Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Consolidate crypto libraries #31

Open
davidben opened this issue Nov 29, 2012 · 0 comments
Open

Consolidate crypto libraries #31

davidben opened this issue Nov 29, 2012 · 0 comments

Comments

@davidben
Copy link
Owner

We use both SJCL and CryptoJS right now. This is silly. I think we should prefer SJCL; they make an attempt to provide a real randomness function (even if it's not really usable), so I think I trust them more. Unfortunately, they don't provide the primitives we'll need for all enctypes. Namely,

  • DES (des-cbc-crc)
  • MD5 (des-cbc-crc, arcfour-hmac)
  • MD4 (arcfour-hmac)
  • RC4 (arcfour-hmac)

If Athena actually gets rid of des-cbc-crc, maybe we can get away with only doing the AES ones there. I want to say arcfour-hmac is the one you need for Windows stuff, so we might not be able to avoid that? I propose we port CryptoJS implementations to sjcl.bitArray where needed. At the least we can avoid having two versions of a byte array. (If that could be secretly a TypedArray (issue #23), even better... that might not be doable transparently though. Seems sjcl.bitArray is literally an array.)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@davidben