Re: FW: Renaming of HKDF-CTR to HKDF from Eric Roman on 2016-03-08 (public-webcrypto@w3.org from March 2016)

From: Eric Roman <ericroman@google.com>
Date: Tue, 8 Mar 2016 14:56:42 -0800
To: Jim Schaad <ietf@augustcellars.com>
Cc: "public-webcrypto@w3.org" <public-webcrypto@w3.org>
Message-ID: <CAFswn4=_1tH5ykJvpfMp0MGAmc_XLiJAFMcn3=jk5Ho_J3+6bg@mail.gmail.com>

I haven't run the tests, but looking at your code in:
https://github.com/jimsch/web-platform-tests/blob/HKDF/WebCryptoAPI/HKDF_derivebits_known.js

I believe the problem is simply a typo: "Hash" instead of "hash".

(The test runner expects "hash", but the SHA1 tests and empty salt/info are
naming it "Hash").

On Tue, Mar 8, 2016 at 2:20 PM, Eric Roman <ericroman@google.com> wrote:

>
>
> On Mon, Mar 7, 2016 at 5:56 PM, Jim Schaad <ietf@augustcellars.com> wrote:
>
>>
>>
>> > -----Original Message-----
>> > From: Jim Schaad [mailto:ietf@augustcellars.com]
>> > Sent: Monday, March 07, 2016 4:46 PM
>> > To: 'public-webcrypto@w3.org' <public-webcrypto@w3.org>
>> > Subject: RE: Renaming of HKDF-CTR to HKDF
>> >
>> > For the curious, here is a set of known value tests based on both the
>> edits and
>> > RFC 5869
>> >
>> > https://github.com/jimsch/web-platform-tests/tree/HKDF
>> >
>> > The version of Chrome that I am running does not appear to support
>> >       SHA-1
>> >       Zero length salt and info
>>
>
> Can you provide some specific examples of the failures?
>
> According to Chrome's testing it supports SHA1 and empty salt/info.
> For instance these tests exercise those options:
>
>
> https://code.google.com/p/chromium/codesearch#chromium/src/third_party/WebKit/LayoutTests/crypto/subtle/hkdf/deriveBits-rfc5869-test-vectors.html
>
>
>> >
>> > The version of Firefox that I am running fails all of the tests.
>> >
>> > Jim
>> >
>> > > -----Original Message-----
>> > > From: Jim Schaad [mailto:ietf@augustcellars.com]
>> > > Sent: Monday, March 07, 2016 3:35 PM
>> > > To: public-webcrypto@w3.org
>> > > Subject: Renaming of HKDF-CTR to HKDF
>> > >
>> > > I have done the pull request that I promised on today's conference
>> > > call. It can be found at:
>> > > https://github.com/w3c/webcrypto/pull/16
>> > >
>> > > I believe that this correspond to what Rob said that Mozilla has
>> implemented.
>> > > Please review and comment on the field names.
>> > >
>> > > Additional issues that can be addressed here:
>> > >
>> > > 1.  HKDF allows for salt to be optional, there is a bug reported by
>> > > Harry
>> > > (https://www.w3.org/Bugs/Public/show_bug.cgi?id=27473)  which says
>> > > that this may be a problem.  I do not know if this was reported for
>> > > the NIST version or for the IETF version of the algorithm.  It may be
>> > > that it is just fixed by switching algorithms.  If not then we can
>> > > modify the text to provide default salt behavior in the algorithm
>> description.
>> > >
>> > > 2.  I did not address the question of having an export function for
>> > > KDF functions
>> > > (27774) as it should be done for all of the KDF functions at the same
>> time.
>> > > However I would support doing this.
>> > >
>> > > Jim
>> > >
>> > >
>>
>>
>>
>>
>

Received on Tuesday, 8 March 2016 22:57:13 UTC