- From: Jim Schaad <ietf@augustcellars.com>
- Date: Fri, 31 Jan 2014 13:25:51 -0800
- To: "'Alexey Proskuryakov'" <ap@webkit.org>, <public-webcrypto@w3.org>
If you are going to fix this for jwk, then you also need to propose a fix for dealing with raw, spki and pkcs8. While raw is intended only for secret and thus is likely to be a multiple of 8 bytes in length, there is no future guarantee that this will be true for all algorithms. spki is generally only public information and thus would not probably be encrypted, but it could be. Pkcs8 definitely is not guaranteed to be a multiple of 8 bytes in length. It would be easier just to have the algorithm error in the event that the input is not a multiple of 8 bytes in length and tell people that they should be using AES-GCM not AES-KW for those cases. Jim > -----Original Message----- > From: Alexey Proskuryakov [mailto:ap@webkit.org] > Sent: Friday, January 31, 2014 12:25 PM > To: public-webcrypto@w3.org > Subject: AES-KW can only wrap a JWK key if its serialization happens to be > 8*n bytes long > > Hi, > > I think that there are some omissions in how wrapping a JWK key should > work. AES-KW in particular requires that input is 8*n bytes long, which is of > course not guaranteed with JWK serialization. > > Filed <https://www.w3.org/Bugs/Public/show_bug.cgi?id=24457>, my > proposal is to pad JWK with spaces for AES-KW. Not sure if any other > algorithms are similarly affected. > > - WBR, Alexey Proskuryakov
Received on Friday, 31 January 2014 21:27:55 UTC