Closed
Bug 1021601
Opened 10 years ago
Closed 10 years ago
Remove SHA-224 support from WebCrypto API
Categories
(Core :: DOM: Security, defect)
Core
DOM: Security
Tracking
()
RESOLVED
FIXED
mozilla32
People
(Reporter: ttaubert, Assigned: ttaubert)
References
(Blocks 1 open bug)
Details
Attachments
(1 file)
(deleted),
patch
|
rbarnes
:
review+
|
Details | Diff | Splinter Review |
SHA-224 support has been removed from the spec: https://dvcs.w3.org/hg/webcrypto-api/rev/3f7df730b2c7
Assignee | ||
Comment 1•10 years ago
|
||
I based this off of bug 1020882.
Comment 2•10 years ago
|
||
Comment on attachment 8435657 [details] [diff] [review] 0002-Bug-1021601-Remove-SHA-224-support-from-WebCrypto-AP.patch Review of attachment 8435657 [details] [diff] [review]: ----------------------------------------------------------------- Just to be clear: I'm OK removing this hash function, but it is not true in general that we have to be limited to the algorithms listed in the spec. If we had some reason to support, say, RIPEMD-160, we should not feel constrained by the fact that it's not in the spec.
Attachment #8435657 -
Flags: review?(rlb) → review+
Comment on attachment 8435657 [details] [diff] [review] 0002-Bug-1021601-Remove-SHA-224-support-from-WebCrypto-AP.patch Review of attachment 8435657 [details] [diff] [review]: ----------------------------------------------------------------- I couldn't seem to find tests for if webcrypto is given a hash algorithm it doesn't support - we should add some.
Assignee | ||
Comment 4•10 years ago
|
||
(In reply to Richard Barnes [:rbarnes] from comment #2) > Just to be clear: I'm OK removing this hash function, but it is not true in > general that we have to be limited to the algorithms listed in the spec. If > we had some reason to support, say, RIPEMD-160, we should not feel > constrained by the fact that it's not in the spec. Right, I'm not totally familiar with the spec yet, thanks for clarifying! (In reply to David Keeler (:keeler) [use needinfo?] from comment #3) > I couldn't seem to find tests for if webcrypto is given a hash algorithm it > doesn't support - we should add some. Yes, we should.
Assignee | ||
Comment 5•10 years ago
|
||
(In reply to David Keeler (:keeler) [use needinfo?] from comment #3) > I couldn't seem to find tests for if webcrypto is given a hash algorithm it > doesn't support - we should add some. Actually, bug 1020882 that I just landed contains a test for that.
Assignee | ||
Comment 6•10 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/3efccd28317b
Comment 7•10 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/3efccd28317b
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla32
Updated•8 years ago
|
Component: Security → DOM: Security
You need to log in
before you can comment on or make changes to this bug.
Description
•