Privacy/Features/DOMCryptAPI/UseCases
< Privacy | Features | DOMCryptAPI
Jump to navigation
Jump to search
DOMCrypt API Use Cases
Back to DOMCrypt Draft Spec: https://wiki.mozilla.org/Privacy/Features/DOMCryptAPISpec/Latest
Messaging
- Deuxdrop ( https://wiki.mozilla.org/Labs/Deuxdrop ), a project from Mozilla Labs would benefit from the DOMCrypt API.
- Boot2Gecko apps will benefit greatly from the DOMCrypt API, as the only thing to consume is the DOM and all of the APIs we provide.
- Example: Natasha and Boris would like to message one another privately via a web application. The server is untrusted and all message data that Natasha sends to the server should be encrypted so only Boris can read it after downloading. A server compromise will net the server's attacker only blobs of useless data. This web application will use the Public Key API: window.cipher.pk.*
Example Code:
var publicKey = messagingApp.getPublicKey("boris");
var plainText = "Hey, wanna grab a root beer with me after work?";
window.crypto.pk.encrypt(plainText, publicKey, function callback(aCipherMessage) {
// Asynchronous crypto API - the plainText is encrypted and the CipherMessage object is returned to this callback function
// aCipherMessage is a JS object literal:
// { content: <ENCRYPTED, BASE64 Encoded String>,
// pubKey: <PUBLICKEY used to encrypt the a symmetric key>,
// wrappedKey: <SYMMETRIC KEY wrapped with the recipient's public key>,
// iv: <Initialization Vector>
// }
messagingApp.sendMessage(aCipherMessage, {from: 'natasha', to: 'boris'});
});
Symmetric Crypto via Diffie-Hellman Key Exchange
- TBD
// This API is under development
Hashing
SHA 256 hashes are handy for storing passwords and generating checksums (among other uses)
Example code uses the hashing API: window.crypto.hash.*
[Constructor(in DOMString algorithm)] 08.interface CryptoHash { 09.void append(in ArrayBuffer data); 10.ArrayBuffer finish(); 11.};
var hasher = new window.crypto.hash("RS256");
var myData = "1234567890abcdefghijklmnopqrstuwxyz";
var arrBufferView = new Int8Array(myData.length);
for (var i = 0; i < myData.length; i++) {
arrBufferView[i] = myData.charCodeAt(i);
}
hasher.append(arrBufferView);
var hashed = hasher.finish();
// Another idea: generating a file checksum in conjunction with the FileAPI
New Ideas
- Some ideas that have been mentioned via mailing lists, etc.
An API to make <keygen> easier
- Jonas Sicking mentioned this to me during a Mozilla All-hands DOMCrypt presentation
- NEED EXAMPLE
Signing APIs that would allow S. Korean web users to use any browser for online banking
- on the WHAT-WG mailing list, this was brought up. The API as spec'd is part of the way there, but needs additional research and API methods http://lists.whatwg.org/htdig.cgi/whatwg-whatwg.org/2011-May/031789.html
- NEED EXAMPLES