Privacy/Features/DOMCryptAPI: Difference between revisions
| Line 64: | Line 64: | ||
The current patch for Firefox has become asynchronous. The API has been renamed "window.cipher" and namespaced for the addition of future APIs. | The current patch for Firefox has become asynchronous. The API has been renamed "window.cipher" and namespaced for the addition of future APIs. | ||
This is the basic design: | This is the basic API design: | ||
<pre class="brush:js;toolbar:false;"> | |||
window.cipher.pk.generateKeypair(function callback(aPubKey){}) | window.cipher.pk.generateKeypair(function callback(aPubKey){}) | ||
| Line 79: | Line 80: | ||
window.cipher.hash.SHA256(aPlainText, function callback(aHash){}) | window.cipher.hash.SHA256(aPlainText, function callback(aHash){}) | ||
</pre> | |||
== Test Plans == | == Test Plans == | ||
Revision as of 17:16, 1 June 2011
| Feature | Status | ETA | Owner |
| DOMCryptAPI (a Crypto API in the DOM) | Currently a Firefox Extension, DOMCrypt adds a new Window property that wraps NSS crypto functions, see http://domcrypt.org and https://wiki.mozilla.org/Privacy/Features/DOMCryptAPISpec/Latest | 2011-07-01 | David Dahl |
Summary
DOMCrypt gives web developers and endusers control over who data is shared with in plain text. As a general purpose Crypto API, DOMCrypt will provide Public Key Encryption, Symmetric Encryption and Hashing. There are additional use-cases being developed as well.
Team
- Feature Manager: Dietrich Alaya
- Lead Developer: David Dahl
- Product Manager:
- QA: Juan Becerra
- Security: Curtis Koenig
- Privacy: Sid Stamm
- Cryptography:
Draft Spec
Release Requirements
- Elegant Public Key encryption API
- Elegant Symmetric Encryption API
- SHA256 Hashing API
- Off main thread API methods
- User and web developer evangelism
- Discussion and plan for standardization
Next Steps
- Get the discussion going with other browser vendors, WHAT-WG, W3C, TC-39
- Port extension over to Firefox/DOM code: initial patch ready for review
- Use ChromeWorkers / callbacks for all API methods - done
- Test suite - done
- New name for the DOM property, currently using 'window.cipher' - this is secondary to how the API operates. perhaps we will integrate this with window.crypto or stick it inside "navigator.crypto"
Background
- This code is heavily based on parts of WeaveCrypto that was excised from mozilla-central, when Sync switched to J-PAKE crypto
Use Cases
See https://wiki.mozilla.org/Privacy/Features/DOMCryptAPI/UseCases
Related Bugs & Dependencies
Designs
See http://domcrypt.org and https://github.com/daviddahl/domcrypt
The current patch for Firefox has become asynchronous. The API has been renamed "window.cipher" and namespaced for the addition of future APIs.
This is the basic API design:
window.cipher.pk.generateKeypair(function callback(aPubKey){})
window.cipher.pk.getPublicKey(function callback(aPubKey){})
window.cipher.pk.encrypt(aPlainText, aPublicKey, function callback(aCipherMessage){})
window.cipher.pk.decrypt(aCipherMessage, function callback(aPlainText){})
window.cipher.pk.sign(aPlainText, function callback(aSignature){})
window.cipher.pk.verify(aDecryptedPlainText, aSignature, aPublicKey, function callback(aBoolean){})
window.cipher.hash.SHA256(aPlainText, function callback(aHash){})
Test Plans
We have a mochitest browser test suite in place in the patch in bug 649154
Goals/Use Cases
Provide an elegant "webby" crypto API web developers can use to allow more user control of messages and data typed into Firefox
Non-Goals
Initially supporting complex Crypto standards
Other Documentation
David Dahl has been working on this project over the past couple of years as a side project. Starting with content-based crypto via wordpress' AES implementation, moving to WeaveCrypto-based extensions and sites like https://droplettr.com - the realization dawned that starting small is the best bet in this endeavor: a single DOM property.
Legend
| Healthy: feature is progressing as expected. | |
| ETA | 2011-06-23 |