Re: Browser Profile Proposal: Testing implementations for algorithm coverage from Eric Roman on 2015-09-14 (public-webcrypto@w3.org from September 2015)

From: Eric Roman <ericroman@google.com>
Date: Mon, 14 Sep 2015 13:17:26 -0700
To: Harry Halpin <hhalpin@w3.org>
Cc: "public-webcrypto@w3.org" <public-webcrypto@w3.org>
Message-ID: <CAFswn4mfcfxYVjTyWnSryLh0dj+F6zpnB3AxMz4YvehGtgE+SQ@mail.gmail.com>

On Mon, Sep 14, 2015 at 12:43 PM, Harry Halpin <hhalpin@w3.org> wrote:

> Right now we have implementation across all major browsers, and a good
> subset of interop for the "browser profile" - see table below (a
> simplified version of our testing results). Apple has been left out
> until they remove the webkitSubtle prefix and replace it per spec with
> 'subtle', which has been communicated to them.
>
> Effectively, the place where *all 3 browsers* seem to converge:
>
> Browser Profile (All three browsers support): RSASSA-PKCS1-v1_5,
> RSA-OAEP, AES-CBC, AES-GCM, AES-GCM, AES-KW, HMAC, SHA-256, SHA-384,
> SHA-512
> Two implementations but not three: SHA-1
> Keep in Spec but not in Browser Profile (at least one implementation):
> ECDSA, ECDH, AES-CTR, PBKDF2, DH

Remove from spec? (no implementations): RSA-PSS, AES-CMAC, AES-CFB,
> CONCAT, HKDF-CTR
>

I am not entirely sure how to read the pasted table, since the formatting
it weird.

But note that Chrome implements RSA-PSS, as well as HKDF (rather than
HKDF-CTR)

I assume these tests were carried out using Chrome 45 for Linux, which
doesn't support all the algorithms.

Next month Chrome 46 should become the stable version, and the algorithm
support on Linux will match that of the other Chrome platforms. Hence I
think a more accurate view would be to test using either Chrome 45 on a
non-Linux platform, or Chrome 46.

I am assuming there are no planned changes from browser vendors to their
> algorithms, but if there are it would be good to know within the next
> two weeks or so.
>



> I can also produce a per-OS version of this table within two weeks, with
> updates to latest non-beta versions, as there are minor OS differences.
> However, the below table is made conservatively.
>
>    cheers,
>          harry
> ---
> ALGORITHM    BROWSER_PROFILE    EDGE13_Windows
> CHROME45_Mac_Linux    FIREFOX40_Mac_Linux
> RSASSA-PKCS1-v1_5    YES        YES         YES            YES
> RSA-PSS            NO           NO         NO            NO
> RSA-OAEP           YES        YES         YES             YES
> ECDSA                NO        NO         NO            YES*No importKey
> pkcs8-priv No exportKey jwk-priv pkcs8-priv
> ECDH               NO        NO         NO            YES*No importKey
> pkcs8-priv raw-pub No exportKey jwk-priv pkcs8-priv raw-pub
> AES-CTR              NO        NO         NO            YES
> AES-CBC           YES        YES         YES*No 192 bit keys    YES
> AES-CMAC          NO        NO         NO                NO
> AES-GCM           YES        YES         YES*No 192 bit keys    YES
> AES-CFB           NO        NO         NO                NO
> AES-KW               YES        YES         YES*No 193 bit keys    YES
> HMAC               YES        YES        YES                YES
> DH               NO        NO         NO            YES*No deriveKey No
> importKey pkcs8-priv raw-pub No exportKey jwk-priv pkcs8-priv raw-pub
> SHA-1               NO        NO         YES            YES
> SHA-256           YES        YES         YES            YES
> SHA-384           YES        YES         YES            YES
> SHA-512           YES        YES         YES            YES
> CONCAT               NO        NO         NO            NO
> HKDF-CTR           NO        NO         NO            NO
> PBKDF2               NO        NO         NO            YES*No
> generateKey No importKey SHA-256 SHA-384 SHA-512 No exportKey SHA-256
> SHA-384 SHA-512
>
>
>
>

Received on Monday, 14 September 2015 20:17:55 UTC