W3C home > Mailing lists > Public > public-webcrypto@w3.org > July 2014

importKey doesn't seem to define handling of the keyData argument in some cases

From: Boris Zbarsky <bzbarsky@MIT.EDU>
Date: Tue, 15 Jul 2014 13:11:54 -0400
Message-ID: <53C560DA.3070609@mit.edu>
To: "public-webcrypto@w3.org" <public-webcrypto@w3.org>
Consider an importKey call that passes "raw" as format and {} as 
keyData.  The spec says to clone the data, but 
isn't defined for things that aren't CryptoOperationData.

Presumably importKey should be checking that keyData is a 
CryptoOperationData or some other union name that expands to the same 
thing (and throwing if not) before cloning it.

More generally, it's not clear to me why this argument is "object" 
instead of "(CryptoOperationData or JsonWebKey)", say.  The latter would 
mean conversion to the dictionary even if the format doesn't want a 
JsonWebKey, but that's OK: it would only affect erroneous usage cases 
which would simply throw after the conversion because they would detect 
that the type of the union doesn't match the passed-in format.

Received on Tuesday, 15 July 2014 17:12:23 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:17:23 UTC