canmove, Confirmed users, Bureaucrats and Sysops emeriti
6,906
edits
Privacy/Features/DOMCryptAPI: Difference between revisions
Jump to navigation
Jump to search
m
no edit summary
m (clearing in prep for migration to new feature page format (will be done momentarily)) |
mNo edit summary |
||
| Line 1: | Line 1: | ||
{{FeatureStatus | |||
|Feature name=DOMCryptAPI (a Crypto API in the DOM) | |||
|Feature stage=Design | |||
|Feature health=OK | |||
|Feature status note=Currently a Firefox Extension, DOMCrypt adds a new Window property that wraps NSS crypto functions, see http://domcrypt.org and https://wiki.mozilla.org/Privacy/Features/DOMCryptAPISpec/Latest | |||
}} | |||
{{FeatureTeam | |||
|Feature product manager=Chris Blizzard | |||
|Feature feature manager=Dietrich Ayala | |||
|Feature lead engineer=David Dahl | |||
|Feature security lead=Curtis Koenig | |||
|Feature privacy lead=Sid Stamm | |||
|Feature qa lead=Juan Becerra | |||
}} | |||
{{FeaturePageBody | |||
|Feature overview=DOMCrypt gives web developers and endusers control over who data is shared with in plain text. As a general purpose Crypto API, DOMCrypt will provide Public Key Encryption, Symmetric Encryption and Hashing. There are additional use-cases being developed as well. | |||
Goal: Provide an elegant "webby" crypto API web developers can use to allow more user control of messages and data typed into Firefox | |||
|Feature users and use cases=See https://wiki.mozilla.org/Privacy/Features/DOMCryptAPI/UseCases | |||
|Feature requirements=* Elegant Public Key encryption API | |||
* Elegant Symmetric Encryption API | |||
* SHA256 Hashing API | |||
* Off main thread API methods | |||
* User and web developer evangelism | |||
* Discussion and plan for standardization | |||
|Feature non-goals=Initially supporting complex Crypto standards. | |||
|Feature functional spec=* Draft spec: https://wiki.mozilla.org/Privacy/Features/DOMCryptAPISpec/Latest | |||
See http://domcrypt.org and https://github.com/daviddahl/domcrypt | |||
The current patch for Firefox has become asynchronous. The API has been renamed "window.cipher" and namespaced for the addition of future APIs. | |||
This is the basic API design: | |||
<pre class="brush:js;toolbar:false;"> | |||
window.cipher.pk.generateKeypair(function callback(aPubKey){}) | |||
window.cipher.pk.getPublicKey(function callback(aPubKey){}) | |||
window.cipher.pk.encrypt(aPlainText, aPublicKey, function callback(aCipherMessage){}) | |||
window.cipher.pk.decrypt(aCipherMessage, function callback(aPlainText){}) | |||
window.cipher.pk.sign(aPlainText, function callback(aSignature){}) | |||
window.cipher.pk.verify(aDecryptedPlainText, aSignature, aPublicKey, function callback(aBoolean){}) | |||
window.cipher.hash.SHA256(aPlainText, function callback(aHash){}) | |||
</pre> | |||
|Feature implementation plan===== Next Steps ==== | |||
* Get the discussion going with other browser vendors, WHAT-WG, W3C, TC-39 | |||
* Port extension over to Firefox/DOM code: initial patch ready for review | |||
* Use ChromeWorkers / callbacks for all API methods - done | |||
* Test suite - done | |||
* New name for the DOM property, currently using 'window.cipher' - this is secondary to how the API operates. perhaps we will integrate this with window.crypto or stick it inside "navigator.crypto" | |||
==== Background ==== | |||
* This code is heavily based on parts of WeaveCrypto that was excised from mozilla-central, when Sync switched to J-PAKE crypto | |||
|Feature qa review=We have a mochitest browser test suite in place in the patch in {{bug|649154}} | |||
}} | |||
{{FeatureInfo | |||
|Feature priority=Unprioritized | |||
}} | |||
{{FeatureTeamStatus}} | |||
== Other Documentation == | |||
David Dahl has been working on this project over the past couple of years as a side project. Starting with content-based crypto via wordpress' AES implementation, moving to WeaveCrypto-based extensions and sites like https://droplettr.com - the realization dawned that starting small is the best bet in this endeavor: a single DOM property. | |||