WebCrypto: incorrect oid for ecdsa keys in spki
Categories
(Core :: DOM: Web Crypto, defect, P3)
Tracking
()
Tracking | Status | |
---|---|---|
firefox72 | --- | fixed |
People
(Reporter: ondras, Assigned: jcj)
References
Details
(Whiteboard: [webcrypto][domsecurity-backlog])
Attachments
(1 file, 1 obsolete file)
User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:56.0) Gecko/20100101 Firefox/56.0 Build ID: 20171003100843 Steps to reproduce: ECDSA keys exported via WebExpo to spki shall have the algo OID of "1.2.840.10045.2.1" as per https://www.w3.org/TR/WebCryptoAPI/#ecdsa-operations. Currently, these keys have OID "1.3.132.112". Actual results: The OID is "1.3.132.112" Expected results: The OID shall be "1.2.840.10045.2.1".
Reporter | ||
Comment 1•7 years ago
|
||
Typo: s/WebExpo/WebCrypto/
Updated•7 years ago
|
The ecdh OID is also wrong as per https://github.com/w3c/webcrypto/issues/86
Assignee | ||
Updated•5 years ago
|
Comment 4•5 years ago
|
||
JC, P2 in Dom:Security requires someone to be assigned to it. Can you help me find either an assignee or alternatively we could change the priority. What do you think?
Assignee | ||
Comment 5•5 years ago
|
||
Eventually I expect it will be Dana or me, but let's put it at P3 for now.
Updated•5 years ago
|
Assignee | ||
Updated•5 years ago
|
Note that while this bug may appear inconsequential, it actually prevents easily importing the key into other contexts like OpenSSL. The ASN has to be manually opened and fixed.
Assignee | ||
Comment 7•4 years ago
|
||
Thanks for the heads-up, kll, that's useful to know. With the updates from Bug 1564509 this is straightforward. I'll post a patch shortly.
Assignee | ||
Comment 8•4 years ago
|
||
id-ecPublicKey is defined as the OID {iso(1) member-body(2) us(840)
ansi-x962(10045) keyType(2) ecPublicKey(1)}, and is the NSS default, so
remove the override code from CryptoKey.cpp that forced it to the legacy
id-ecDH code.
Pushed by jjones@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/35f2efaaeff6 Use id-ecPublicKey for ECDH key export from WebCrypto r=keeler
Assignee | ||
Comment 10•4 years ago
|
||
Comment 11•4 years ago
|
||
Pushed by rgurzau@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/a4ef4d6cdff0 Fixup, mark as fixed relevant WebCrypto Web Platform Tests UPGRADE_NSS_RELEASE CLOSED TREE
Updated•4 years ago
|
Comment 12•4 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/35f2efaaeff6
https://hg.mozilla.org/mozilla-central/rev/a4ef4d6cdff0
Description
•