W3C home > Mailing lists > Public > public-webcrypto@w3.org > June 2013

crypto-ISSUE-46: Optional algorithm parameters must have default values [crypto for Web Crypto API]

From: Web Cryptography Working Group Issue Tracker <sysbot+tracker@w3.org>
Date: Wed, 05 Jun 2013 21:16:47 +0000
Message-Id: <E1UkL4Z-0007ae-4f@crusher.w3.org>
To: public-webcrypto@w3.org
crypto-ISSUE-46: Optional algorithm parameters must have default values [crypto for Web Crypto API]


Raised by: Richard Barnes
On product: crypto for Web Crypto API

In the current editor's draft, several algorithm parameters are marked as optional [1], but there is no default value specified.  In most cases, it is obvious enough; many should be set to an empty byte string / ArrayBufferView, for example.  However, the specification should state these values to avoid ambiguity, or make them non-optional.  I'll address the current parameters in three groups:

First, optional attributes that should be set to the empty ArrayBufferView:
RsaOaepParams.label -> Empty ArrayBufferView
AesGcmParams.additionalData -> Empty ArrayBufferView
ConcatParams.publicInfo -> Empty ArrayBufferView
ConcatParams.privateInfo -> Empty ArrayBufferView
Pbkdf2Params.password -> Empty ArrayBufferView

Second, one optional attribute that should be made non-optional:
AesGcmParams.iv -> Make non-optional

Third, one optional attribute that could either be made non-optional or provided with a safe default:
AesGcmParams.tagLength -> 128 or make non-optional

On the last question, my personal preference would be to keep it optional set the default at 128, since it seems developer-hostile to require this to be specified every time.   Going slightly OT, it seems like the same approach could be taken with AesCtrParams.length, making it optional and setting the default equal to 32 (the value that GCM uses).

[1] Technically "nullable" in the WebIDL jargon.  But having a null value is functionally equivalent to not having a value specified.
Received on Wednesday, 5 June 2013 21:16:47 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:17:17 UTC