Closed Bug 1123789 Opened 10 years ago Closed 6 years ago

trunion refactor: migrate trunion.crypto and trunion.ephemeral to purpose specific classes

Categories

(Marketplace Graveyard :: Payments/Refunds, defect, P3)

Product:
Marketplace Graveyard
Component:
Payments/Refunds
Platform:
x86
macOS
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: rtilder, Assigned: rtilder)

References

(
URL
)

Details

The overloading that currently occurs in trunion.crypto.KeyStore for the various types of signing is bad juju. Clean it up by creating separate trunion.credentials.* and trunion.signing.* flat-ish hierarchies. Credentials: - Simple OpenSSL keys - OpenSSL engine keys for prod HSM - Javascript Web Key/Token/Signature(JW*) - SoftHSM, maybe? Signing styles: - Our weird JWS with a pseudo-certificate for receipts - Basic XPI signing for FirefoxOS privileged apps - Addons styled XPI signing with generated ephemeral certificates
Blocks: 1118050
Priority: -- → P3
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → WONTFIX
Whiteboard: [marketplace-transition]
Trunion is still used by AMO.
Status: RESOLVED → REOPENED
Resolution: WONTFIX → ---
Whiteboard: [marketplace-transition]
Firefox Marketplace has been shut down since March. Closing remaining bugs.
Status: REOPENED → RESOLVED
Closed: 9 years ago6 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.