Open Bug 1096777 Opened 11 years ago Updated 11 months ago

Properly handle JWK keys that have "oth" populated

Tracking

()

Status:

NEW

People

(Reporter: rbarnes, Assigned: anna.weine)

References

(Blocks 1 open bug)

Details

Richard Barnes [:rbarnes]

Reporter

Description

•

11 years ago

If a JWK includes an "oth" field, then its modulus has more than 2 prime factors. In this case, using the "p", "q", "dp", "dq", etc. elements -- anything besides "n", "e", and "d" -- results in incorrect operation. Unfortunately, the current WebCrypto implementation does exactly this. NSS doesn't support multi-prime, and doesn't accept private keys that have only "n", "e", and "d", so we need to update CryptoKey::PrivateKeyFromJwk to reject keys that include "oth".

Richard Barnes [:rbarnes]

Reporter

Updated

•

11 years ago

Blocks: web-crypto

Christoph Kerschbaumer [:ckerschb, back Sept 8th]

Updated

•

9 years ago

Component: DOM: Security → Security

BMO Automation

Updated

•

3 years ago

Severity: normal → S3

Anna Weine

Assignee

Updated

•

11 months ago

Assignee: nobody → anna.weine

Component: Security → DOM: Web Crypto

Anna Weine

Assignee

Updated

•

11 months ago

Priority: -- → P5

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Properly handle JWK keys that have "oth" populated

Categories

(Core :: DOM: Web Crypto, defect, P5)

Tracking

()

People

(Reporter: rbarnes, Assigned: anna.weine)

References

(Blocks 1 open bug)

Details

Crash Data

Security

(public)

User Story

Description

Updated

Updated

Updated

Updated

Updated