[Bug 25815] Spec encourages unsafe handling of secret data for JWK import of RSA/ECC keys from bugzilla@jessica.w3.org on 2014-10-22 (public-webcrypto@w3.org from October 2014)

From: <bugzilla@jessica.w3.org>
Date: Wed, 22 Oct 2014 21:26:55 +0000
To: public-webcrypto@w3.org
Message-ID: <bug-25815-7213-8UCGNxgtyr@http.www.w3.org/Bugs/Public/>

https://www.w3.org/Bugs/Public/show_bug.cgi?id=25815

Mark Watson <watsonm@netflix.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |FIXED

--- Comment #6 from Mark Watson <watsonm@netflix.com> ---
Import Key: Normalize on DataError. Only AES-CMAC needs changes:

https://dvcs.w3.org/hg/webcrypto-api/rev/4fcabd0b818a

Generate Key: Normalize on OperationError excepy usages validation which is
SyntaxError:
- fix one instance where usages validation was specified twice (ECDH). The
second was unreachable and invalid:

https://dvcs.w3.org/hg/webcrypto-api/rev/3d94cb8ef334

- fix one instance of parameter validation which was not returning
OperationError (HMAC):

https://dvcs.w3.org/hg/webcrypto-api/rev/1e509576870d

The issue referred to in this bug does not affect Export Key.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Received on Wednesday, 22 October 2014 21:26:56 UTC