[Bug 27331] New: deriveBits() has a non-nullable length from bugzilla@jessica.w3.org on 2014-11-15 (public-webcrypto@w3.org from November 2014)

From: <bugzilla@jessica.w3.org>
Date: Sat, 15 Nov 2014 00:22:11 +0000
To: public-webcrypto@w3.org
Message-ID: <bug-27331-7213@http.www.w3.org/Bugs/Public/>

https://www.w3.org/Bugs/Public/show_bug.cgi?id=27331

            Bug ID: 27331
           Summary: deriveBits() has a non-nullable length
           Product: Web Cryptography
           Version: unspecified
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Web Cryptography API Document
          Assignee: sleevi@google.com
          Reporter: ericroman@google.com
                CC: public-webcrypto@w3.org

The WebIDL for deriveBits reads as:

  Promise<any> deriveBits(AlgorithmIdentifier algorithm,
                          CryptoKey baseKey,
                          unsigned long length);

The "length" argument is not defined as nullable.

However there are several of the algorithm's "Derive Bits" reference the
possibility of "length" being null. For instance:

ECDH:

If length is null:
  Return secret

HKDF-CTR:

If length is null, then throw a TypeError.

PBKDF2:

If length is null or is not a multiple of 8, then throw an OperationError.



It sounds like the intent was for deriveBits's length to be nullable, in which
case it should probably be marked as "unsigned long?"

Otherwise as written ECMAScript's ToNumber() will eat the null and spit out a
0, meaning it is only possible for length to be 0 and never null in those
sections.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Received on Saturday, 15 November 2014 00:22:12 UTC