trunion refactor: migrate trunion.crypto and trunion.ephemeral to purpose specific classes

RESOLVED WONTFIX

Status

P3
normal
RESOLVED WONTFIX
4 years ago
19 days ago

People

(Reporter: rtilder, Assigned: rtilder)

Tracking

x86
Mac OS X
Points:
---
Dependency tree / graph

Details

(URL)

(Assignee)

Description

4 years ago
The overloading that currently occurs in trunion.crypto.KeyStore for the various types of signing is bad juju.  Clean it up by creating separate trunion.credentials.* and trunion.signing.* flat-ish hierarchies.

Credentials:

 - Simple OpenSSL keys
 - OpenSSL engine keys for prod HSM
 - Javascript Web Key/Token/Signature(JW*)
 - SoftHSM, maybe?

Signing styles:

 - Our weird JWS with a pseudo-certificate for receipts
 - Basic XPI signing for FirefoxOS privileged apps
 - Addons styled XPI signing with generated ephemeral certificates
(Assignee)

Updated

4 years ago
Blocks: 1118050
Priority: -- → P3
Status: NEW → RESOLVED
Last Resolved: 3 years ago
Resolution: --- → WONTFIX
Whiteboard: [marketplace-transition]

Comment 1

3 years ago
Trunion is still used by AMO.
Status: RESOLVED → REOPENED
Resolution: WONTFIX → ---
Whiteboard: [marketplace-transition]

Comment 2

19 days ago
Firefox Marketplace has been shut down since March. Closing remaining bugs.
Status: REOPENED → RESOLVED
Last Resolved: 3 years ago19 days ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.