API tools faq
paste
Advertisement
Guest User

Possible WebCrypto parameter choices

a guest
Apr 1st, 2013
253
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.75 KB | None | 0 0
raw download clone embed print report
  1. ## RECOMMENDED values for parameters:
  2. Based in part on RFC 6379 and SP800-57, aiming for 128-bit security level
  3. <http://tools.ietf.org/html/rfc6379#section-3.2>
  4. <http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57_part1_rev3_general.pdf>
  5.  
  6. ### Meta-values
  7.  
  8. [empty] The empty string or octet string, or absent for optional parameters
  9. [random] A psuedo-random value
  10. [p_3072] Generator for 3072-bit MODP group [RFC3526]
  11.  
  12.  
  13. ### Key Generation
  14.  
  15. RsaKeyGenParams modulusLength 3072
  16. RsaKeyGenParams publicExponent 0x010001
  17. EcKeyGenParams namedCurve P-256
  18. AesKeyGenParams length 128
  19. DhKeyGenParams prime [p_3072]
  20. DhKeyGenParams generator 2
  21.  
  22.  
  23. ### Signature / MAC
  24.  
  25. RsaSsaParams hash "SHA-256"
  26. RsaPssParams hash "SHA-256"
  27. RsaPssParams saltLength 256
  28. EcdsaParams hash "SHA-256"
  29. HmacParams hash "SHA-256"
  30.  
  31.  
  32. ### Encryption
  33.  
  34. RsaOaepParams hash "SHA-256"
  35. RsaOaepParams label [empty]
  36. AesCtrParams counter [random]
  37. AesCtrParams length 32
  38. AesCbcParams iv [random] <--- Req: Unpredictable
  39. AesCfbParams iv [random] <--- Req: Unpredictable
  40. AesGcmParams iv [random] <--- Req: Unique to each execution
  41. AesGcmParams additionalData [empty]
  42. AesGcmParams tagLength 128
  43.  
  44.  
  45. ### Key Agreement
  46.  
  47. EcdhKeyDeriveParams public ***** <--- Impossible to auto-fill
  48. DhKeyDeriveParams public ***** <--- Impossible to auto-fill
  49.  
  50.  
  51. ### Key Derivation
  52.  
  53. ConcatParams hash "SHA-256"
  54. ConcatParams algorithmId [alg_name] <--- From deriveKey invocation
  55. ConcatParams partyUInfo [random] <--- Not SP800-56A compliant, but as close as possible without ID_U
  56. ConcatParams partyVInfo [random] <--- Not SP800-56A compliant, but as close as possible without ID_V
  57. ConcatParams publicInfo [empty]
  58. ConcatParams privateInfo [empty]
  59. HkdfCtrParams hashAlg "SHA-256"
  60. HkdfCtrParams label [empty]
  61. HkdfCtrParams context [empty]
  62. Pbkdf2Params salt [urandom]
  63. Pbkdf2Params iterations 4096
  64. Pbkdf2Params prf "SHA-256"
  65. Pbkdf2Params password ***** <--- Impossible to auto-fill
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!