W3C home > Mailing lists > Public > public-webcrypto@w3.org > March 2014

Hashes, names, and normalization

From: Richard Barnes <rlb@ipv.sx>
Date: Thu, 13 Mar 2014 20:13:36 -0400
Message-ID: <CAL02cgQsuBGHPLsrmtzu8NgxqL4Rcauma27NyERi8Q1smDOhCA@mail.gmail.com>
To: "public-webcrypto@w3.org" <public-webcrypto@w3.org>
We've got a couple of KeyAlgorithm interfaces that specify hashes by
KeyAlgorithm, namely in HmacKeyIdentifier and RsaHashedKeyAlgorithm.  While
I like recursion as much of the next guy, this seems like it leads to
ambiguity for the web developer, since there's not a canonical form for
specifying hashes in this way.

Could we just replace the KeyAlgorithm with a DOMString that names the
hash?  It seems like that would only become an issue if we had parametrized
hashes that we wanted to use with HMAC/RSA-PKCS1.  I'm not aware of any
such hashes that we have use cases for right now.

(And if we were envisioning { name: "SHA-X" }, that's just excessive.)

In WebIDL terms:

[NoInterfaceObject]
interface RsaHashedKeyAlgorithm : RsaKeyAlgorithm {
  // The name of the hash algorithm that is used with this key
  readonly attribute DOMString hash;
};

[NoInterfaceObject]
interface HmacKeyAlgorithm : KeyAlgorithm {
  // The name of the inner hash function to use.
  readonly attribute DOMString hash;
};

(Oh, and by the way, the [NoInterfaceObject] directive is missing from
HmacKeyAlgorithm in the current ED.)

--Richard
Received on Friday, 14 March 2014 00:14:03 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:02:41 UTC