Anders Rundgren wrote: > An OASIS TC is currently toying with the idea that Mozilla Firefox can, > without adding any native extension code, perform XML Signatures and > possibly also XML Encryption, by an invocation from a web page: > > http://www.oasis-open.org/committees/download.php/16304/agsc-tpki-requirements-00.txt > > To my knowledge the only thing available in a standard distribution is the > "signText()" function.
Assuming that by "the only thing available", you mean "available to sign form data by an invocation from a web page", I believe the answer is: yes. The implementatin of nsCrypto::SignText is here: http://lxr.mozilla.org/security/source/security/manager/ssl/src/nsCrypto.cpp#2083 > signText only supports the signing of a plain/text > string (at least if the user is taken in consideration...). I think the string can be in any character set, whatever character set is used for the form data. If it is UTF16, I believe it is converted to UTF8. > In addition the signature is limited to PKCS #7. Yes, the signature is PKCS 7. > Could somebody ON THIS LIST (not off-list) verify (or not) this statement? I think this reply satisfies your request, but I'm not sure. I would add that I believe Alexei Sanin has developed an XML DSIG and XML encryption extension for FireFox. I know he has developed some XML DSIG code that uses mozilla's NSS crypto libraries. I'm merely unsure that his code is an extension for firefox. -- Nelson B _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
