- From: Jim Schaad <ietf@augustcellars.com>
- Date: Tue, 8 Mar 2016 18:13:19 -0800
- To: "'Eric Roman'" <ericroman@google.com>
- Cc: <public-webcrypto@w3.org>
- Message-ID: <026601d179a9$40ac4280$c204c780$@augustcellars.com>
Yes that fixes all of my problems but one. If the salt is missing, I am doing this by not providing the parameter rather than providing a zero length array of bytes. It seems to me to be a reasonable way of doing this but is not the same as what the previous IDL did. Opinions? Jim From: Eric Roman [mailto:ericroman@google.com] Sent: Tuesday, March 08, 2016 2:57 PM To: Jim Schaad <ietf@augustcellars.com> Cc: public-webcrypto@w3.org Subject: Re: FW: Renaming of HKDF-CTR to HKDF I haven't run the tests, but looking at your code in: https://github.com/jimsch/web-platform-tests/blob/HKDF/WebCryptoAPI/HKDF_derivebits_known.js I believe the problem is simply a typo: "Hash" instead of "hash". (The test runner expects "hash", but the SHA1 tests and empty salt/info are naming it "Hash"). On Tue, Mar 8, 2016 at 2:20 PM, Eric Roman <ericroman@google.com <mailto:ericroman@google.com> > wrote: On Mon, Mar 7, 2016 at 5:56 PM, Jim Schaad <ietf@augustcellars.com <mailto:ietf@augustcellars.com> > wrote: > -----Original Message----- > From: Jim Schaad [mailto:ietf@augustcellars.com <mailto:ietf@augustcellars.com> ] > Sent: Monday, March 07, 2016 4:46 PM > To: 'public-webcrypto@w3.org <mailto:public-webcrypto@w3.org> ' <public-webcrypto@w3.org <mailto:public-webcrypto@w3.org> > > Subject: RE: Renaming of HKDF-CTR to HKDF > > For the curious, here is a set of known value tests based on both the edits and > RFC 5869 > > https://github.com/jimsch/web-platform-tests/tree/HKDF > > The version of Chrome that I am running does not appear to support > SHA-1 > Zero length salt and info Can you provide some specific examples of the failures? According to Chrome's testing it supports SHA1 and empty salt/info. For instance these tests exercise those options: https://code.google.com/p/chromium/codesearch#chromium/src/third_party/WebKit/LayoutTests/crypto/subtle/hkdf/deriveBits-rfc5869-test-vectors.html > > The version of Firefox that I am running fails all of the tests. > > Jim > > > -----Original Message----- > > From: Jim Schaad [mailto:ietf@augustcellars.com <mailto:ietf@augustcellars.com> ] > > Sent: Monday, March 07, 2016 3:35 PM > > To: public-webcrypto@w3.org <mailto:public-webcrypto@w3.org> > > Subject: Renaming of HKDF-CTR to HKDF > > > > I have done the pull request that I promised on today's conference > > call. It can be found at: > > https://github.com/w3c/webcrypto/pull/16 > > > > I believe that this correspond to what Rob said that Mozilla has implemented. > > Please review and comment on the field names. > > > > Additional issues that can be addressed here: > > > > 1. HKDF allows for salt to be optional, there is a bug reported by > > Harry > > (https://www.w3.org/Bugs/Public/show_bug.cgi?id=27473) which says > > that this may be a problem. I do not know if this was reported for > > the NIST version or for the IETF version of the algorithm. It may be > > that it is just fixed by switching algorithms. If not then we can > > modify the text to provide default salt behavior in the algorithm description. > > > > 2. I did not address the question of having an export function for > > KDF functions > > (27774) as it should be done for all of the KDF functions at the same time. > > However I would support doing this. > > > > Jim > > > >
Received on Wednesday, 9 March 2016 02:13:48 UTC