564
edits
Changes
Created page with "= DOMCrypt 'window.mozCipher' Specification = ;DRAFT ;Version 0.1 == Introduction == This document describes a proposed Javascript Cryptography API available in web browsers ..."
= DOMCrypt 'window.mozCipher' Specification =
;DRAFT
;Version 0.1
== Introduction ==
This document describes a proposed Javascript Cryptography API available in web browsers to allow any web page script the ability to generate asymmetric key pairs, encrypt, decrypt, sign, verify, hash data ( via a variety of algorithms ) as well as the discovery and persistence of a contact's public key.
== Terms ==
; DOMCrypt
: A generic label for the entire crypto API originating in the open source project 'DOMCrypt'
; mozCipher
: The proposed moz-prefixed window property name for this API
; mozCipher Configuration
: A JSON object that stores the user's private key and public key
; Public Key
: The public half of an asymmetric key pair
; Private Key
: The private half of an asymmetric key pair
; mozCipherAddressbook or Addressbook
: A JSON object containing a user's contact's public key. This is also a term used to avoid such cryptography lingo as 'key', 'key ring'
; AddressbookEntry
: A JSON object that contains a contact's public key. The addressbook and AddressbookEntry nomenclature is used to simplify the way refer to public keys and key rings. e.g.: I need Natasha's AddressbookEntry in order to send her a private message (and she will need my AddressbookEntry to reply).
== Objects ==
Note: Object definitions below are written in JSON.
;mozCipherConfiguration
A JSON Object which labels the keypairs, staring with a "default" keypiar. This allows for multiple keypairs in the future.
{
"default": {
"created" : 1305140629979,
"privKey" : <BASE64 ENCODEDED PRIVATE KEY>,
"pubKey" : <BASE64 ENCODEDED PUBLIC KEY>,
"salt" : <ENCODED or ENCRYPTED Salt>,
"iv" : <ENCODED or ENCRYPTED IV>,
"algorithm" : "AES_256_CBC",
}
;mozCipherAddressbook
The JSON object containing a user's contact's public keys
[
{
"id" : <a unique id, e.g: an email address>,
"handle" : "natasha",
"domain" : "domcrypt.org",
"pubKey" : <BASE64 ENCODED PUBLIC KEY>,
"created" : 1305140629979,
},
]
== Browser Window property ==
;window.mozCipher
All web pages will have this property. The property is namespaced in order to provide future capabilities. The current design is asynchronous and looks like this:
{
pk: {
// Public Key API
set algorithm(algorithm){ },
get algorithm(){ },
// Generate a keypair and then execute the callback function
generateKeypair: function ( function callback( aPublicKey ) { } ) { }
// encrypt a plainText
encrypt: function ( plainText, function callback (cipherMessageObject) ) { } ) { }
// decrypt a cipherMessage
decrypt: function ( cipherMessageObject, function callback ( plainText ) { } ) { }
// sign a message
sign: function ( plainText, function callback ( signature ) { } ) { }
// verify a signature
verify: function ( signature, plainText, function callback ( boolean ) { } ) { }
// get the JSON mozCipherAddressbook
get addressbook() {}
// make changes to the addressbook
saveAddressbook: function (JSONObject, function callback () { }) { }
},
hash: {
SHA256: function (function callback (hash){}) { }
}
}
== PublicKey discovery ==
A user discovers public keys (addressbook entries) in the markup of a web page as a meta tag. The browser alerts the user that an 'addressbookEntry' has been published. the user then has the option to save it to the mozCipherAddressbook
;addressbookEntry
<meta name="addressbook-entry"
pubkey="MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1vW1laRyBkIfdeB2GQT+rz4dRwYUMtQJQ4Z8/QJCQj5qFuYKqcUn+8UssedWMjygRME1Eamcv5X5HLvphYMaRufk4PvKXLNq0Xh7cmNLcpQT639v+RjWpvHNWsdtYfd80nKCf1S46TlbH2/aw/+tcdLdj8MOTDtzII2oCcXU8B8PXNf49rcNMv8KagjC6LMQDrgvmZ56T1J3wHtQAH/QXGvh4WjQc2sWC/V+2xGkQL4+4yeP7STJBQXKmmqanExsqmwii1rV0Rd2GQnJRaSj+56HMDbZkLnZsxJExul5vu6ec+nBfACxWDMVCeVWbYxBpfURgC5nDsznkgT5VhXOJwIDAQAB",
handle="natasha",
domain="droplettr.com"
date="1298322911812",
algorithm="AES_256_CBC">
</meta>
== References ==
*DOMCrypt: http://domcrypt.org
*mozCipher mozilla bugs:
**https://bugzilla.mozilla.org/show_bug.cgi?id=649154
**https://bugzilla.mozilla.org/show_bug.cgi?id=657432
;DRAFT
;Version 0.1
== Introduction ==
This document describes a proposed Javascript Cryptography API available in web browsers to allow any web page script the ability to generate asymmetric key pairs, encrypt, decrypt, sign, verify, hash data ( via a variety of algorithms ) as well as the discovery and persistence of a contact's public key.
== Terms ==
; DOMCrypt
: A generic label for the entire crypto API originating in the open source project 'DOMCrypt'
; mozCipher
: The proposed moz-prefixed window property name for this API
; mozCipher Configuration
: A JSON object that stores the user's private key and public key
; Public Key
: The public half of an asymmetric key pair
; Private Key
: The private half of an asymmetric key pair
; mozCipherAddressbook or Addressbook
: A JSON object containing a user's contact's public key. This is also a term used to avoid such cryptography lingo as 'key', 'key ring'
; AddressbookEntry
: A JSON object that contains a contact's public key. The addressbook and AddressbookEntry nomenclature is used to simplify the way refer to public keys and key rings. e.g.: I need Natasha's AddressbookEntry in order to send her a private message (and she will need my AddressbookEntry to reply).
== Objects ==
Note: Object definitions below are written in JSON.
;mozCipherConfiguration
A JSON Object which labels the keypairs, staring with a "default" keypiar. This allows for multiple keypairs in the future.
{
"default": {
"created" : 1305140629979,
"privKey" : <BASE64 ENCODEDED PRIVATE KEY>,
"pubKey" : <BASE64 ENCODEDED PUBLIC KEY>,
"salt" : <ENCODED or ENCRYPTED Salt>,
"iv" : <ENCODED or ENCRYPTED IV>,
"algorithm" : "AES_256_CBC",
}
;mozCipherAddressbook
The JSON object containing a user's contact's public keys
[
{
"id" : <a unique id, e.g: an email address>,
"handle" : "natasha",
"domain" : "domcrypt.org",
"pubKey" : <BASE64 ENCODED PUBLIC KEY>,
"created" : 1305140629979,
},
]
== Browser Window property ==
;window.mozCipher
All web pages will have this property. The property is namespaced in order to provide future capabilities. The current design is asynchronous and looks like this:
{
pk: {
// Public Key API
set algorithm(algorithm){ },
get algorithm(){ },
// Generate a keypair and then execute the callback function
generateKeypair: function ( function callback( aPublicKey ) { } ) { }
// encrypt a plainText
encrypt: function ( plainText, function callback (cipherMessageObject) ) { } ) { }
// decrypt a cipherMessage
decrypt: function ( cipherMessageObject, function callback ( plainText ) { } ) { }
// sign a message
sign: function ( plainText, function callback ( signature ) { } ) { }
// verify a signature
verify: function ( signature, plainText, function callback ( boolean ) { } ) { }
// get the JSON mozCipherAddressbook
get addressbook() {}
// make changes to the addressbook
saveAddressbook: function (JSONObject, function callback () { }) { }
},
hash: {
SHA256: function (function callback (hash){}) { }
}
}
== PublicKey discovery ==
A user discovers public keys (addressbook entries) in the markup of a web page as a meta tag. The browser alerts the user that an 'addressbookEntry' has been published. the user then has the option to save it to the mozCipherAddressbook
;addressbookEntry
<meta name="addressbook-entry"
pubkey="MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1vW1laRyBkIfdeB2GQT+rz4dRwYUMtQJQ4Z8/QJCQj5qFuYKqcUn+8UssedWMjygRME1Eamcv5X5HLvphYMaRufk4PvKXLNq0Xh7cmNLcpQT639v+RjWpvHNWsdtYfd80nKCf1S46TlbH2/aw/+tcdLdj8MOTDtzII2oCcXU8B8PXNf49rcNMv8KagjC6LMQDrgvmZ56T1J3wHtQAH/QXGvh4WjQc2sWC/V+2xGkQL4+4yeP7STJBQXKmmqanExsqmwii1rV0Rd2GQnJRaSj+56HMDbZkLnZsxJExul5vu6ec+nBfACxWDMVCeVWbYxBpfURgC5nDsznkgT5VhXOJwIDAQAB",
handle="natasha",
domain="droplettr.com"
date="1298322911812",
algorithm="AES_256_CBC">
</meta>
== References ==
*DOMCrypt: http://domcrypt.org
*mozCipher mozilla bugs:
**https://bugzilla.mozilla.org/show_bug.cgi?id=649154
**https://bugzilla.mozilla.org/show_bug.cgi?id=657432
