[Bug 25718] New: Support RSA-OAEP with the SHA-2* family of algorithms in JWK


            Bug ID: 25718
           Summary: Support RSA-OAEP with the SHA-2* family of algorithms
                    in JWK
           Product: Web Cryptography
           Version: unspecified
          Hardware: PC
                OS: Windows NT
            Status: ASSIGNED
          Severity: normal
          Priority: P2
         Component: Web Cryptography API Document
          Assignee: sleevi@google.com
          Reporter: sleevi@google.com
                CC: public-webcrypto@w3.org

The current specification describes the JWA alg "RSA-OAEP", which is RSA-OAEP
with SHA-1 and MGF-1 SHA-1.

However, additional algorithms are supported in WebCrypto - namely, SHA-256,
SHA-384, and SHA-512 - and their representation in JWK is not described (as
noted in Appendix A)

JOSE has decided that the naming format will be "RSA-OAEP-256" for RSA-OAEP
with SHA-256 and MGF-1 SHA-256 in the most recent drafts.

The specification for Import Key and Export Key for RSA-OAEP should be updated
to reflect the table-based nature of the hash algorithm. Currently, Step 5 of
Import for JWK states "if the alg field of jwk is present, and is not RSA-OAEP,
return an error named DataError"

You are receiving this mail because:
You are on the CC list for the bug.

Received on Wednesday, 14 May 2014 22:36:25 UTC