21491 – RSA-OAEP keys or operations must be parameterized with a Hash and Mask Generation Function

This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.

Bug 21491 - RSA-OAEP keys or operations must be parameterized with a Hash and Mask Generation Function

Summary: RSA-OAEP keys or operations must be parameterized with a Hash and Mask Genera...

Status:	RESOLVED WORKSFORME

Alias:	None

Product:	Web Cryptography
Classification:	Unclassified
Component:	Web Cryptography API Document (show other bugs)
Version:	unspecified
Hardware:	PC All

Importance:	P2 normal
Target Milestone:	---
Assignee:	David Dahl
QA Contact:

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2013-04-01 14:48 UTC by Mark Watson
Modified:	2013-04-01 15:09 UTC (History)
CC List:	1 user (show)

See Also:

Attachments

Description Mark Watson 2013-04-01 14:48:58 UTC

RSA-OAEP encryption/decryption operations require a hash function and a mask generation function. These must be specified, or functions must be selected by the user of the API.

The Hash and Mask Generation Function could be parameters of the key (provided to generateKey, importKey and unwrapKey) or they could be parameters of the operations (encrypt, decrypt). There are may be security reasons to prefer one or the other approach, I don't know.

Comment 1 Mark Watson 2013-04-01 15:09:21 UTC

Sorry - someone mis-informed me that this was not in the spec, but I see that it is.