This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.

Bug 25468 - "CONCAT" KDF only supports deriveBits, not deriveKey
Summary: "CONCAT" KDF only supports deriveBits, not deriveKey
Status: RESOLVED WORKSFORME
Alias: None
Product: Web Cryptography
Classification: Unclassified
Component: Web Cryptography API Document (show other bugs)
Version: unspecified
Hardware: PC Windows NT
: P2 normal
Target Milestone: ---
Assignee: Mark Watson
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-04-25 22:42 UTC by Ryan Sleevi
Modified: 2014-09-24 18:57 UTC (History)
2 users (show)

See Also:


Attachments

Description Ryan Sleevi 2014-04-25 22:42:10 UTC
The Concat KDF only supports the deriveBits method. It should also support the deriveKey method.
Comment 1 Mark Watson 2014-04-25 23:09:07 UTC
This is a point of confusion that we've discussed before. I guess some clarification is needed in the specification.

Whilst there are both a deriveKey and deriveBits *methods* there is no 'derive key' *operation*. The procedure for the deriveKey method uses the same 'derive bits' operation as the procedure for the deriveBits *method*. The difference is that in the deriveKey case the returned bits are fed into the import key operation of the appropriate target algorithm wheras for the deriveBits operation the bits are returned directly.
Comment 2 Mark Watson 2014-09-22 17:43:42 UTC
The table lists methods, not operations. This should be fixed with the fix to 25625.