Crypto discussion

[MikeZeDev]

There was a talk about getting rid of CryptoJS dependency used in Hakuneko for Haruneko.

First here is a summary of website/connectors witch CryptoJS references, and some words about uses and replacement with SubtleCrypto :

• Batoto : use in injected script, so we dont care✔️

• Cerisescan : use in injected script, so we dont care , ✔️

• Comikfuz : use AES. " formatter: CryptoJS.format.OpenSSL" doesnt change anything apparently. ✔️

• CocoManhua : see Mangadig ✔️

• Comico : use SHA256 and AES . Successfully recoded with Subtle ✔️

• Comikey : ❓

• GManga : use AES and SHA256. Recoded using Subtle .TEMPLATE ✔️

• HeroScan: use in injected script, so we dont care (and site is dead), ✔️

• Mangadig : use AES. ✔️

• MangaFox : use SHA256 to check for ad picture. No problem at all i think. TEMPLATE ✔️

• MangaHere : see MangaFox ✔️

• MangaPark (and derivated) : use in injected script, so we dont care✔️

• MangaSY : use in injected script, so we dont care✔️

• MangaTales : check GMANGA ✔️

• MangaZ : use AES. Successfully recoded with Subtle ✔️

• ManhuaScan : use in injected script, so we dont care✔️

• PixivComics : removed MD5 uses, now uses SHA256, should be ok ✔️

• SinensisScan : use in injected script, so we dont care✔️

• VRV : uses HMAC signing. SubtleCrypto support HMAC iirc . TEMPLATE ❓

• we use the encoding stuff of CryptoJS to encode Page parameter, but its now useless in Haruneko (?).✔️

• Settings are crypted using AES using CryptoJS since there are sensitive data (websites login and passwords) ✔️

[MikeZeDev]

See also https://github.com/manga-download/haruneko/pull/156/files

[MikeZeDev]

Pixiv dropped MD5. <3

[MikeZeDev]

Comic FUZ works without problems https://github.com/manga-download/haruneko/pull/332

[MikeZeDev]

Coco/Mangadig done using subtle 👍