- From: Ersun Warncke <ersun.warncke@gmail.com>
- Date: Wed, 9 May 2012 18:52:34 -0700
- To: public-webcrypto@w3.org
I tossed this together as a rough example of what I personally would like to use as an API. A few things: -I would prefer to see Cipher/Hash/HMAC providers as stand alone objects that can be instantiated. This enables decrypting one stream and encrypting another, or encrypting a stream while at the same time hashing it. The current API spec seems to use this model for Hash/HMAC but not for encryption/signing? -I view allowing incremental reads/writes to/from the cryptography provider as essential -I would strongly recommend against using abbreviations (pk, sym) -I think it is necessary to provide a highly configurable low level cryptography provider in order to maintain compatibility with a whole range of legacy applications and enable the API to remain relevant -Magic wrapper functions that encrypt, pad, sign in one fell swoop are better left to the public developer community (i.e. give them the low level tools they need to create innovative user-friendly implementations) -For efficiency's sake I think it would be a good idea to allow for hashing/ciphering on the same data stream at the same time See below for a rough API sketch along the lines I am thinking. Thanks, Ersun Warncke var crypto = new window.crypto.Cipher(); var crypto = new window.crypto.Hash(); var crypto = new window.crypto.HMAC(); crypto.availableCryptoAlgorithms(); cyrpto.availableSignatureAlgorithms(); crypto.availablePaddingAlgorithms(); crypto.availableBlockModes(); crypto.availableHashAlogrithms(); crypto.setCryptoAlgorithm(); crypto.setSignatureAlgorithm(); crypto.setPaddingAlgorithm(); crypto.setBlockMode(); crypto.setHashAlgorithm(); crypto.setKey(); crypto.start(); crypto.addBytes(); crypto.finish(); crypto.encrypt(); crypto.decrypt(); crypto.sign(); crypto.verify(); crypto.hash(); crypto.hmac(); crypto.getBytes(); crypto.getSignature(); crypto.getHash(); crypto.getHMAC();
Received on Thursday, 10 May 2012 15:48:18 UTC