Set follow-up to moz.crypto
The Keygen element has always been Netscape-proprietary. It outputted
a Signed Public Key and Challenge (SPKAC).
However, there is an equally proprietary way to do a similar thing
through a DOM object, which may be accessible through javascript in and
XHTML page.
crmfObject = crypto.generateCRMFRequest(
subject.value, // 'CN=Fred'
"regToken", "authenticator", // not sure
null, // base-64 cert for key
// escrow. set this to null
"setCRMFRequest();", // callback
1024, null, keyGenAlg); // key parameters
keyGenAlg can be "rsa-sign" (signature key) or "rsa-ex" (encryption)
or "rsa-dual-use" (both)
the cert request (in CRMF format) is retrieved by accessing:
crmfObject.request;
This is analagous to the the XEnroll API in CAPI, which IE uses during
an enrollment.
Steve
Deron Meranda wrote:
The <keygen> element (used to generate client-side SSL certificate
keypairs) works as expected when the <form> page is of type "text/html".
However if the page is served as the standard content-type of
"application/xhtml+xml" then the <keygen> element is ignored.
I sort of expect this since keygen is an HTML extension and not part of
the official W3C specs. But how can I get it to work while still using
the prefered application/xhtml+xml content type? Is there an XML
namespace I need to mix into the document? For that matter where is
the <keygen> element officially specified nowdays?
Deron Meranda
_______________________________________________
mozilla-crypto mailing list
[email protected]
http://mail.mozilla.org/listinfo/mozilla-crypto
