25718 – Support RSA-OAEP with the SHA-2* family of algorithms in JWK

This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.

Bug 25718 - Support RSA-OAEP with the SHA-2* family of algorithms in JWK

Summary: Support RSA-OAEP with the SHA-2* family of algorithms in JWK

Status:	RESOLVED FIXED

Alias:	None

Product:	Web Cryptography
Classification:	Unclassified
Component:	Web Cryptography API Document (show other bugs)
Version:	unspecified
Hardware:	PC Windows NT

Importance:	P2 normal
Target Milestone:	---
Assignee:	Ryan Sleevi
QA Contact:

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2014-05-14 22:36 UTC by Ryan Sleevi
Modified:	2014-06-16 23:13 UTC (History)
CC List:	2 users (show)

See Also:

Attachments

Description Ryan Sleevi 2014-05-14 22:36:23 UTC

The current specification describes the JWA alg "RSA-OAEP", which is RSA-OAEP with SHA-1 and MGF-1 SHA-1.

However, additional algorithms are supported in WebCrypto - namely, SHA-256, SHA-384, and SHA-512 - and their representation in JWK is not described (as noted in Appendix A)

JOSE has decided that the naming format will be "RSA-OAEP-256" for RSA-OAEP with SHA-256 and MGF-1 SHA-256 in the most recent drafts.

The specification for Import Key and Export Key for RSA-OAEP should be updated to reflect the table-based nature of the hash algorithm. Currently, Step 5 of Import for JWK states "if the alg field of jwk is present, and is not RSA-OAEP, return an error named DataError"

Comment 1 Ryan Sleevi 2014-06-16 23:13:40 UTC

https://dvcs.w3.org/hg/webcrypto-api/rev/a4cb70fcc0bb