This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.

Bug 23954 - Please specify RsaOaepParams label semantics
Summary: Please specify RsaOaepParams label semantics
Status: RESOLVED INVALID
Alias: None
Product: Web Cryptography
Classification: Unclassified
Component: Web Cryptography API Document (show other bugs)
Version: unspecified
Hardware: All All
: P2 normal
Target Milestone: ---
Assignee: Ryan Sleevi
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-12-02 17:58 UTC by Alexey Proskuryakov
Modified: 2014-01-22 23:33 UTC (History)
1 user (show)

See Also:

Attachments

Description Alexey Proskuryakov 2013-12-02 17:58:51 UTC 
One can add a label when performing RSA-OAEP encryption, but can't get it from an encrypted message.

Should there be a way to get the label?

Also, unclear why decrypt operation also takes RsaOaepParams with a label. Is decryption supposed to fail if the labels don't match?
Comment 1 Mark Watson 2014-01-22 23:33:56 UTC 
(In reply to Alexey Proskuryakov from comment #0)
> One can add a label when performing RSA-OAEP encryption, but can't get it
> from an encrypted message.
> 
> Should there be a way to get the label?
> 
> Also, unclear why decrypt operation also takes RsaOaepParams with a label.
> Is decryption supposed to fail if the labels don't match?

IIUC, the label in RSA-OAEP is additional data that is protected by the authentication tag, but not included in the ciphertext. So, the label is assumed to be communicated separately from the ciphertext (or otherwise made available to the recipient). It needs to be provided to the decrypt operation so that it can be included in the verification of the authentication tag.