Accessing Firefox key store for signing
Dear Team, Is there any way we can digitally sign the transaction in a web app by using the certificate stored at Firefox's key store. Best Regards, Nisar Hassan Professional Service Engineer (PKI Department) National Institutional Facilitation Technologies (Pvt.) Ltd. 5th Floor, AWT Plaza, I.I. Chundrigar Road, Karachi-74200. ' UAN: (92-21) 111-112-222 Ext 243. * nisar.has...@nift.pk -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
deactivate Web Cryptography API
Hello, we are using Firefox. But we want to deactivate the API "Web Cryptography API". We are using an addon for this case -> "WEB API MANAGER". Our target is to deactivate this setting without using an addon. Is there any possibility for our Use Case ? The Addon blocks the following things: "Crypto.prototype.getRandomValues", "SubtleCrypto.prototype.decrypt", "SubtleCrypto.prototype.deriveBits", "SubtleCrypto.prototype.deriveKey", "SubtleCrypto.prototype.digest", "SubtleCrypto.prototype.encrypt", "SubtleCrypto.prototype.exportKey", "SubtleCrypto.prototype.generateKey", "SubtleCrypto.prototype.importKey", "SubtleCrypto.prototype.sign", "SubtleCrypto.prototype.unwrapKey", "SubtleCrypto.prototype.verify", "SubtleCrypto.prototype.wrapKey", "window.crypto" -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: deactivate Web Cryptography API
On Sat, May 25, 2019 at 2:03 AM wrote: > Hello, > > we are using Firefox. But we want to deactivate the API "Web Cryptography > API". We are using an addon for this case -> "WEB API MANAGER". Our target > is to deactivate this setting without using an addon. > > Is there any possibility for our Use Case ? > > > The Addon blocks the following things: > > "Crypto.prototype.getRandomValues", > "SubtleCrypto.prototype.decrypt", > "SubtleCrypto.prototype.deriveBits", > "SubtleCrypto.prototype.deriveKey", > "SubtleCrypto.prototype.digest", > "SubtleCrypto.prototype.encrypt", > "SubtleCrypto.prototype.exportKey", > "SubtleCrypto.prototype.generateKey", > "SubtleCrypto.prototype.importKey", > "SubtleCrypto.prototype.sign", > "SubtleCrypto.prototype.unwrapKey", > "SubtleCrypto.prototype.verify", > "SubtleCrypto.prototype.wrapKey", > "window.crypto" > -- Why do you want to remove Web Platform APIs? Especially those that have no storage or hardware interaction? > > -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Accessing Firefox key store for signing
On Sat, May 25, 2019 at 2:03 AM Nisar Hassan wrote: > Dear Team, > > > > Is there any way we can digitally sign the transaction in a web app by > using > the certificate stored at Firefox's key store. > > Best Regards, > > Nisar Hassan > > Professional Service Engineer (PKI Department) > > National Institutional Facilitation Technologies (Pvt.) Ltd. > > 5th Floor, AWT Plaza, I.I. Chundrigar Road, Karachi-74200. > > ' UAN: (92-21) 111-112-222 Ext 243. > > * nisar.has...@nift.pk No APIs for interacting with users’ smartcards or certificates are provided by the Web Platform. You can use TLS mutual authentication to identify the user, if the user chooses to use such a certificate, but there is no access provided to potentially hostile web pages to use users’ certificates or private keys. You can, however, use extensions that the user explicitly installs. > > -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto