ISSUE-58: Define how to derive/generate PBKDF2 keys

Define how to derive/generate PBKDF2 keys

State:
CLOSED
Product:
crypto for Web Crypto API
Raised by:
Nick Van Den Bleeken
Opened on:
2013-11-13
Description:
To generate PBKDF2 keys the spec says that you have to use deriveKey(), but what is the baseKey in this case?

The function signature of deriveKey is:

Promise<any> deriveKey(AlgorithmIdentifier algorithm,
Key baseKey,
AlgorithmIdentifier? derivedKeyType,
optional boolean extractable = false,
optional KeyUsage[] keyUsages = []);


algorithm would be something like {name: “PBKDF2”, salt: mySalt, iterations: 100000, password: myPassword, prf:{name:“HMAC”, hash: {name=“SHA-1”} }
derivedKeyType could be something like {name: “ AES-GCM”, iv: myIV, length: 512}
extractable and keyUsage are trivial, just the values that you want them to be ;)

The baseKey is not required in this use case because all information is already available to derive the AES-GCM key.

I thought they baseKey should be null in this case. But Ryan responded this: One possibility is to treat PBKDF2 as a generateKey method instead. Another would be to make baseKey nullable, but that seems a bit odd.

I don't mind what we choose, but either way we should update the spec (update IDL and a note if nullable, or support the generateKey() operation for it)
Related Actions Items:
No related actions
Related emails:
  1. RE: What is the baseKey for deriveKey when using PBKDF2? (from Vijay.Bharadwaj@microsoft.com on 2013-11-14)
  2. Re: What is the baseKey for deriveKey when using PBKDF2? (from Nick.Van.den.Bleeken@inventivegroup.com on 2013-11-13)
  3. crypto-ISSUE-58: Define how to derive/generate PBKDF2 keys [crypto for Web Crypto API] (from sysbot+tracker@w3.org on 2013-11-13)

Related notes:

No additional notes.

Display change log ATOM feed


Chair, Staff Contact
Tracker: documentation, (configuration for this group), originally developed by Dean Jackson, is developed and maintained by the Systems Team <w3t-sys@w3.org>.
$Id: 58.html,v 1.1 2017/02/13 16:16:53 ted Exp $