W3C home > Mailing lists > Public > public-webcrypto@w3.org > July 2014

Re: Spec for RSA-OAEP doesn't say what to do for null or missing or array buffer view labels

From: Ryan Sleevi <sleevi@google.com>
Date: Wed, 9 Jul 2014 12:17:15 -0700
Message-ID: <CACvaWvaL=GvgPoExCxOj_HsrJeg0BihsNRvvtQO+FMhAfZZPjw@mail.gmail.com>
To: Boris Zbarsky <bzbarsky@mit.edu>
Cc: "public-webcrypto@w3.org" <public-webcrypto@w3.org>
Oh, and the "contents of" CryptoOperationData is handled by
https://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html#concept-clone-CryptoOperationData


On Wed, Jul 9, 2014 at 12:16 PM, Ryan Sleevi <sleevi@google.com> wrote:

> This is covered in
> https://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html#algorithm-normalizing
> ("if alg is an IDL object -> if member is nullable")
>
>
> On Wed, Jul 9, 2014 at 12:05 PM, Boris Zbarsky <bzbarsky@mit.edu> wrote:
>
>> The spec IDL says:
>>
>> dictionary RsaOaepParams : Algorithm {
>>   // The optional label/application data to associate with the message
>>   CryptoOperationData? label;
>> };
>>
>> but the prose assumes that "label" is an ArrayBuffer.  Specifically, the
>> prose says:
>>
>>   the contents of label member of normalizedAlgorithm as the label, L,
>>
>> where "content of" links to https://dvcs.w3.org/hg/
>> webcrypto-api/raw-file/tip/spec/Overview.html#concept-
>> contents-of-arraybuffer which is only defined for ArrayBuffer instances.
>>  But CryptoOperationData can be an array buffer view, and "label" might be
>> null or missing given the above IDL.
>>
>> I expect we actually want to remove the '?' from the IDL there, say what
>> L should be if "label" is missing, and define "content of" to work on all
>> CryptoOperationData, not just ArrayBuffers.
>>
>> -Boris
>>
>>
>
Received on Wednesday, 9 July 2014 19:17:43 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:17:23 UTC