W3C home > Mailing lists > Public > public-web-security@w3.org > January 2015

Re: [W3C Web Crypto WG] Rechartering discussion

From: Anders Rundgren <anders.rundgren.net@gmail.com>
Date: Thu, 08 Jan 2015 15:40:08 +0100
Message-ID: <54AE96C8.2020509@gmail.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, HGALINDO Virginie <Virginie.Galindo@gemalto.com>
CC: "public-web-security@w3.org" <public-web-security@w3.org>, Wendy Seltzer <wseltzer@w3.org>, Harry Halpin <hhalpin@w3.org>
On 2015-01-08 15:26, Stephen Farrell wrote:
> I've no idea if this would be attractive to folks but
> from my very limited initial uses of webcrypto I would
> like it a lot if there were synchronous equivalents
> for a lot of the functions. Making it all promises might
> be nice but for many applications I know that I e.g.
> only want to encrypt a key and forcing async code on
> everyone for that is IMO undesirable. RSA key generation
> is one where only having async seems reasonable but
> there must be many operations where synchronous calls
> would be as quick or quicker and would lead (again IMO,
> and I'm not a JS expert or purist:-) to better code
> structure.

Hi Stephen,
I thought exactly as you until I saw the light :-)
You chain methods and then it gets pretty nice.

function performRSAEncryption(signed_auth_data) {
     var sym_alg = {name: 'AES-CBC', length: 256};
     crypto.subtle.generateKey(sym_alg, true, ['encrypt']).then (function(aes_key) {
     crypto.subtle.encrypt(encryption_algorithm, aes_key, signed_auth_data).then (function(encrypted_authorization_data) {
     crypto.subtle.exportKey('raw', aes_key).then (function(raw_aes_key) {
     var asym_alg = {name: 'RSA-OAEP', hash: {name: 'SHA-256'}};
     crypto.subtle.importKey('jwk', selected_card.bank_encryption_key, asym_alg, true, ['encrypt']).then (function(public_key) {
     crypto.subtle.encrypt(asym_alg, public_key, new Uint8Array(raw_aes_key)).then (function(encryped_aes_key) {
         encrypted_key.algorithm = 'RSA-OAEP-256';
         var public_key = encrypted_key.publicKey = {};
         public_key.type = 'RSA';
         public_key.n = selected_card.bank_encryption_key.n;
         public_key.e = selected_card.bank_encryption_key.e;
         encrypted_key.cipherText = binaryToBase64URL(new Uint8Array(encryped_aes_key));
     }).then (undefined, function() {error('Failed encrypting using public key')});
     }).then (undefined, function() {error('Failed import public key')});
     }).then (undefined, function() {error('Failed exporting symmetric key')});
     }).then (undefined, function() {error('Failed encrypting using symmetric key')});
     }).then (undefined, function() {error('Failed generating symmetric key')});

> S.
> On 07/01/15 09:48, GALINDO Virginie wrote:
>> Dear all,
>> Web Crypto WG charter [1] will end by the end of March. We need to prepare the next charter of Web Crypto.
>> As a reminder, the conversation has started on this page :   https://www.w3.org/Security/wiki/IG/webcryptonext_draft_charter
>> Feel free to add you ideas and suggestions on the wiki and/or expose your opinion and question on the public-webcrypto@w3.org<mailto:public-webcrypto@w3.org> or public-webcrypto-comment@w3.org<mailto:public-webcrypto-comment@w3.org> (for non W3C Web Crypto WG members).
>> Regards,
>> Virginie
>> [1] http://www.w3.org/2011/11/webcryptography-charter.html
>> ________________________________
>> This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited.
>> E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender.
>> Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus.
Received on Thursday, 8 January 2015 14:40:42 UTC

This archive was generated by hypermail 2.3.1 : Thursday, 8 January 2015 14:40:42 UTC