This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.

Bug 24830 - Consider whether the others Public Value input to (EC)DH deriveKey should be a Key object
Summary: Consider whether the others Public Value input to (EC)DH deriveKey should be ...
Status: RESOLVED FIXED
Alias: None
Product: Web Cryptography
Classification: Unclassified
Component: Web Cryptography API Document (show other bugs)
Version: unspecified
Hardware: PC All
: P2 normal
Target Milestone: ---
Assignee: Mark Watson
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-02-26 23:00 UTC by Mark Watson
Modified: 2014-03-03 19:09 UTC (History)
0 users

See Also:


Attachments

Description Mark Watson 2014-02-26 23:00:23 UTC
Presently, if the other's public value for the two DH algorithms is received in spki format, then it is necessary first to import this structure to obtain a Key object and then to export that in raw format to obtain an ArrayBuffer containing the Public Value. This may then be used with deriveKey.

If this is the more common use-case it would make sense to change the type of the public property of (Ec)DhDeriveParams to have type Key.

If we make that change, then the other use-case where the Public Value is received in some other form and extracted to an ArrayBuffer by the application would require that ArrayBuffer to be imported to obtain a Key. Thus the steps would be the same in both cases: import the received public value, provide this Key object to deriveKey.
Comment 1 Mark Watson 2014-02-28 16:24:49 UTC
Seems to be a positive response to this on the mailing list:

http://lists.w3.org/Archives/Public/public-webcrypto/2014Feb/0200.html
Comment 2 Mark Watson 2014-03-03 19:09:02 UTC
Changeset 11dcc989d87b for ECDH
Changeset 652347d84a62 for DH
Changeset 53c3341698aa fix for ECDH to check that the curves of public and private keys match