27403 2014-11-21 21:56:54 +0000 Should PBKDF2 be allowed on non-multiple of 8 lengths for consistency? 2016-05-23 22:55:17 +0000 1 1 1 Unclassified Web Cryptography Web Cryptography API Document unspecified PC Linux RESOLVED MOVED P2 normal --- 1 ericroman sleevi ietf public-webcrypto watsonm oldest_to_newest 115316 0 ericroman 2014-11-21 21:56:54 +0000 PBKDF2 throws an OperationError if length is not a multiple of 8 bits. This seems inconsistent with deriveBits() for other algorithms, which simply truncate to the specified bit length (for instance ECDH and DH). 125368 1 ietf 2016-03-04 20:17:31 +0000 Looking at RFC 2898 which has a definition of PBKDF2. The inputs include dkLen - intended length in octets of the derived key, a positive integer. This means that the algorithm itself requires that the output length be an integral number of bytes and is not specified for odd bit sizes. This bug should be resolved as by design. 126492 2 watsonm 2016-05-23 22:55:17 +0000 Moved to https://github.com/w3c/webcrypto/issues/32