668
edits
BrowserID Key Wrapping: Difference between revisions
→Content API
| Line 25: | Line 25: | ||
=== Content API === | === Content API === | ||
navigator.id.secret.wrap( | With the new BrowserID API that keeps track of whether user is logged in, we don't need to feed in the assertion anymore. But we do feed in the identity, in case there's a disconnect. | ||
navigator.id.secret.unwrap( | |||
navigator.id.secret.wrap(identity, plainKey, successCB, failureCB); | |||
navigator.id.secret.unwrap(identity, wrappedKey, successCB, failureCB); | |||
We use the XHR approach, with one callback for success and one for failure. | We use the XHR approach, with one callback for success and one for failure. | ||
The audience of the assertion must match the origin of the content, and a wrapped key can only be unwrapped by the same origin that wrapped it. | The audience of the assertion must match the origin of the content, and a wrapped key can only be unwrapped by the same origin that wrapped it. | ||
Since we don't want web sites to have to deal with their own key-generation process when we already have to solve that, we also introduce: | |||
navigator.id.secret.generateAndWrap(identity, successCB, failureCB); | |||
=== Internal API === | === Internal API === | ||