Open paulmillr opened 3 years ago
hugomrdias
commented
3 years ago Hey @paulmillr I have a stash at least for pbk so I will get there soon enough. But what would be really important for us would be swap out forge for the RSA stuff but web crypto is well .... Do you have any suggestions for libs that can proper RSA sign/verify in the browser ?
paulmillr
commented
3 years ago Web crypto has rsa implementation built-in. https://gist.github.com/deiu/2c3208c89fbc91d23226
dignifiedquire
commented
3 years ago but it is missing PKCS support for encryption, which we need for compatibility reasons
paulmillr
commented
3 years ago dignifiedquire
commented
3 years ago unfortunately yes: https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/encrypt
supports only OAEP it supports pkcs for signing only, one of the many unpleasant things about the webcrypto api
hugomrdias
commented
3 years ago https://cryptosense.com/blog/choice-of-algorithms-in-the-w3c-crypto-api
Hugo Dias
On Sun, Oct 24, 2021, 10:51 Friedel Ziegelmayer @.***> wrote:
unfortunately yes: https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/encrypt
supports only OAEP it supports pkcs for signing only, one of the many unpleasant things about the webcrypto api
— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/libp2p/js-libp2p-crypto/issues/205#issuecomment-950294099, or unsubscribe https://github.com/notifications/unsubscribe-auth/AACMWTWR6ZKISSPGBP5LLALUIPJKFANCNFSM5GSDTXXQ .
paulmillr
commented
2 years ago It's been audited now, see the blog post.
Hey, saw #202. I've also made noble-hashes recently, which implements all primitives in very minimal format.
It's going to be audited soon, unlike
forge, so you should switch to it.