Closed Bug 1239559 Opened 5 years ago Closed 5 years ago

Reuse SRI code in NSec verification

Categories

(Firefox :: Security, defect)

defect
Not set
normal

Tracking

()

RESOLVED WONTFIX

People

(Reporter: jhao, Assigned: jhao)

References

Details

SRI also deals with hash value check. We should reuse their code.
SRI hash values has a prefix specifying hash type like sha256, sha512, etc.
Currently NSec packages' hashes don't, and I am going to fix that.

I thought we could reuse SRI's code, but it seems SRICheckDataVerifier needs a nsIChannel and nsIDocument, which we don't have in our context.

So, I'll probably process those hash prefix on my own.
Closing this bug because New Security Model project was stopped.
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.