Re: Spec for RSA-OAEP doesn't say what to do for null or missing or array buffer view labels from Ryan Sleevi on 2014-07-09 (public-webcrypto@w3.org from July 2014)

From: Ryan Sleevi <sleevi@google.com>
Date: Wed, 9 Jul 2014 12:16:46 -0700
To: Boris Zbarsky <bzbarsky@mit.edu>
Cc: "public-webcrypto@w3.org" <public-webcrypto@w3.org>
Message-ID: <CACvaWvaK+VxgN7dS22r29wL3vpE3Fg-5GR4Pd0BsyoewueoULQ@mail.gmail.com>

This is covered in
https://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html#algorithm-normalizing
("if alg is an IDL object -> if member is nullable")


On Wed, Jul 9, 2014 at 12:05 PM, Boris Zbarsky <bzbarsky@mit.edu> wrote:

> The spec IDL says:
>
> dictionary RsaOaepParams : Algorithm {
>   // The optional label/application data to associate with the message
>   CryptoOperationData? label;
> };
>
> but the prose assumes that "label" is an ArrayBuffer.  Specifically, the
> prose says:
>
>   the contents of label member of normalizedAlgorithm as the label, L,
>
> where "content of" links to https://dvcs.w3.org/hg/
> webcrypto-api/raw-file/tip/spec/Overview.html#concept-
> contents-of-arraybuffer which is only defined for ArrayBuffer instances.
>  But CryptoOperationData can be an array buffer view, and "label" might be
> null or missing given the above IDL.
>
> I expect we actually want to remove the '?' from the IDL there, say what L
> should be if "label" is missing, and define "content of" to work on all
> CryptoOperationData, not just ArrayBuffers.
>
> -Boris
>
>

Received on Wednesday, 9 July 2014 19:17:13 UTC