Readonly isNSSKeyOptional aInstancePtr: objectA run time mechanism for interface discovery.
NS_OK if the interface is supported by the associated instance, NS_NOINTERFACE if it is not.
aInstancePtr must not be null.
[in] A requested interface IID
[out] A pointer to an interface pointer to receive the result.
Decode and then decrypt the given base64-encoded string.
Promise resolving to the plaintext bytes or an error.
The label of the key to use to decrypt.
Encrypted input text, encoded as Base64.
Encrypt the given data and then return the result as a base64-encoded string.
Promise resolving to the encrypted text, encoded as Base64, or an error.
The label of the key to use to encrypt.
The bytes to encrypt.
This interface provides encryption and decryption operations for data at rest. The key used to encrypt and decrypt the data is stored in the OS key store.
Usage:
// obtain the singleton OSKeyStore instance const oskeystore = Cc["@mozilla.org/security/oskeystore;1"].getService(Ci.nsIOSKeyStore);
const PASSWORD_LABEL = "mylabel1"; const COOKIE_LABEL = "mylabel2";
// Unlock the key store. // Note that this is not necesssary. The key store will be unlocked // automatically when an operation is performed on it. await oskeystore.asyncUnlock();
// Check if there's a secret for your label already.
if (!await oskeystore.asyncSecretAvailable(PASSWORD_LABEL)) {
// Fail or generate a new secret for your label.
// If you want to generate a new secret, do.
// Hold onto recoveryPhrase to present to the user.
let recoveryPhrase = await oskeystore.asyncGenerateSecret(PASSWORD_LABEL);
}
// Assuming there's a secret with your label. Encrypt/Decrypt as follows. let encryptedPasswordBytes = await oskeystore.asyncEncryptBytes(PASSWORD_LABEL, passwordBytes); let newPasswordBytes = await oskeystore.asyncDecryptBytes(PASSWORD_LABEL, encryptedPasswordBytes);
// Delete the secret from the key store. await oskeystore.asyncDeleteSecret(PASSWORD_LABEL);
// Recover a secret from a recovery code. await oskeystore.asyncRecoverSecret(PASSWORD_LABEL, recoveryPhrase);
// Lock the key store to prompt the user to log into her OS key store again. await oskeystore.asyncLock();
Generate a new secret and store it in the OS key store with the given label. The caller should make sure that no other secrets with the same label are present before calling this function. This invalidates all previous ciphertexts created with the key corresponding to the given label.
Promise that resolves to the recoveryPhrase string used to generate the secret.
The label to use for the secret.
Set a secret from a given recovery phrase. This might not be implemented on all platforms. This invalidates all previous ciphertexts.
Promise that resolves to undefined or an error.
The label to use for the secret.
The recovery phrase that's used to generate the secret.
Generated using TypeDoc
Check if the implementation is using the NSS key store. This is a special case because Firefox has to handle the locking and unlocking.