Hi, I'm in the Firefox OS Security team and I'm starting working on adding support for stronger passwords in the Firefox OS lockscreen (bug 877541) [1]. At the moment, only a 4-digit password can be configured and we want to improve that for FxOS 1.4 (March 2014).
Some time ago, David Dahl provided on a patch for having hashing functions in Gecko: it's a JSM living next to the SettingsManager for FxOS [2]. Supported algorithms are sha256, sha384 and sha512. But having a set of hashing functions that could be called from anywhere would definitely be best. My question is: Could/should it be implemented in the Javascript crypto API? I am not really familiar with the state of progress of that API. At the time it was discussed, it wasn't conceivable. Or is it better to keep it as a module in Gecko, as David started doing, and build a kind of "mozHash" webAPI? Thanks! [1] https://bugzilla.mozilla.org/show_bug.cgi?id=877541 [2] https://bug877541.bugzilla.mozilla.org/attachment.cgi?id=779450 Stéphanie -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
