Closed
Bug 924396
Opened 11 years ago
Closed 4 months ago
Make it easier to use NSS for low-level crypto
Categories
(NSS :: Libraries, defect, P5)
Tracking
(Not tracked)
RESOLVED
WONTFIX
People
(Reporter: mitr, Unassigned)
Details
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0 (Beta/Release) Build ID: 20130917102605 Steps to reproduce: Please consider adding easier to use / lite functions for low-level cryptography that hide most of the implementation details. At the very least, most applications shouldn't need to worry about the existence of slots. Would it make sense to make it also easy to import raw key material for an one-shot operation, e.g. integrate PK11_GetBestSlot+PK11_ImportSymKeyWithFlags+PK11_CreateContextBySymKey? This would encourage handling raw key material directly, which is not desirable for newly designed applications - OTOH it would make NSS less scary to use for applications that by design and unavoidably need to handle raw key material. This might possibly start with making encryption/decryption available in the cryptohi layer; because cryptohi already covers signatures and hashes, this would leave key handling (import/export/wrapping/derivation). Related: #924390 for not requiring applications to manipulate SECItem structures.
Comment 1•10 years ago
|
||
Will the WebCrypto API[1] provide what you need? [1] http://www.w3.org/TR/WebCryptoAPI/
Reporter | ||
Comment 2•10 years ago
|
||
(In reply to Florian Bender from comment #1) > Will the WebCrypto API[1] provide what you need? > > [1] http://www.w3.org/TR/WebCryptoAPI/ How can a JavaScript API be a better alternative for C applications?
Comment 3•10 years ago
|
||
Sorry, I was under the impression that you wanted this for WebApps. Nevermind.
Updated•2 years ago
|
Severity: normal → S3
Updated•4 months ago
|
Severity: S3 → S4
Status: UNCONFIRMED → RESOLVED
Closed: 4 months ago
Priority: -- → P5
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•