Closed stnmtz closed 2 months ago
According to the documentation, AES-GCM is not and will not be available on platforms that don't provide hardware AES support. So, it will never be the case on JavaScript.
But _crypto_aead_aes256gcm_is_available
can indeed be added, even if it will always return 0
.
_crypto_aead_aes256gcm_is_available
has been added!
According to the documentation, AES-GCM is not and will not be available on platforms that don't provide hardware AES support.
I guessed so for libsodium.js, but was hoping that libsodium.js might reach the underlying JS runtime with a possible support (like webcrypto). Additionally, I didn't find any docs which of the libsodium interfaces are missing in libsodium.js. The emscripten-symbols.def
seems to do the trick, once you know where you need to look :)
So, it will never be the case on JavaScript.
Would you be open for a contribution that libsodium.js wrappers call the JS runtime's implementation of AES256GCM (e.g. webcrypto) as a fallback? It feels kind of hacky and I hate switching the XChaCha ciphers to an old AES algorithm, but official recommendations in Germany state AES256 as the ONLY recommended symmetric cipher :( (02.02.24, Page 42, https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR02102/BSI-TR-02102.pdf?__blob=publicationFile&v=10)
On a side note: Is there any link between libsodium.js version and the corresponding libsodium version?
Hi Thomas,
The functions available in libsodium.js
are defined in this directory, with one JSON file per function.
Would you be open for a contribution that libsodium.js wrappers call the JS runtime's implementation of AES256GCM (e.g. webcrypto) as a fallback?
Some non-browser JavaScript runtimes don't support WebCrypto, so that has to be checked, but why not. It can probably be implemented directly in JSON files. The _beforenm_
functions will require storing a copy of the secret key, but that should be doable.
On a side note: Is there any link between libsodium.js version and the corresponding libsodium version?
Not really, because libsodium.js
doesn't expose all the libsodium
features, so its version gets bumped up whenever the JavaScript wrappers themselves do something new or differently.
Hi there,
we would love to see AES256GCM support in libsodium.js. We've added some AES256 wrappers for libsodium.js by ourselves, but we're stuck because it seems libsodium for emscription does not return the respective symbols. It seems the
emscripten-symbols.def
of libsodium disable the generation due to:crypto_aead_aes256gcm_is_available
should at least be available, returning a hardcodedfalse
. So that the possibility of using AES256GCM can be checked, correct?Cheers