Search completed in 1.16 seconds.
XForms Secret Element - Archive of obsolete content
type restrictions the
secret element can be bound to a node containing simple content of any data type except xsd:base64binary, xsd:hexbinray or any data type derived from these.
... representations the xforms
secret element is represented by a password field.
SubtleCrypto.deriveKey() - Web APIs
the derivekey() method of the subtlecrypto interface can be used to derive a
secret key from a master key.
... syntaxerror raised when keyusages is empty but the unwrapped key is of type
secret or private.
...it enables two people who each have an ecdh public/private key pair to generate a shared
secret: that is, a
secret that they — and noone else — share.
...And 7 more matches
Introduction to SSL - Archive of obsolete content
use public-key encryption techniques to generate shared
secrets.
... using all data generated in the handshake so far, the client (with the cooperation of the server, depending on the cipher being used) creates the premaster
secret for the session, encrypts it with the server's public key (obtained from the server's certificate, sent in step 2), and sends the encrypted premaster
secret to the server.
...in this case the client sends both the signed data and the client's own certificate to the server along with the encrypted premaster
secret.
...And 6 more matches
Index
this strategy allows nss to work with many hardware devices (e.g., to speed up the calculations required for cryptographic operations, or to access smartcards that securely protect a
secret key) and software modules (e.g., to allow to load such modules as a plugin that provides additional algorithms or stores key or trust information) that implement the pkcs#11 interface.
... some cryptography uses the same
secret key for both encrypting and decrypting, for example password based encryption (pbe).
...it's also required that you safely keep your own
secret keys that belong to your own certificates.
...And 6 more matches
JSS Provider Notes
dsakpg.initialize(1024); keypair dsapair = dsakpg.generatekeypair(); supported classes cipher dsaprivatekey dsapublickey keyfactory keygenerator keypairgenerator mac messagedigest rsaprivatekey rsapublickey
secretkeyfactory
secretkey securerandom signature what's not supported the following classes don't work very well: keystore: there are many serious problems mapping the jca keystore interface onto nss's model of pkcs #11 modules.
... mac supported algorithms notes hmacsha1 (hmac-sha1 ) any
secret key type (aes, des, etc.) can be used as the mac key, but it must be a jss key.
... that is, it must be an instanceof org.mozilla.jss.crypto.
secretkeyfacade.
...And 5 more matches
NSS Key Log Format
you can tell wireshark where to find the key file via edit→preferences→protocols→ssl→(pre)-master-
secret log filename.
...
secrets follow the format <label> <space> <clientrandom> <space> <
secret> where: <label> describes the following
secret.
... <
secret> depends on the label (see below).
...And 5 more matches
jpm - Archive of obsolete content
you can sign an xpi you've already generated by passing the xpi file in the --xpi argument, like this: jpm sign --api-key ${jwt_issuer} --api-
secret ${jwt_
secret} --xpi <xpi file> alternatively, you can omit the --xpi argument, in which case jpm sign will generate an xpi from the current directory (or --addon-dir).
... jpm sign --api-key ${jwt_issuer} --api-
secret ${jwt_
secret} this submits an xpi it to the addons.mozilla.org signing api, then downloads a signed xpi to the working directory if it passes validation.
... to get values for --api-key and --api-
secret, you will need to create api credentials on addons.mozilla.org.
...And 4 more matches
An overview of NSS Internals
this strategy allows nss to work with many hardware devices (e.g., to speed up the calculations required for cryptographic operations, or to access smartcards that securely protect a
secret key) and software modules (e.g., to allow to load such modules as a plugin that provides additional algorithms or stores key or trust information) that implement the pkcs#11 interface.
... some cryptography uses the same
secret key for both encrypting and decrypting, for example password based encryption (pbe).
...it's also required that you safely keep your own
secret keys that belong to your own certificates.
...And 4 more matches
Mozilla-JSS JCA Provider notes
dsakpg.initialize(1024); keypair dsapair = dsakpg.generatekeypair(); supported classes cipher dsaprivatekey dsapublickey keyfactory keygenerator keypairgenerator mac messagedigest rsaprivatekey rsapublickey
secretkeyfactory
secretkey securerandom signature cipher supported algorithms notes aes des desede (des3) rc2 rc4 rsa the following modes and padding schemes are supported: algorithm mode padding des ecb nopadding cbc nopadding pkcs5 padding des...
... mac supported algorithms notes hmacsha1 (hmac-sha1) any
secret key type (aes, des, etc.) can be used as the mac key, but it must be a jss key.
... that is, it must be an instanceof org.mozilla.jss.crypto.
secretkeyfacade.
...And 4 more matches
SubtleCrypto.importKey() - Web APIs
exceptions the promise is rejected when one of the following exceptions is encountered: syntaxerror raised when keyusages is empty but the unwrapped key is of type
secret or private.
... raw you can use this format to import or export aes or hmac
secret keys, or elliptic curve public keys.
... json web key you can use json web key format to import or export rsa or elliptic curve public or private keys, as well as aes and hmac
secret keys.
...And 4 more matches
<input type="hidden"> - HTML: Hypertext Markup Language
improving website security hidden inputs are also used to store and submit security tokens or
secrets, for the purposes of improving website security.
... the basic idea is that if a user is filling in a sensitive form, such as a form on their banking website to transfer some money to another account, the
secret they would be provided with would prove that they are who they say they are, and that they are using the correct form to submit the transfer request.
...this kind of attack is called a cross site request forgery (csrf); pretty much any reputable server-side framework uses hidden
secrets to prevent such attacks.
...And 3 more matches
Encryption and Decryption - Archive of obsolete content
with most modern cryptography, the ability to keep encrypted information
secret is based not on the cryptographic algorithm, which is widely known, but on a number called a key that must be used with the algorithm to produce an encrypted result or to decrypt previously encrypted information.
...thus, as long as the symmetric key is kept
secret by the two parties using it to encrypt communications, each party can be sure that it is communicating with the other as long as the decrypted messages continue to make sense.
... symmetric-key encryption is effective only if the symmetric key is kept
secret by the two parties involved.
...And 2 more matches
Working with JSON - Learn web development
this allows you to construct a data hierarchy, like so: { "squadname": "super hero squad", "hometown": "metro city", "formed": 2016, "
secretbase": "super tower", "active": true, "members": [ { "name": "molecule man", "age": 29, "
secretidentity": "dan jukes", "powers": [ "radiation resistance", "turning tiny", "radiation blast" ] }, { "name": "madame uppercut", "age": 39, "
secretidentity": "jane wilson", "powers": [ "million tonne punc...
...h", "damage resistance", "superhuman reflexes" ] }, { "name": "eternal flame", "age": 1000000, "
secretidentity": "unknown", "powers": [ "immortality", "heat immunity", "inferno", "teleportation", "interdimensional travel" ] } ] } if we loaded this object into a javascript program, parsed in a variable called superheroes for example, we could then access the data inside it using the same dot/bracket notation we looked at in the javascript object basics article.
...the reason we said "mostly right" is that an array is also valid json, for example: [ { "name": "molecule man", "age": 29, "
secretidentity": "dan jukes", "powers": [ "radiation resistance", "turning tiny", "radiation blast" ] }, { "name": "madame uppercut", "age": 39, "
secretidentity": "jane wilson", "powers": [ "million tonne punch", "damage resistance", "superhuman reflexes" ] } ] the above is perfectly valid json.
...And 2 more matches
sslfnc.html
syntax #include "ssl.h" secstatus ssl_securitystatus( prfiledesc *fd, int *on, char **cipher, int *keysize, int *
secretkeysize, char **issuer, char **subject); parameters this function has the following parameters: fd the file descriptor for the ssl socket.
...
secretkeysize a pointer to an integer.
... on output, the integer indicates the size, in bits, of the
secret portion of the session key used (also known as the "effective key size").
...And 2 more matches
SubtleCrypto.deriveBits() - Web APIs
we then use alice's private key and bob's public key to derive a shared
secret.
... async function deriveshared
secret(privatekey, publickey) { const shared
secret = await window.crypto.subtle.derivebits( { name: "ecdh", namedcurve: "p-384", public: publickey }, privatekey, 128 ); const buffer = new uint8array(shared
secret, 0, 5); const shared
secretvalue = document.queryselector(".ecdh .derived-bits-value"); shared
secretvalue.classlist.add("fade-in"); shared
secretvalue.addeventlistener("animationend", () => { shared
secretvalue.classlist.remove("fade-in"); }); shared
secretvalue.textcontent = `${buffer}...[${shared
secret.bytelength} bytes total]`; } // generate 2 ecdh key pairs: one for alice and one for bob // in more normal usage, they would generate their key pairs // separately and exchan...
...eneratekey( { name: "ecdh", namedcurve: "p-384" }, false, ["derivebits"] ); promise.all([generatealiceskeypair, generatebobskeypair]).then(values => { const aliceskeypair = values[0]; const bobskeypair = values[1]; const derivebitsbutton = document.queryselector(".ecdh .derive-bits-button"); derivebitsbutton.addeventlistener("click", () => { // alice then generates a
secret using her private key and bob's public key.
...And 2 more matches
Index - MDN Web Docs Glossary: Definitions of Web-related terms
77 ciphertext cryptography, glossary, privacy, security in cryptography, a ciphertext is a scrambled message that conveys information but is not legible unless decrypted with the right cipher and the right
secret (usually a key), reproducing the original cleartext.
... a ciphertext's security, and therefore the secrecy of the contained information, depends on using a secure cipher and keeping the key
secret.
...one key (the private key) is kept
secret while the other is made public.
...the key is usually called a "symmetric key" or a "
secret key".
Website security - Learn web development
one way to prevent this type of attack is for the server to require that post requests include a user-specific site-generated
secret.
... the
secret would be supplied by the server when sending the web form used to make transfers.
... this approach prevents john from creating his own form, because he would have to know the
secret that the server is providing for the user.
... even if he found out the
secret and created a form for a particular user, he would no longer be able to use that same form to attack every user.
nsIPushSubscription
a subscription also has a public key and
secret; these are used to encrypt message payloads.
... auth the shared authentication
secret, used as the salt in the hkdf invocation.
...["@mozilla.org/xmlextras/xmlhttprequest;1"] .createinstance(ci.nsixmlhttprequest); request.open("post", "https://example.com/register-for-push", true); request.addeventlistener("error", () => { cu.reporterror("error sending subscription to server"); }); request.send(json.stringify({ endpoint: subscription.endpoint, // base64-encode the key and authentication
secret.
... key: string.fromcharcode.apply(null, btoa(subscription.getkey("p256dh"))),
secret: string.fromcharcode.apply(null, btoa(subscription.getkey("auth"))), })); } pushservice.subscribe( "chrome://my-module/push", scriptsecuritymanager.getsystemprincipal(), (code, subscription) => { if (!components.issuccesscode(code)) { cu.reporterror("error creating subscription: " + code); } else { sendsubscriptiontoserver(subscription); } } ); see also nsipushservice nsipushmessage pushsubscription ...
SubtleCrypto.unwrapKey() - Web APIs
syntaxerror raised when keyusages is empty but the unwrapped key is of type
secret or private.
... const saltbuffer = bytestoarraybuffer(saltbytes); // 3 derive the key from key material and salt return window.crypto.subtle.derivekey( { "name": "pbkdf2", salt: saltbuffer, "iterations": 100000, "hash": "sha-256" }, keymaterial, { "name": "aes-kw", "length": 256}, true, [ "wrapkey", "unwrapkey" ] ); } /* unwrap an aes
secret key from an arraybuffer containing the raw bytes.
... takes an array containing the bytes, and returns a promise that will resolve to a cryptokey representing the
secret key.
... */ async function unwrap
secretkey(wrappedkey) { // 1.
passwords - Archive of obsolete content
to store an add-on credential: require("sdk/passwords").store({ realm: "user registration", username: "joe", password: "
secret123", }); to store an html form credential: require("sdk/passwords").store({ url: "http://www.example.com", formsubmiturl: "http://login.example.com", username: "joe", usernamefield: "uname", password: "
secret123", passwordfield: "pword" }); to store an http authentication credential: require("sdk/passwords").store({ url: "http://www.example.com", realm: "exampleco login", us...
...ername: "joe", password: "
secret123", }); see "credentials" above for more details on how to set these properties.
...for example, to remove all of joe's stored credentials: require("sdk/passwords").search({ username: "joe", oncomplete: function oncomplete(credentials) { credentials.foreach(require("sdk/passwords").remove); }) }); to change an existing credential just call store after remove succeeds: require("sdk/passwords").remove({ realm: "user registration", username: "joe", password: "
secret123" oncomplete: function oncomplete() { require("sdk/passwords").store({ realm: "user registration", username: "joe", password: "{new password}" }) } }); parameters options : object required options: name type username string the username for the credential.
More Wizards - Archive of obsolete content
in the following example, the user must enter a
secret code into a textbox on the first page of the wizard.
... wizard example source <?xml version="1.0"?> <?xml-stylesheet href="chrome://global/skin/" type="text/css"?> <wizard id="thewizard" title="
secret code wizard" xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"> <script> function checkcode(){ document.getelementbyid('thewizard').canadvance = (document.getelementbyid('
secretcode').value == "cabbage"); } </script> <wizardpage onpageshow="checkcode(); return true;"> <label value="enter the
secret code:"/> <textbox id="
secretcode" onkeyup="checkcode();"/> </wizardpage> <wiza...
...rdpage> <label value="that is the correct
secret code."/> </wizardpage> </wizard> there is also a corresponding canrewind property that you can use to enable or disable the back button.
Decryption - MDN Web Docs Glossary: Definitions of Web-related terms
like encryption, decryption in modern ciphers is performed using a specific algorithm and a
secret, called the key.
... since the algorithm is often public, the key must stay
secret if the encryption stays secure.
... decryption is the reverse of encryption and if the key stays
secret, decryption without knowing the specific
secret, decryption is mathematically hard to perform.
Encryption - MDN Web Docs Glossary: Definitions of Web-related terms
encryption in modern ciphers is performed using a specific algorithm and a
secret, called the key.
... since the algorithm is often public, the key must stay
secret if the encryption stays secure.
... without knowing the
secret, the reverse operation, decryption, is mathematically hard to perform.
NSS 3.21 release notes
new in nss 3.21 new functionality certutil now supports a --rename option to change a nickname (bug 1142209) tls extended master
secret extension (rfc 7627) is supported (bug 1117022) new info functions added for use during mid-handshake callbacks (bug 1084669) new functions in nss.h nss_optionset - sets nss global options nss_optionget - gets the current value of nss global options in secmod.h secmod_createmoduleex - create a new secmodmodule structure from module name string, module parameters string...
... nss_rsa_min_key_size - used with nss_optionset and nss_optionget to set or get the minimum rsa key size nss_dh_min_key_size - used with nss_optionset and nss_optionget to set or get the minimum dh key size nss_dsa_min_key_size - used with nss_optionset and nss_optionget to set or get the minimum dsa key size in pkcs11t.h ckm_tls12_master_key_derive - derives tls 1.2 master
secret ckm_tls12_key_and_mac_derive - derives tls 1.2 traffic key and iv ckm_tls12_master_key_derive_dh - derives tls 1.2 master
secret for dh (and ecdh) cipher suites ckm_tls12_key_safe_derive and ckm_tls_kdf are identifiers for additional pkcs#12 mechanisms for tls 1.2 that are currently unused in nss.
...sslerr.h ssl_error_rx_short_dtls_read - error code for failure to include a complete dtls record in a udp packet ssl_error_no_supported_signature_algorithm - error code for when no valid signature and hash algorithm is available ssl_error_unsupported_signature_algorithm - error code for when an unsupported signature and hash algorithm is configured ssl_error_missing_extended_master_
secret - error code for when the extended master
secret is missing after having been negotiated ssl_error_unexpected_extended_master_
secret - error code for receiving an extended master
secret when previously not negotiated in sslt.h ssl_enable_extended_master_
secret - configuration to enable the tls extended master
secret extension (rfc 7627) ssl_preinfo_version - used with sslprelimi...
nss tech note5
= pk11_digestbegin(digestcontext); s = pk11_digestop(digestcontext, data, sizeof data); s = pk11_digestfinal(digestcontext, digest, &len, sizeof digest); /* now, digest contains the 'digest', and len contains the length of the digest */</big> clean up pk11_destroycontext(digestcontext, pr_true); you can also look at a sample program illustrating this hash / digest with
secret key included include headers #include "nss.h" #include "pk11pub.h" make sure nss is initialized.the simplest init function, in case you don't need a nss database is nss_nodb_init(".") choose a digest mechanism.
...can use ckm_generic_
secret_key_gen as the key gen mechanism.
...can use ckm_generic_
secret_key_gen as the key gen mechanism.
EcdhKeyDeriveParams - Web APIs
ecdh enables two people who each have a key pair consisting of a public and a private key to derive a shared
secret.
... they exchange public keys and use the combination of their private key and the other entity's public key to derive a
secret key that they — and noone else — share.
... the parameters for ecdh derivekey() therefore include the other entity's public key, which is combined with this entity's private key to derive the shared
secret.
GlobalEventHandlers.onkeypress - Web APIs
*/ (function () { const s
secret = /* choose your hidden word...: */ "exit"; let noffset = 0; document.onkeypress = function(opevt) { let oevent = opevt || window.event, nchr = oevent.charcode, snodetype = oevent.target.nodename.touppercase(); if (nchr === 0 || oevent.target.contenteditable.touppercase() === "true" || snodetype === "textarea" || snodetype === "input" && oeven...
...t.target.type.touppercase() === "text") { return true; } if (nchr !== s
secret.charcodeat(noffset)) { noffset = nchr === s
secret.charcodeat(0) ?
... 1 : 0; } else if (noffset < s
secret.length - 1) { noffset++; } else { noffset = 0; /* do something here...
window.postMessage() - Web APIs
popup.postmessage("the user is 'bob' and the password is '
secret'", "https://secure.example.net"); // this will successfully queue a message to be sent to the popup, assuming // the window hasn't changed its location.
... the
secret response is: rheeeeet!" } window.addeventlistener("message", receivemessage, false); /* * in the popup's scripts, running on <http://example.com>: */ // called sometime after postmessage is called function receivemessage(event) { // do we trust the sender of this message?
... the
secret response " + "is: rheeeeet!", event.origin); } window.addeventlistener("message", receivemessage, false); notes any window may access this method on any other window, at any time, regardless of the location of the document in the window, to send it a message.
Transport Layer Security - Web security
a tls connection starts with a handshake phase where a client and server agree on a shared
secret and important parameters, like cipher suites, are negotiated.
... in tls 1.2 and earlier, the negotiated cipher suite includes a set of cryptographic algorithms that together provide the negotiation of the shared
secret, the means by which a server is authenticated, and the method that will be used to encrypt data.
... the tls 1.3 handshake is encrypted, except for the messages that are necessary to establish a shared
secret.
wizard - Archive of obsolete content
ttributes firstpage, lastpage, pagestep, title, windowtype properties canadvance, canrewind, currentpage, onfirstpage, onlastpage, pagecount, pageindex, pagestep, title, wizardpages methods advance, cancel, extra1, extra2, getbutton, getpagebyid, goto, rewind examples <?xml version="1.0"?> <?xml-stylesheet href="chrome://global/skin/" type="text/css"?> <wizard id="thewizard" title="
secret code wizard" xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"> <script> function checkcode(){ document.getelementbyid('thewizard').canadvance = (document.getelementbyid('
secretcode').value == "cabbage"); } </script> <wizardpage onpageshow="checkcode();"> <label value="enter the
secret code:"/> <textbox id="
secretcode" onkeyup="checkcode();"/> </wiz...
...ardpage> <wizardpage> <label value="that is the correct
secret code."/> </wizardpage> </wizard> attributes activetitlebarcolor type: color string specify background color of the window's titlebar when it is active (foreground).
TCP/IP Security - Archive of obsolete content
this is accomplished by encrypting data using a cryptographic algorithm and a
secret key—a value known only to the two parties exchanging data.
... the data can only be decrypted by someone who has the
secret key.
Implementation Status - Archive of obsolete content
supported 4.5.5 xforms-output-exception unsupported 4.5.6 xforms-submit-error supported 4.5.7 xforms-version-exception unsupported 4.6 event sequencing supported 4.6.1 for input,
secret, textarea, range, or upload controls supported 4.6.2 for output controls supported 4.6.3 for select or select1 controls partial 4.6.4 for trigger controls supported 4.6.5 for submit controls supported ...
...core form controls section title status notes bugs 8.1 the xforms core form controls module supported 8.1.1 common requirements n/a 8.1.2 input supported 8.1.3
secret supported 8.1.4 textarea supported 8.1.5 output supported 8.1.6 upload supported 8.1.7 range partial 316355; 343523; 8.1.8 trigger supported 8.
Desktop mouse and keyboard controls - Game development
we can even define a
secret cheat button: this.keycheat = this.input.keyboard.addkey(phaser.keycode.c); and then in the update() function whenever c is pressed we'll do this: if(this.keycheat.isdown) { this.player.health = this.player.maxhealth; } we can set the health of the player to maximum.
... remember: it's a
secret, so don't tell anyone!
Ciphertext - MDN Web Docs Glossary: Definitions of Web-related terms
in cryptography, a ciphertext is a scrambled message that conveys information but is not legible unless decrypted with the right cipher and the right
secret (usually a key), reproducing the original cleartext.
... a ciphertext's security, and therefore the secrecy of the contained information, depends on using a secure cipher and keeping the key
secret.
Chrome Worker Modules
to make the value public, you just have to add it to either global value exports, as follows: /* file mymodule.js */ let
secretkey = "this is a
secret"; let publickey = "this is public"; exports.key = publickey; //
secretkey is not exported // publickey is exported with name "key" alternatively, if you prefer that style, you may write // variable |module| is a special global introduced by require() module.exports = { key: publickey }; once this is done, we may load the module and use the values that have been export...
...ed // assuming that mymodule.js is installed to resource://gre/modules/mymodule.js let module = require("resource://gre/modules/mymodule.js") foo(module.key); // module.key == "this is public"; // however,
secretkey is not exported and cannot be used for the installation of resources, please see the documentation on moz.build (if your code is part of the platform) or on chrome manifests (if your code is part of an add-on).
Phishing: a short definition
this qr code is nothing more than a random,
secret key, that is stored on the user’s phone.
... after verifying username and password, the user is prompted to open the otp app and enter the corresponding 6-digit code, representing a hashed version of the
secret key and a nonce - potentially time-based.
PRFileDesc
syntax #include <prio.h> struct prfiledesc { priomethods *methods; prfileprivate *
secret; prfiledesc *lower, *higher; void (*dtor)(prfiledesc *fd); prdescidentity identity; }; typedef struct prfiledesc prfiledesc; parameters methods the i/o methods table.
...
secret layer-dependent implementation data.
NSS 3.12.6 release notes
if set, nss logs rsa pre-master
secrets to this file.
...es in path names bug 534943: clean up the makefiles in lib/ckfw/builtins bug 534945: lib/dev does not need to include headers from lib/ckfw bug 535669: move common makefile code in if and else to the outside bug 536023: der_utctimetotime and der_generalizedtimetotime ignore all bytes after an embedded null bug 536474: add support for logging pre-master
secrets bug 537356: implement new safe ssl3 & tls renegotiation bug 537795: nss_initcontext does not work with nss_registershutdown bug 537829: allow nss to build for android bug 540304: implement ssl_handshakenegotiatedextension bug 541228: remove an obsolete nspr version check in lib/util/secport.c bug 541231: nssinit.c doesn't need to include ssl.
NSS 3.48 release notes
tls extended master
secret is enabled by default, where possible.
... pkcs#11 bug 1588567 - enable mozilla::pkix gtests in nss ci bug 1591315 - update nsc_decrypt length in constant time bug 1562671 - increase nss mp kdf default iteration count, by default for modern key4 storage, optionally for legacy key3.db storage bug 1590972 - use -std=c99 rather than -std=gnu99 bug 1590676 - fix build if arm doesn't support neon bug 1575411 - enable tls extended master
secret by default bug 1590970 - ssl_settimefunc has incomplete coverage bug 1590678 - remove -wmaybe-uninitialized warning in tls13esni.c bug 1588244 - nss changes for delegated credential key strength checks bug 1459141 - add more cbc padding tests that missed nss 3.47 bug 1590339 - fix a memory leak in btoa.c bug 1589810 - fix uninitialized variable warnings from certdata.perl bug 1573118 - ena...
NSS Sample Code Sample1
it // generates the
secret keys that will be used by all participating // hosts.
...8 bits (16 bytes) key = pk11_keygen(slot, ckm_aes_key_gen, 0, 128/8, 0); if (!key) { rv = 1; goto aes_done; } rv = wrapkey(key, pubkey, &mwrappedenckey); aes_done: if (key) pk11_freesymkey(key); if (rv) goto done; } // do the mac key if (!mwrappedmackey) { pk11symkey *key = 0; // the key size is 160 bits (20 bytes) key = pk11_keygen(slot, ckm_generic_
secret_key_gen, 0, 160/8, 0); if (!key) { rv = 1; goto mac_done; } rv = wrapkey(key, pubkey, &mwrappedmackey); mac_done: if (key) pk11_freesymkey(key); } done: if (slot) pk11_freeslot(slot); return rv; } int server::exportpublickey(secitem **pubkeydata) { int rv = 0; seckeypublickey *pubkey = 0; rv = getpublickey(&pubkey); if (rv) goto done; *pubkeydata = seckey_enco...
NSS Sample Code sample3
stop(context, data, sizeof data); if (s != secsuccess) { cout << "digestupdate failed" << endl; goto done; } s = pk11_digestfinal(context, digest, &len, sizeof digest); if (s != secsuccess) { cout << "digestfinal failed" << endl; goto done; } /* print digest */ printdigest(digest, len); pk11_destroycontext(context, pr_true); context = 0; /* * part 2 - hashing with included
secret key */ cout << "part 2 -- hashing with included
secret key" << endl; /* initialize data */ memset(data, 0xbc, sizeof data); /* create a key */ key = pk11_keygen(slot, ckm_generic_
secret_key_gen, 0, 128, 0); if (!key) { cout << "create key failed" << endl; goto done; } cout << (void *)key << endl; /* create parameters for crypto context */ /* note: params must be provided,...
... = pk11_digestop(context, data, sizeof data); if (s != secsuccess) { cout << "digestupdate failed" << endl; goto done; } s = pk11_digestfinal(context, digest, &len, sizeof digest); if (s != secsuccess) { cout << "digestfinal failed" << endl; goto done; } /* print digest */ printdigest(digest, len); pk11_destroycontext(context, pr_true); context = 0; /* * part 3 - mac (with
secret key) */ cout << "part 3 -- mac (with
secret key)" << endl; /* initialize data */ memset(data, 0xbc, sizeof data); context = pk11_createcontextbysymkey(ckm_md5_hmac, cka_sign, key, &noparams); if (!context) { cout << "createcontextbysymkey failed" << endl; goto done; } s = pk11_digestbegin(context); if (s != secsuccess) { cout << "digestbegin failed" << endl; goto done; } s ...
Using nsILoginManager
new components.constructor( "@mozilla.org/login-manager/logininfo;1", components.interfaces.nsilogininfo, "init" ); var logininfo = new nslogininfo( hostname, formsubmiturl, httprealm, username, password, usernamefield, passwordfield ); examples creating a login for a web page var formlogininfo = new nslogininfo( 'http://www.example.com', 'http://login.example.com', null, 'joe', '
secret123', 'uname', 'pword' ); this login would correspond to a html form such as: <form action="http://login.example.com/foo/authenticate.cgi"> <div>please log in.</div> <label>username:</label> <input type="text" name="uname"> <label>password:</label> <input type="password" name="pword"> </form> creating a site authentication login var authlogininfo = new nslogininfo( 'http://www.example.c...
...om', null, 'exampleco login', 'alice', '
secret321', "", "" ); this would correspond to a login on http://www.example.com when the server sends a reply such as: http/1.0 401 authorization required server: apache/1.3.27 www-authenticate: basic realm="exampleco login" creating a local extension login var extlogininfo = new nslogininfo( 'chrome://firefoo', null, 'user registration', 'bob', '123
secret', "", "" ); from a component creating a new info block is done slightly differently: var nslogininfo = new constructor("@org/manager/ci.init"); var extlogininfo = new aformsubmiturl, ausername, ausernamefield, ...
Index - Web APIs
this is typically a password, key, or other
secret.
... 4201 subtlecrypto.derivekey() api, crypto, method, reference, subtlecrypto, web, derivekey the derivekey() method of the subtlecrypto interface can be used to derive a
secret key from a master key.
Selection.containsNode() - Web APIs
console.log(window.getselection().containsnode(document.body, true)); find the hidden word in this example, a message appears when you select the
secret word.
... html <p>can you find the
secret word?</p> <p>hmm, where <span id="
secret" style="color:transparent">
secret</span> could it be?</p> <p id="win" hidden>you found it!</p> javascript const
secret = document.getelementbyid('
secret'); const win = document.getelementbyid('win'); // listen for selection changes document.addeventlistener('selectionchange', () => { const selection = window.getselection(); const found = selection.containsnode(
secret); win.toggleattribute('hidden', !found); }); result specifications specification status comment selection apithe definition of 'selection.containsnode()' in that specification.
SubtleCrypto.sign() - Web APIs
the fourth algorithm — hmac — uses the same algorithm and key for signing and for verification: this means that the verification key must be kept
secret, which in turn means that this algorithm is not suitable for many signature use cases.
....queryselector(".ecdsa #message"); let message = messagebox.value; let enc = new textencoder(); return enc.encode(message); } let encoded = getmessageencoding(); let signature = await window.crypto.subtle.sign( { name: "ecdsa", hash: {name: "sha-384"}, }, privatekey, encoded ); hmac this code fetches the contents of a text box, encodes it for signing, and signs it with a
secret key.
SubtleCrypto.verify() - Web APIs
it is the
secret key for a symmetric algorithm and the public key for a public-key system.
..."valid" : "invalid"); } hmac this code uses a
secret key to verify a signature.
SubtleCrypto.wrapKey() - Web APIs
*/ async function wrapcryptokey(keytowrap) { // get the key encryption key const keymaterial = await getkeymaterial(); salt = window.crypto.getrandomvalues(new uint8array(16)); const wrappingkey = await getkey(keymaterial, salt); return window.crypto.subtle.wrapkey( "raw", keytowrap, wrappingkey, "aes-kw" ); } /* generate an encrypt/decrypt
secret key, then wrap it.
... */ window.crypto.subtle.generatekey( { name: "aes-gcm", length: 256, }, true, ["encrypt", "decrypt"] ) .then((
secretkey) => { return wrapcryptokey(
secretkey); }) .then((wrappedkey) => { console.log(wrappedkey); }); pkcs #8 wrap this example wraps an rsa private signing key.
Using XMLHttpRequest - Web APIs
t name: <input type="text" name="firstname" /><br /> last name: <input type="text" name="lastname" /><br /> sex: <input id="sex_male" type="radio" name="sex" value="male" /> <label for="sex_male">male</label> <input id="sex_female" type="radio" name="sex" value="female" /> <label for="sex_female">female</label><br /> password: <input type="password" name="
secret" /><br /> what do you prefer: <select name="image_type"> <option>books</option> <option>cinema</option> <option>tv</option> </select> </p> <p> post your photos: <input type="file" multiple name="photos[]"> </p> <p> <input id="vehicle_bike" type="checkbox" name="vehicle[]" value="bike" /> <label for="vehicle_bike">i ...
...t name: <input type="text" name="firstname" /><br /> last name: <input type="text" name="lastname" /><br /> sex: <input id="sex_male" type="radio" name="sex" value="male" /> <label for="sex_male">male</label> <input id="sex_female" type="radio" name="sex" value="female" /> <label for="sex_female">female</label><br /> password: <input type="password" name="
secret" /><br /> what do you prefer: <select name="image_type"> <option>books</option> <option>cinema</option> <option>tv</option> </select> </p> <p> post your photos: <input type="file" multiple name="photos[]"> </p> <p> <input id="vehicle_bike" type="checkbox" name="vehicle[]" value="bike" /> <label for="vehicle_bike">i ...
<display-box> - CSS: Cascading Style Sheets
more accessible markup with display: contents | hidde de vries display: contents is not a css reset | adrian roselli examples in this first example, the paragraph with a class of
secret is set to display: none; the box and any content is now not rendered.
... display: none html <p>visible text</p> <p class="
secret">invisible text</p> css p.
secret { display: none; } result display: contents in this example the outer <div> has a 2-pixel red border and a width of 300px.
<mark>: The Mark Text element - HTML: Hypertext Markup Language
during the battle, <mark>rebel spies managed to steal
secret plans</mark> to the empire’s ultimate weapon, the death star, an armored space station with enough power to destroy an entire planet.
...although the death star has been destroyed, <mark class="match">imperial</mark> troops have driven the rebel forces from their hidden base and pursued them across the galaxy.</p> <p>evading the dreaded <mark class="match">imperial</mark> starfleet, a group of freedom fighters led by luke skywalker has established a new
secret base on the remote ice world of hoth.</p> to help distinguish the use of <mark> for search results from other potential usage, this example applies the custom class "match" to each match.
Module structure of the SDK - Archive of obsolete content
for example, the following add-on contains an additional module directly under "lib", and other modules under subdirectories of "lib": my-addon lib main.js password-dialog.js
secrets hash.js storage password-store.js to import modules into main: // main.js code var dialog = require("./password-dialog"); var hash = require("./
secrets/hash"); to import modules into password-store: // password-store.js code var dialog = require("../password-dialog"); var hash = require("../
secrets/hash"); external ...
core/namespace - Archive of obsolete content
let { ns } = require('sdk/core/namespace'); let anamespace = ns(); anamespace(publicapi).
secret =
secret; one namespace may be used with multiple objects: let { ns } = require('sdk/core/namespace'); let dom = ns(); function view(element) { let view = object.create(view.prototype); dom(view).element = element; // ....
Index of archived content - Archive of obsolete content
er interface xforms alert element xforms group element xforms help element xforms hint element xforms input element xforms label element xforms message element xforms output element xforms range element xforms repeat element xforms
secret element xforms select element xforms select1 element xforms submit element xforms switch module xforms textarea element xforms trigger element xforms upload element other resources requests for enhancement rf...
Settings - Archive of obsolete content
twitter", settings: [ { name: "username", type: "text", label: "username" }, { name: "password", type: "password", label: "password" } ] }, { name: "facebook", type: "group", label: "facebook", settings: [ { name: "username", type: "text", label: "username", default: "jdoe" }, { name: "password", type: "password", label: "
secret" } ] }, { name: "music", type: "boolean", label: "music", default: true }, { name: "volume", type: "range", label: "volume", min: 0, max: 10, default: 5 } ] }; // import after defining manifest!
Settings - Archive of obsolete content
twitter", settings: [ { name: "username", type: "text", label: "username" }, { name: "password", type: "password", label: "password" } ] }, { name: "facebook", type: "group", label: "facebook", settings: [ { name: "username", type: "text", label: "username", default: "jdoe" }, { name: "password", type: "password", label: "
secret" } ] }, { name: "music", type: "boolean", label: "music", default: true }, { name: "volume", type: "range", label: "volume", min: 0, max: 10, default: 5 } ] }; // import after defining manifest!
currentIndex - Archive of obsolete content
celltext = tree.view.getcelltext(tree.currentindex, tree.columns.getcolumnat(0)); alert(celltext); } </script> <tree id="my-tree" seltype="single" onselect="treerowclicked()"> <treecols> <treecol label="title" flex="1"/><treecol label="url" flex="1"/> </treecols> <treechildren> <treeitem> <treerow> <treecell label="joe@somewhere.com"/> <treecell label="top
secret plans"/> </treerow> </treeitem> <treeitem> <treerow> <treecell label="mel@whereever.com"/> <treecell label="let's do lunch"/> </treerow> </treeitem> </treechildren> </tree> see also listbox.currentindex ...
Trees - Archive of obsolete content
example tree with treechildren example 2 : source view <tree flex="1"> <treecols> <treecol id="sender" label="sender" flex="1"/> <treecol id="subject" label="subject" flex="2"/> </treecols> <treechildren> <treeitem> <treerow> <treecell label="joe@somewhere.com"/> <treecell label="top
secret plans"/> </treerow> </treeitem> <treeitem> <treerow> <treecell label="mel@whereever.com"/> <treecell label="let's do lunch"/> </treerow> </treeitem> </treechildren> </tree> as can be seen in the image, the tree has been created with two rows of data.
tree - Archive of obsolete content
stordinalcolumn, inputfield, seltype, selstyle, tabindex, treeboxobject, view examples a tree with several columns <tree flex="1" rows="2"> <treecols> <treecol id="sender" label="sender" flex="1"/> <treecol id="subject" label="subject" flex="2"/> </treecols> <treechildren> <treeitem> <treerow> <treecell label="joe@somewhere.com"/> <treecell label="top
secret plans"/> </treerow> </treeitem> <treeitem> <treerow> <treecell label="mel@whereever.com"/> <treecell label="let's do lunch"/> </treerow> </treeitem> </treechildren> </tree> a tree with several columns and nested items <tree id="mytree" flex="1" hidecolumnpicker="false" seltype="single" class="tree" rows="5"> <treecols id="mytree2-treec...
treechildren - Archive of obsolete content
stener(), replacechild(), setattribute(), setattributenode(), setattributenodens(), setattributens(), setuserdata example <tree flex="1"> <treecols> <treecol id="sender" label="sender" flex="1"/> <treecol id="subject" label="subject" flex="2"/> </treecols> <treechildren> <treeitem> <treerow> <treecell label="joe@somewhere.com"/> <treecell label="top
secret plans"/> </treerow> </treeitem> <treeitem> <treerow> <treecell label="mel@whereever.com"/> <treecell label="let's do lunch"/> </treerow> </treeitem> </treechildren> </tree> related elements tree, treecols, treecol, treeitem, treerow, treecell and treeseparator.
Introduction to automated testing - Learn web development
give it the following contents: const testingbot = require('testingbot-api'); let tb = new testingbot({ api_key: "your-tb-key", api_
secret: "your-tb-
secret" }); tb.gettests(function (err, tests) { console.log(tests); }); you'll need to fill in your testingbot key and
secret in the indicated places.
Gecko Profiler FAQ
[ehsan] try clicking the toolbar icon for the extension, expanding the settings section, and enter the
secret cheat code “,” in the threads field and click on “apply (restart profiler)”.
Encrypt Decrypt MAC Keys As Session Objects
*/ mackey = generatesymkey(slot, ckm_generic_
secret_key_gen, 160/8, &mackeyid, pwdata); if (mackey == null) { pr_fprintf(pr_stderr, "generatesymkey for macing returned null.\n"); rv = secfailure; goto cleanup; } /* get the encrypt key cka_id */ rv = gathercka_id(enckey, &encckaid); if (rv != secsuccess) { pr_fprintf(pr_stderr, "error while wrapping encrypt key\n"); ...
Encrypt and decrypt MAC using token
*/ mackey = generatesymkey(slot, ckm_generic_
secret_key_gen, 160/8, &mackeyid, pwdata); if (mackey == null) { pr_fprintf(pr_stderr, "generatesymkey for macing returned null.\n"); rv = secfailure; goto cleanup; } /* get the encrypt key cka_id */ rv = gathercka_id(enckey, &encckaid); if (rv != secsuccess) { pr_fprintf(pr_stderr, "error while wrapping encrypt key\n"); ...
JSS FAQ
asn1/set.java org/mozilla/jss/pkcs10/certificationrequest.java org/mozilla/jss/pkcs12/pfx.java org/mozilla/jss/pkix/cert/certificate.java org/mozilla/jss/pkix/cmmf/certrepcontent.java org/mozilla/jss/pkix/crmf/certreqmsg.java org/mozilla/jss/pkix/crmf/certtemplate.java org/mozilla/jss/pkix/primitive/name.java org/mozilla/jss/provider/javax/crypto/jss
secretkeyfactoryspi.java org/mozilla/jss/util/utf8converter.java org/mozilla/jss/util/base64inputstream.java jss/samples/pqggen.java jss/samples/pkcs12.java if i don't call setcipherpolicy, is the domestic policy used by default?
NSS 3.12.4 release notes
bug 505858: nss_registershutdown can return without unlocking nssshutdownlist.lock bug 507041: invalid build options for vc6 bug 507228: coreconf.dep doesn't need to contain the nss version number bug 507422: crash [[@ port_freearena - lg_mk
secretkeyrep] when port_newarena fails bug 507482: nss 3.12.3 (and later) doesn't build on aix 5.1 bug 507937: pwdecrypt program problems bug 508259: pk11mode crashed on linux2.4 bug 508467: libpkix ocsp checker should use date argument to obtain the time for cert validity verification bug 510367: fix the utf8 characters in the nickname string for ac raíz certicamara s.a.
NSS 3.12.5 release_notes
ails, it leaves the certificate undiscoverable by cert_pkixverifycert bug 518443: pk11_importandreturnprivatekey leaks an arena bug 518446: pk11_derencodepublickey leaks a certsubjectpublickeyinfo bug 518457: seckey_encodedersubjectpublickeyinfo and pk11_derencodepublickey are duplicate bug 522510: add deprecated comments to key.h and pk11func.h bug 522580: nss uses port_memcmp for comparing
secret data.
NSS 3.22.3 release notes
bugs fixed in nss 3.22.3 bug 1243641 - increase compatibility of tls extended master
secret, don't send an empty tls extension last in the handshake compatibility nss 3.22.3 shared libraries are backward compatible with all older nss 3.x shared libraries.
NSS 3.23 release notes
notable changes in nss 3.23 the copy of sqlite shipped with nss has been updated to version 3.10.2 (bug 1234698) the list of tls extensions sent in the tls handshake has been reordered to increase compatibility of the extended master
secret with servers (bug 1243641) the build time environment variable nss_enable_zlib has been renamed to nss_ssl_enable_zlib (bug 1243872).
NSS 3.28 release notes
new functions in ssl.h ssl_exportearlykeyingmaterial implements a key exporter based on the tls 1.3 early exporter
secret.
Enc Dec MAC Output Public Key as CSR
*/ mackey = generatesymkey(slot, ckm_generic_
secret_key_gen, 160/8, &mackeyid, pwdata); if (mackey == null) { pr_fprintf(pr_stderr, "generatesymkey for macing returned null.\n"); rv = secfailure; goto cleanup; } /* wrap encrypt key */ rv = wrapkey(enckey, pubkey, &wrappedenckey); if (rv != secsuccess) { pr_fprintf(pr_stderr, "error while wrapping encrypt key\n"); goto cleanup; } ...
Encrypt Decrypt_MAC_Using Token
*/ mackey = generatesymkey(slot, ckm_generic_
secret_key_gen, 160/8, &mackeyid, pwdata); if (mackey == null) { pr_fprintf(pr_stderr, "generatesymkey for macing returned null.\n"); rv = secfailure; goto cleanup; } /* get the encrypt key cka_id */ rv = gathercka_id(enckey, &encckaid); if (rv != secsuccess) { pr_fprintf(pr_stderr, "error while wrapping encrypt key\n"); ...
NSS Sample Code Sample_3_Basic Encryption and MACing
*/ mackey = generatesymkey(slot, ckm_generic_
secret_key_gen, 160/8, &mackeyid, pwdata); if (mackey == null) { pr_fprintf(pr_stderr, "generatesymkey for macing returned null.\n"); rv = secfailure; goto cleanup; } /* get the encrypt key cka_id */ rv = gathercka_id(enckey, &encckaid); if (rv != secsuccess) { pr_fprintf(pr_stderr, "error while wrapping encrypt key\n"); ...
NSS Sample Code sample6
nss sample code 6: persistent symmetric keys in nss database /* example code to illustrate generation of a
secret symmetric key ring * that persists in the nss database.
EncDecMAC using token object - sample 3
*/ mackey = generatesymkey(slot, ckm_generic_
secret_key_gen, 160/8, &mackeyid, pwdata); if (mackey == null) { pr_fprintf(pr_stderr, "generatesymkey for macing returned null.\n"); rv = secfailure; goto cleanup; } /* get the encrypt key cka_id */ rv = gathercka_id(enckey, &encckaid); if (rv != secsuccess) { pr_fprintf(pr_stderr, "error while wrapping encrypt key\n"); goto cleanup; } /* get the mac key cka_id */ rv = gathercka_id(mackey, &macckaid); ...
NSS Tools sslstrength
you can tell if you stepped-up, because the output will says 'using export policy', and you'll find the
secret key size was 128-bits.
Overview of NSS
rsa standard that governs the format used to store or transport private keys, certificates, and other
secret material.
PKCS11 Implement
this is useful for extracting public keys, non
secret bulk keys, and so on.
FC_CopyObject
a user must log into the token (to assume the nss user role) before copying a
secret or private key object.
FC_DestroyObject
a user must log into the token (to assume the nss user role) before destroying a
secret or private key object.
FC_DigestKey
description fc_digestkey continues a multi-part digest operation by digesting the value of a
secret key.
FC_FindObjectsInit
a user must log into the token (to assume the nss user role) before searching for
secret or private key objects.
FC_GenerateKey
description fc_generatekey generates a
secret key, creating a new key object.
FC_GetAttributeValue
a user must log into the token (to assume the nss user role) before getting the attribute values of a
secret or private key object.
FC_GetObjectSize
a user must log into the token (to assume the nss user role) before getting the size of a
secret or private key object.
FC_InitToken
note: resetting the password clears all permanent
secret and private keys.
FC_SetAttributeValue
a user must log into the token before setting the attribute values of a
secret or private key object.
NSC_InitToken
note: resetting the password clears all permanent
secret and private keys.
NSS tools : certutil
for example: $ certutil -t -d sql:/home/my/sharednssdb -h nethsm -0
secret upgrading or merging the security databases many networks or applications may be using older berkeleydb versions of the certificate database (cert8.db).
sslerr.html
on a server socket, indicates a failure of one of the following: (a) to unwrap the pre-master
secret from the clientkeyexchange message, (b) to derive the master
secret from the premaster
secret, (c) to derive the mac
secrets, cryptographic keys, and initialization vectors from the master
secret.
sslintro.html
to avoid the overhead of repeating the full ssl handshake in situations like this, the ssl protocol supports the use of a session cache, which retains information about each connection, such as the master
secret generated during the ssl handshake, for a predetermined length of time.
NSS Tools sslstrength
you can tell if you stepped-up, because the output will says 'using export policy', and you'll find the
secret key size was 128-bits.
certutil
for example: $ certutil -t -d sql:/home/my/sharednssdb -h nethsm -0
secret upgrading or merging the security databases many networks or applications may be using older berkeleydb versions of the certificate database (cert8.db).
TPS Password Lists
for example: var password_list = [ { hostname: "http://www.example.com", submiturl: "http://login.example.com", username: "joe", password: "
secret123", usernamefield: "uname", passwordfield: "pword", changes: { password: "zippity-do-dah" } }, { hostname: "http://www.example.com", realm: "login", username: "joe", password: "
secretlogin" } ]; each object has the following properties: hostname: the hostname for the password.
Index
a subscription also has a public key and
secret; these are used to encrypt message payloads.
nsILoginManagerCrypto
note: the current implemention of this inferface simply uses nss/psm's "
secret decoder ring" service.
AesCbcParams - Web APIs
however, it need not be
secret (for example, it may be transmitted unencrypted along with the ciphertext).
AesGcmParams - Web APIs
note that the iv does not have to be
secret, just unique: so it is ok, for example, to transmit it in the clear alongside the encrypted message.
CryptoKey - Web APIs
properties cryptokey.type string which may take one of the following values: "
secret": this key is a
secret key for use with a symmetric algorithm.
Document.createComment() - Web APIs
example var docu = new domparser().parsefromstring('<xml></xml>', 'application/xml'); var comment = docu.createcomment('this is a not-so-
secret comment in your document'); docu.getelementsbytagname('xml')[0].appendchild(comment); alert(new xmlserializer().serializetostring(docu)); // displays: <xml><!--this is a not-so-
secret comment in your document--></xml> specifications specification status comment domthe definition of 'document.createcomment' in that specification.
EventTarget() - Web APIs
examples class myeventtarget extends eventtarget { constructor(my
secret) { super(); this._
secret = my
secret; } get
secret() { return this._
secret; } }; let myeventtarget = new myeventtarget(5); let value = myeventtarget.
secret; // == 5 myeventtarget.addeventlistener("foo", function(e) { this._
secret = e.detail; }); let event = new customevent("foo", { detail: 7 }); myeventtarget.dispatchevent(event); let newvalue = myeventtarget.
secret; // == 7 specifications specification status comment domthe definition of 'eventtarget() constructor' in that specification...
HkdfParams - Web APIs
unlike the input key material passed into derivekey(), salt does not need to be kept
secret.
Pbkdf2Params - Web APIs
unlike the input key material passed into derivekey(), salt does not need to be kept
secret.
Push API - Web APIs
the endpoint url therefore needs to be kept
secret, or other applications might be able to send push messages to your application.
RTCPeerConnection.setConfiguration() - Web APIs
var restartconfig = { iceservers: [{ urls: "turn:asia.myturnserver.net", username: "allie@oopcode.com", credential: "top
secretpassword" }] }; mypeerconnection.setconfiguration(restartconfig); mypeerconnection.createoffer({"icerestart": true}).then(function(offer) { return mypeerconnection.setlocaldescription(offer); }) .then(function() { // send the offer to the other peer using the signaling server }) .catch(reporterror); first, a new rtcconfiguration is created, restartconfig, specifying th...
ShadowRoot.mode - Web APIs
examples let customelem = document.queryselector('my-shadow-dom-element'); let shadow = customelem.shadowroot; // another way to check whether the shadow root is open; it will return null if not if(shadow) { // if it is open, close it to stop people stealing our
secrets!
SubtleCrypto.encrypt() - Web APIs
authentication helps protect against chosen-ciphertext attacks, in which an attacker can ask the system to decrypt arbitrary messages, and use the result to deduce information about the
secret key.
SubtleCrypto.exportKey() - Web APIs
*/ async function exportcryptokey(key) { const exported = await window.crypto.subtle.exportkey( "raw", key ); const exportedkeybuffer = new uint8array(exported); const exportkeyoutput = document.queryselector(".exported-key"); exportkeyoutput.textcontent = `[${exportedkeybuffer}]`; } /* generate an encrypt/decrypt
secret key, then set up an event listener on the "export" button.
SubtleCrypto.generateKey() - Web APIs
exceptions the promise is rejected when the following exception is encountered: syntaxerror raised when the result is a cryptokey of type
secret or private but keyusages is empty.
Web Authentication API - Web APIs
this proves to the server that a user is in possession of the private key required for authentication without revealing any
secrets over the network.