- From: Ryan Sleevi <sleevi@google.com>
- Date: Wed, 16 Dec 2015 17:17:38 -0800
- To: "Hodges, Jeff" <jeff.hodges@paypal.com>
- Cc: W3C WebCrypto comments <public-webcrypto-comments@w3.org>, Mark Watson <watsonm@netflix.com>
- Message-ID: <CACvaWvZkayopXhvT71RQwENATCA379F9PTjR0WbYwnyYXBBYug@mail.gmail.com>
On Wed, Dec 16, 2015 at 5:02 PM, Hodges, Jeff <jeff.hodges@paypal.com>
wrote:
> Hi,
>
> how does one specify a WebCrypto AlgorithmIdentifier such that it
> represents "sign operation using ECDSA key on SECP256R1 curve with SHA-256
> hash" ?
>
> Here's my guess:
>
> // WebCrytpo AlgorithmIdentifier stipulating:
> //
> // "sign operation using ECDSA key on SECP256R1 curve with SHA-256 hash"
> //
> // See: http://www.w3.org/TR/WebCryptoAPI/#ecdsa
> //
> // Note: the private key used to sign MUST have been created using
> // NIST recommended curve P-256, also known as secp256r1, and with
> // a KeyUsage including "sign".
> //
>
> var algSign__ECDSA_SECP256R1_SHA256 = {
> name: "ECDSA",
> hash: "SHA-256"
> }
>
> Is that correct, including the "Note:" in the comment ?
>
var data = ...;
return window.crypto.subtle.generateKey({ "name": "ECDSA", "namedCurve":
"P-384"}, false, ["sign", "verify"]).then(keyPair => {
return window.crypto.subtle.sign({ "name": "ECDSA", "hash": { "name":
"SHA-256" } }, keyPair.privateKey, data).then(signature => {
return window.crypto.subtle.verify({ "name": "ECDSA", "hash":
"SHA-256"}, keyPair.publicKey, signature, data).then(verified => {
if (verified) {
return { "data": data, "signature": signature };
} else {
return null;
}
});
});
Will return a promise that either resolves to an object with the data and
signature - if it can generate a key that can sign and then verify the data
- or null if it can't.
Two different forms of Hash are used as two different forms are acceptable
for AlgorithmIdentifier.
Received on Thursday, 17 December 2015 01:18:47 UTC