W3C home > Mailing lists > Public > public-webcrypto@w3.org > September 2015

Browser Profile Proposal: Testing implementations for algorithm coverage

From: Harry Halpin <hhalpin@w3.org>
Date: Mon, 14 Sep 2015 15:43:06 -0400
Message-ID: <55F7234A.4060403@w3.org>
To: public-webcrypto@w3.org
Right now we have implementation across all major browsers, and a good
subset of interop for the "browser profile" - see table below (a
simplified version of our testing results). Apple has been left out
until they remove the webkitSubtle prefix and replace it per spec with 
'subtle', which has been communicated to them.

Effectively, the place where *all 3 browsers* seem to converge:

Browser Profile (All three browsers support): RSASSA-PKCS1-v1_5,
RSA-OAEP, AES-CBC, AES-GCM, AES-GCM, AES-KW, HMAC, SHA-256, SHA-384, SHA-512
Two implementations but not three: SHA-1
Keep in Spec but not in Browser Profile (at least one implementation):
ECDSA, ECDH, AES-CTR, PBKDF2, DH
Remove from spec? (no implementations): RSA-PSS, AES-CMAC, AES-CFB,
CONCAT, HKDF-CTR


I am assuming there are no planned changes from browser vendors to their
algorithms, but if there are it would be good to know within the next
two weeks or so.

I can also produce a per-OS version of this table within two weeks, with
updates to latest non-beta versions, as there are minor OS differences.
However, the below table is made conservatively.

   cheers,
         harry
---
ALGORITHM    BROWSER_PROFILE    EDGE13_Windows       
CHROME45_Mac_Linux    FIREFOX40_Mac_Linux   
RSASSA-PKCS1-v1_5    YES        YES         YES            YES           
RSA-PSS            NO           NO         NO            NO
RSA-OAEP           YES        YES         YES             YES
ECDSA                NO        NO         NO            YES*No importKey
pkcs8-priv No exportKey jwk-priv pkcs8-priv
ECDH               NO        NO         NO            YES*No importKey
pkcs8-priv raw-pub No exportKey jwk-priv pkcs8-priv raw-pub
AES-CTR              NO        NO         NO            YES
AES-CBC           YES        YES         YES*No 192 bit keys    YES
AES-CMAC          NO        NO         NO                NO
AES-GCM           YES        YES         YES*No 192 bit keys    YES
AES-CFB           NO        NO         NO                NO
AES-KW               YES        YES         YES*No 193 bit keys    YES
HMAC               YES        YES        YES                YES
DH               NO        NO         NO            YES*No deriveKey No
importKey pkcs8-priv raw-pub No exportKey jwk-priv pkcs8-priv raw-pub
SHA-1               NO        NO         YES            YES
SHA-256           YES        YES         YES            YES
SHA-384           YES        YES         YES            YES
SHA-512           YES        YES         YES            YES
CONCAT               NO        NO         NO            NO
HKDF-CTR           NO        NO         NO            NO
PBKDF2               NO        NO         NO            YES*No
generateKey No importKey SHA-256 SHA-384 SHA-512 No exportKey SHA-256
SHA-384 SHA-512
Received on Monday, 14 September 2015 19:43:08 UTC

This archive was generated by hypermail 2.3.1 : Monday, 14 September 2015 19:43:08 UTC