The HTTP protocol does not affect content so if there is a problem it is likely to be in the browser, either in DOM or in security. Since signText seems to be built on e-mail security it may even be S/MIME canonicalization involved.
Anders ----- Original Message ----- From: "eloy_iv" <[EMAIL PROTECTED]> Newsgroups: mozilla.dev.tech.crypto To: <> Sent: Wednesday, April 25, 2007 13:35 Subject: Re: CRLF problem when verifiying a signature signtext() After doing some thinking, the problem is how Javascript/DOM engine interprets values in HTML documents. Simply type some lines in a HTML textarea and ask its value from Javascript. If you inspect every char code (String::charCodeAt(int)) you will see line breaks as single 0x0A byte (LF linefeed). The same in IE would return 0x0D 0x0A pair (CRLF). The question is, how is HTTP protocol providing line breaks on page requests? As LF or as CRLF? On Apr 24, 10:47 am, Nelson Bolyard <[EMAIL PROTECTED]> wrote: > Mariano wrote: > > I am having problems when verifying a signature produced with > > crypto.signtext() in Firefox. The data is coming inside a textarea in the > > HTML. It has several line breaks. When passing the to signtext(), the String > > reads line breaks as one byte LF (0x13 ASCII). However, the original data > > has > > CRLF line breaks, so signature verification fails. > > > Does anyone know why Javascript/Crypto takes line breaks as single byte LF > > instead of CRLF? > > IIRC and IINM, the present implementation of crypto.signtext was contributed > by a person who has no ongoing involvement with NSS or PSM. So, that code > is more or less an orphan. It needs someone who will debug it. Volunteers? _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
