Privacy/Features/DOMCryptAPI/UseCases

From MozillaWiki
< Privacy‎ | Features‎ | DOMCryptAPI
Revision as of 22:17, 31 May 2011 by Ddahl (talk | contribs) (Created page with "== DOMCrypt API Use Cases == === Messaging === * Natasha and Boris would like to message one another privately via a web application. The server is untrusted and all message da...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

DOMCrypt API Use Cases

Messaging

  • Natasha and Boris would like to message one another privately via a web application. The server is untrusted and all message data that Natasha sends to the server should be encrypted so only Boris can read it after downloading. A server compromise will net the server's attacker only blobs of useless data. This web application will use the Public Key API.

Example Code:

var publicKey = messagingApp.getPublicKey("boris");

var plainText = "Hey, wanna grab a root beer with me after work?";

window.cipher.pk.encrypt(plainText, publicKey, function callback(aCipherMessage) {
  // Asynchronous crypto API - the plainText is encrypted and the CipherMessage object is returned to this callback function
  // aCipherMessage is a JS object literal: 
  //   { content: <ENCRYPTED, BASE64 Encoded String>, 
  //     pubKey: <PUBLICKEY used to encrypt the a symmetric key>, 
  //     wrappedKey: <SYMMETRIC KEY wrapped with the recipient's public key>,
  //     iv: <Initialization Vector> 
  //   }
  messagingApp.sendMessage(aCipherMessage, {from: 'natasha', to: 'boris'});
});