Bug 24963 - Export Key with "jwk" operations should return a Javascript object, rather than a JSON Web Key
Summary: Export Key with "jwk" operations should return a Javascript object, rather th...
Status: RESOLVED FIXED
Alias: None
Product: Web Cryptography
Classification: Unclassified
Component: Web Cryptography API Document (show other bugs)
Version: unspecified
Hardware: PC Windows NT
: P2 normal
Target Milestone: ---
Assignee: Ryan Sleevi
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-03-07 00:20 UTC by Ryan Sleevi
Modified: 2014-06-16 23:17 UTC (History)
2 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Ryan Sleevi 2014-03-07 00:20:15 UTC
The export operations that take "jwk" as a format should return a Javascript Object that is a valid JWK, rather than returning an ArrayBuffer and requiring callers JSON.parse() it.

This may require specifying IDL definitions for JWK keys (presently: RSA and EC keys) that would conform to the JWK definition.
Comment 2 Mark Watson 2014-03-08 00:59:35 UTC
As per my comment on the mailing list, I disagree.

Serialized output aligns with the other formats and is necessary in any case for wrap/unwrap. We discussed and rejected providing object input / output instead some time ago and the reasons discussed then still apply now.

We should consider in Last Call whether to *add* the capability to import / export in object format. This would be an additional key format (e.g. "jwk-js").
Comment 3 Mark Watson 2014-04-19 04:36:57 UTC
Based on the mailing list discussion, the simplicity of translation using the Encoding specification and the likely support for the Encoding specification, I've changed my opinion on this and am ok with import / export accepting / returning Javascript objects as proposed.

Browsers still need to support (de)serialization of JWKs for the wrap/unwrap cases.
Comment 4 vijaybh 2014-05-05 18:33:55 UTC
When this is fixed, this wording in 14.2 will also need to be updated to clarify that the return value is an object and not a serialization:

“jwk” “The key is represented as JSON according to the JSON Web Key format.” 

(see discussion in http://lists.w3.org/Archives/Public/public-webcrypto/2014Apr/0085.html)