Skip to content

Commit

Permalink
Make hashAlg a "recognized algorithm name". (#352)
Browse files Browse the repository at this point in the history 
* Make `hashAlg` a recognized algorithm name for a digest algorithm.

This drops the use of "S256", etc.

* Remove the IANA section for S256, etc.

This didn't really fit anyway since SHA-256, etc are digests not "Cryptographic
Algorithms for Digital Signatures and MACs".
  • Loading branch information
@jyasskin @vijaybh
jyasskin authored and vijaybh committed Mar 1, 2017
1 parent 546f82f commit c42a822
Showing 1 changed file with 4 additions and 61 deletions.
65 changes: 4 additions & 61 deletions index.bs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,7 @@ spec: TokenBinding; urlPrefix: https://tools.ietf.org/html/draft-ietf-tokbind-pr
spec: WebCryptoAPI; urlPrefix: https://www.w3.org/TR/WebCryptoAPI/
type: dfn
text: normalizing an algorithm; url: dfn-normalize-an-algorithm
text: recognized algorithm name
type: dictionary
text: AlgorithmIdentifier; url: dfn-AlgorithmIdentifier
</pre> <!-- class=anchors -->
Expand Down Expand Up @@ -915,7 +916,7 @@ string-valued keys. Values may be any type that has a valid encoding in JSON. It
dictionary ClientData {
required DOMString challenge;
required DOMString origin;
required AlgorithmIdentifier hashAlg;
required DOMString hashAlg;
DOMString tokenBinding;
AuthenticationExtensions extensions;
};
Expand All @@ -927,8 +928,7 @@ string-valued keys. Values may be any type that has a valid encoding in JSON. It
The <dfn>origin</dfn> member contains the fully qualified origin of the requester, as provided to the authenticator by
the client, in the syntax defined by [[RFC6454]].

The <dfn>hashAlg</dfn> member specifies the hash algorithm used to compute <a>clientDataHash</a>. Use "S256" for SHA-256,
"S384" for SHA384, "S512" for SHA512, and "SM3" for SM3 (see [[#iana-considerations]]). This algorithm is chosen by the
The <dfn>hashAlg</dfn> member is a [=recognized algorithm name=] that supports the `"digest"` operation, which specifies the hash algorithm used to compute <a>clientDataHash</a>. This algorithm is chosen by the
client at its sole discretion.

The <dfn>tokenBinding</dfn> member contains the base64url encoding of the Token Binding ID that this client uses for the
Expand Down Expand Up @@ -1592,8 +1592,7 @@ ceremony, a [RP] MUST proceed as follows:

5. Verify that the {{ClientData/extensions}} in |C| is a proper subset of the extensions requested by the RP.

6. Compute the <a>clientDataHash</a> over {{ScopedCredentialInfo/clientDataJSON}} using the {{ClientData/hashAlg}} algorithm
found in |C|.
6. Compute the <a>clientDataHash</a> over {{ScopedCredentialInfo/clientDataJSON}} using the algorithm identified by <code>|C|.{{ClientData/hashAlg}}</code>.

7. Perform CBOR decoding on the {{ScopedCredentialInfo/attestationObject}} field of the {{ScopedCredentialInfo}} structure to
obtain the attestation statement format |fmt|, the authenticator data |authData|, and the attestation statement |attStmt|.
Expand Down Expand Up @@ -2616,62 +2615,6 @@ credential. It is intended primarily for [RPS] that wish to tightly control the
</pre>


# IANA Considerations # {#iana-considerations}

This specification registers the algorithm names "S256", "S384", "S512", and "SM3" with the IANA JSON Web Algorithms registry as
defined in section "Cryptographic Algorithms for Digital Signatures and MACs" in [[RFC7518]].

These names follow the naming strategy in [draft-ietf-oauth-spop-15](https://tools.ietf.org/html/draft-ietf-oauth-spop-15).

<table class="def">
<tbody>
<tr> <td>Algorithm Name</td> <td>"S256"</td> </tr>
<tr> <td>Algorithm Description</td> <td>The SHA256 hash algorithm.</td> </tr>
<tr> <td>Algorithm Usage Location(s)</td> <td>"alg", i.e., used with JWS.</td> </tr>
<tr> <td>JOSE Implementation Requirements</td> <td>Optional+</td> </tr>
<tr> <td>Change Controller</td> <td><a href='https://fidoalliance.org/contact/'>FIDO Alliance</a></td> </tr>
<tr> <td>Specification Documents</td> <td>[[!FIPS-180-4]] </td> </tr>
<tr> <td>Algorithm Analysis Document(s)</td> <td>[[SP800-107r1]]</td> </tr>
</tbody>
</table>

<table class="def">
<tbody>
<tr> <td>Algorithm Name</td> <td>"S384"</td> </tr>
<tr> <td>Algorithm Description</td> <td>The SHA384 hash algorithm.</td> </tr>
<tr> <td>Algorithm Usage Location(s)</td> <td>"alg", i.e., used with JWS.</td> </tr>
<tr> <td>JOSE Implementation Requirements</td> <td>Optional</td> </tr>
<tr> <td>Change Controller</td> <td><a href='https://fidoalliance.org/contact/'>FIDO Alliance</a></td> </tr>
<tr> <td>Specification Documents</td> <td>[[!FIPS-180-4]] </td> </tr>
<tr> <td>Algorithm Analysis Document(s)</td> <td>[[SP800-107r1]]</td> </tr>
</tbody>
</table>

<table class="def">
<tbody>
<tr> <td>Algorithm Name</td> <td>"S512"</td> </tr>
<tr> <td>Algorithm Description</td> <td>The SHA512 hash algorithm.</td> </tr>
<tr> <td>Algorithm Usage Location(s)</td> <td>"alg", i.e., used with JWS.</td> </tr>
<tr> <td>JOSE Implementation Requirements</td> <td>Optional+</td> </tr>
<tr> <td>Change Controller</td> <td><a href='https://fidoalliance.org/contact/'>FIDO Alliance</a></td> </tr>
<tr> <td>Specification Documents</td> <td>[[!FIPS-180-4]] </td> </tr>
<tr> <td>Algorithm Analysis Document(s)</td> <td>[[SP800-107r1]]</td> </tr>
</tbody>
</table>

<table class="def">
<tbody>
<tr> <td>Algorithm Name</td> <td>"SM3"</td> </tr>
<tr> <td>Algorithm Description</td> <td>The SM3 hash algorithm.</td> </tr>
<tr> <td>Algorithm Usage Location(s)</td> <td>"alg", i.e., used with JWS.</td> </tr>
<tr> <td>JOSE Implementation Requirements</td> <td>Optional</td> </tr>
<tr> <td>Change Controller</td> <td><a href='https://fidoalliance.org/contact/'>FIDO Alliance</a></td> </tr>
<tr> <td>Specification Documents</td> <td>[[!OSCCA-SM3]] </td> </tr>
<tr> <td>Algorithm Analysis Document(s)</td> <td>N/A</td> </tr>
</tbody>
</table>


# Sample scenarios # {#sample-scenarios}

[INFORMATIVE]
Expand Down

0 comments on commit c42a822

Please sign in to comment.