SHARE
TWEET

Possible WebCrypto parameter choices

a guest Apr 1st, 2013 156 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. ## RECOMMENDED values for parameters:
  2. Based in part on RFC 6379 and SP800-57, aiming for 128-bit security level
  3. <http://tools.ietf.org/html/rfc6379#section-3.2>
  4. <http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57_part1_rev3_general.pdf>
  5.  
  6. ### Meta-values
  7.  
  8. [empty]     The empty string or octet string, or absent for optional parameters
  9. [random]    A psuedo-random value
  10. [p_3072]    Generator for 3072-bit MODP group [RFC3526]
  11.  
  12.  
  13. ### Key Generation
  14.  
  15. RsaKeyGenParams         modulusLength       3072
  16. RsaKeyGenParams         publicExponent      0x010001
  17. EcKeyGenParams          namedCurve          P-256
  18. AesKeyGenParams         length              128
  19. DhKeyGenParams          prime               [p_3072]
  20. DhKeyGenParams          generator           2
  21.  
  22.  
  23. ### Signature / MAC
  24.  
  25. RsaSsaParams            hash                "SHA-256"
  26. RsaPssParams            hash                "SHA-256"
  27. RsaPssParams            saltLength          256
  28. EcdsaParams             hash                "SHA-256"
  29. HmacParams              hash                "SHA-256"            
  30.  
  31.  
  32. ### Encryption
  33.  
  34. RsaOaepParams           hash                "SHA-256"
  35. RsaOaepParams           label               [empty]
  36. AesCtrParams            counter             [random]    
  37. AesCtrParams            length              32          
  38. AesCbcParams            iv                  [random]    <--- Req: Unpredictable
  39. AesCfbParams            iv                  [random]    <--- Req: Unpredictable
  40. AesGcmParams            iv                  [random]    <--- Req: Unique to each execution
  41. AesGcmParams            additionalData      [empty]
  42. AesGcmParams            tagLength           128
  43.  
  44.  
  45. ### Key Agreement
  46.  
  47. EcdhKeyDeriveParams     public              *****       <--- Impossible to auto-fill
  48. DhKeyDeriveParams       public              *****       <--- Impossible to auto-fill
  49.  
  50.  
  51. ### Key Derivation
  52.  
  53. ConcatParams            hash                "SHA-256"
  54. ConcatParams            algorithmId         [alg_name]  <--- From deriveKey invocation
  55. ConcatParams            partyUInfo          [random]    <--- Not SP800-56A compliant, but as close as possible without ID_U
  56. ConcatParams            partyVInfo          [random]    <--- Not SP800-56A compliant, but as close as possible without ID_V
  57. ConcatParams            publicInfo          [empty]
  58. ConcatParams            privateInfo         [empty]
  59. HkdfCtrParams           hashAlg             "SHA-256"    
  60. HkdfCtrParams           label               [empty]
  61. HkdfCtrParams           context             [empty]
  62. Pbkdf2Params            salt                [urandom]
  63. Pbkdf2Params            iterations          4096
  64. Pbkdf2Params            prf                 "SHA-256"
  65. Pbkdf2Params            password            *****       <--- Impossible to auto-fill
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top