- From: Charles Engelke <w3c@engelke.com>
- Date: Thu, 2 Jun 2016 13:44:46 -0400
- To: "public-webcrypto@w3.org" <public-webcrypto@w3.org>
I think I'm done testing encrypt for the various AES modes, and just have RSA-OAEP to go. But I'm running into a problem: RSA-OAEP injects randomness when encrypting, so the only way to check that encryption worked is to see if the result can be decrypted. I see three options: - assume that if encrypt doesn't throw and exception, it passes - check the result of encrypt by using subtleCrypto decrypt to see if you get the same plaintext back (note that decrypt can be tested with sample ciphertext so we can tell if it's working separately) - check the result of encrypt by using an external program to decrypt its result The third option seems to be the best in a perfect world. But it would require the test framework to have an external program that can do RSA-OAEP decryption with all the options subtleCrypto is supposed to to have: any of the four supported hash functions, and with and without the optional label. OpenSSL, for example, seems to only support SHA-1 and no label. I'd appreciate any suggestions on how to proceed (and would also appreciate pointers on how to extend the framework to use an external program if that's the needed solution). Thanks, Charlie
Received on Thursday, 2 June 2016 17:45:16 UTC