W3C home > Mailing lists > Public > public-webcrypto@w3.org > December 2014

[Bug 27603] New: verify() can fail either by returning flase or rejecting with an error, inconsistent which is used

From: <bugzilla@jessica.w3.org>
Date: Sat, 13 Dec 2014 02:25:25 +0000
To: public-webcrypto@w3.org
Message-ID: <bug-27603-7213@http.www.w3.org/Bugs/Public/>
https://www.w3.org/Bugs/Public/show_bug.cgi?id=27603

            Bug ID: 27603
           Summary: verify() can fail either by returning flase or
                    rejecting with an error, inconsistent which is used
           Product: Web Cryptography
           Version: unspecified
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Web Cryptography API Document
          Assignee: sleevi@google.com
          Reporter: ericroman@google.com
                CC: public-webcrypto@w3.org

There are two ways for crypto.subtle.verify() to fail verification:

  (1) Resolve the promise with false
  (2) Reject the promise with an error

There are inconsistencies between algorithms on which approach is chosen, and
there are also implementation complexities that arise from the distinctions.

For instance:

 * In the case of ECDSA the spec treats all verification failures the same way,
but returning "false".

 * In the case of RSASSA-PKCS1-v1_5 the spec says to reject with an
OperationError "If performing the operation results in an error".


I haven't run a full set of tests yet, however I am uncertain that the popular
crypto libraries consistently distinguish errors for RSASSA-... and RSA-PSS in
the manner required.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Received on Saturday, 13 December 2014 02:25:30 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:17:26 UTC