Nelson Bolyard wrote:
NSS certainly supports AES. NSS offers a C API.
PSM is the primary provider of XPCOM wrappers for NSS. I'm not aware of what
raw symmetric encryption capabilities PSM offers to the users of its XPCOM
interfaces. Sadly, few PSM developers hang out here.
For those wondering what that means in practical terms, PSM looks like
any other Gecko component (since it uses XPCOM interfaces) so for
example it can (within reason) be called directly from JavaScript.
PSM is not the only way to call NSS functions. PSM manages the loading,
initializing, shutting down, and unloading of NSS. Calling NSS through PSM has
the potential advantage of avoiding all the potential problems of calling NSS
while it is unloaded and/or uninitialized. But if some other code is certain
that NSS is loaded and initialized, then it could call NSS directly.
So, given that Polly was originally writing a binary component, that may
well be a viable solution, as long as the calls are made at a "safe"
point (e.g. a direct call into the binary component from extension UI).
--
Warning: May contain traces of nuts.
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
