Labs/Secret: Difference between revisions
< Labs
Jump to navigation
Jump to search
(→Secret) |
(→Goals) |
||
| Line 24: | Line 24: | ||
* Hard to screw up - reasonably safe defaults, good samples & docs | * Hard to screw up - reasonably safe defaults, good samples & docs | ||
* Async support? | * Async support? | ||
* feature-detection: give programs a way to reliably discover whether each feature is available or not, make it easy to add new features over time. Maybe tell developers to use e.g. 'crypto.v1.RSA', or add a get_version() function, or has_feature("rsa"), etc. | |||
= Non Goals = | = Non Goals = | ||
Revision as of 20:39, 10 June 2010
Secret
The Secret library (real name TBD) is a general-purpose cryptography API and implementation for JavaScript.
Our plan is to design a modern API and first expose it to chrome JS (for browser add-ons), and later expose it to content as well.
Drivers
Goals
- Give tools to developers
- Deliver an API
- Deliver a fast implementation of a subset of that API
- Make it possible for others to implement the API, both using native code and in pure JS
- Desirable Properties
- Good JS feel to the API
- Good error messaging
- Hard to screw up - reasonably safe defaults, good samples & docs
- Async support?
- feature-detection: give programs a way to reliably discover whether each feature is available or not, make it easy to add new features over time. Maybe tell developers to use e.g. 'crypto.v1.RSA', or add a get_version() function, or has_feature("rsa"), etc.
Non Goals
- Expose HW acceleration to consumers of this API (but HW accel could be used if the API implementor can & wants)
- Implement end-to-end high level solutions, see Features below for examples
Use Cases
- Weave
- Protecting bookmarks/user data
- Exchange credentials
- Account Manager
- Could use keys to prove ownership of an account, no passwords needed
- Using crypto to prove access to an account Petname toolbar
- Looks into SSL certs, etc
- Tahoe
- Uses symmetric crypto, and asymmetric signatures
- Encrypted mail (decryption in content)
Features
Primitives Level
- bytestring
- bigint
- (u)random (optional blocking, calls out to OS)
Low Level
- Packing
- ASN.1/DER
- Base64
- Charset conversion/encoding (UTF8, UCS2)
- HTML FileAPI FileBlob
Mid Level
- Symmetric crypto
- Algorithms: AES
- Modes: CBC, CTR, (XTS? EAX?)
- Asymmetric crypto
- RSA
- (EC)DSA
- (EC)DH
- Hashing
- Algorithms: SHA1, SHA256
- HMAC
- Key generation
- PBKDF2
- Smartcard/token (?)
- Key exchange
- J-PAKE
High Level
- High-level primitives are OK
- NaCl-style box/unbox
No plans to support any high-level implementations of particular use-cases, including:
- Cert stuff (signing, etc)
- PKCS
- SSL
- X509