 @@
<ol>
<li>
<p>
- If <var>key</var> does not have key type <code>private</code>, terminate this
+ If the <a href="#dfn-Key-type">type</a> property of <var>key</var>
+ is not a case-sensitive string match for <code>"private"</code>, terminate this
algorithm with an error.
</p>
</li>
<li>
<p>
If any of the members of <a href="#dfn-EcdhKeyDeriveParams">EcdhKeyDeriveParams</a> are not present in
- <var>normalizedAlgorithm</var>, or have incorrect types, terminate this
+ <var>normalizedAlgorithm</var>, terminate this
algorithm with an error.
</p>
</li>
<li>
<p>
Perform the ECDH primitive specified in <a href="#X9.63">X9.63</a> Section 5.4.1
- with <var>key</var> as the EC private key d and
- <var>normalizedAlgorithm</var><code>.public</code> as the EC public key Q.
+ with <var>key</var> as the EC private key <var>d</var> and the
+ <a href="#dfn-EcdhKeyDeriveParams-public">public</a> property of
+ <var>normalizedAlgorithm</var> as the EC public key <var>Q</var>.
<dl class="switch">
<dt>If performing the operation results in an error:</dt>
<dd>Terminate this algorithm with an error.</dd>
@@ -4381,12 +4763,11 @@
</ol>
<div class="ednote"><div class="ednoteHeader">Editorial note</div>
<p>
- Define how the finite field member <var>result</var> is converted to a bit
+ TODO: Define how the finite field member <var>result</var> is converted to a bit
string.
</p>
</div>
</dd>
-
</div>
</div>
@@ -6409,6 +6790,11 @@
as described in Section 6.3 of NIST SP 800-38A
[<a href="#SP800-38A">SP800-38A</a>].
</p>
+ <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+ <p>
+ TODO: Decide whether other variants, such as CFB-128, should be supported.
+ </p>
+ </div>
</div>
<div id="aes-cfb-registration" class="section">
<h4>18.14.2. Registration</h4>
@@ -7077,9 +7463,8 @@
<li>
<p>
If <var>usages</var> contains an entry which is not a case-sensitive string
- match for one of <code>"encrypt"</code>, <code>"decrypt"</code>,
- <code>"wrapKey"</code> or <code>"unwrapKey"</code>, terminate this algorithm
- with an error.
+ match for one of <code>"wrapKey"</code> or <code>"unwrapKey"</code>,
+ terminate this algorithm with an error.
</p>
</li>
<li>
@@ -7175,7 +7560,7 @@
</li>
<li>
<p>
- Let <var>key</var> be a new <code><a href="#dfn-key">Key</a></code>
+ Let <var>key</var> be a new <a href="#dfn-key">Key</a>
object representing an AES key with value <var>data</var>.
</p>
</li>