This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.

Bug 25718 - Support RSA-OAEP with the SHA-2* family of algorithms in JWK
Summary: Support RSA-OAEP with the SHA-2* family of algorithms in JWK
Alias: None
Product: Web Cryptography
Classification: Unclassified
Component: Web Cryptography API Document (show other bugs)
Version: unspecified
Hardware: PC Windows NT
: P2 normal
Target Milestone: ---
Assignee: Ryan Sleevi
QA Contact:
Depends on:
Reported: 2014-05-14 22:36 UTC by Ryan Sleevi
Modified: 2014-06-16 23:13 UTC (History)
2 users (show)

See Also:


Description Ryan Sleevi 2014-05-14 22:36:23 UTC
The current specification describes the JWA alg "RSA-OAEP", which is RSA-OAEP with SHA-1 and MGF-1 SHA-1.

However, additional algorithms are supported in WebCrypto - namely, SHA-256, SHA-384, and SHA-512 - and their representation in JWK is not described (as noted in Appendix A)

JOSE has decided that the naming format will be "RSA-OAEP-256" for RSA-OAEP with SHA-256 and MGF-1 SHA-256 in the most recent drafts.

The specification for Import Key and Export Key for RSA-OAEP should be updated to reflect the table-based nature of the hash algorithm. Currently, Step 5 of Import for JWK states "if the alg field of jwk is present, and is not RSA-OAEP, return an error named DataError"