Open MikeZeDev opened 1 year ago
There was a talk about getting rid of CryptoJS dependency used in Hakuneko for Haruneko.
First here is a summary of website/connectors witch CryptoJS references, and some words about uses and replacement with SubtleCrypto :
Batoto : use in injected script, so we dont care✔️
Cerisescan : use in injected script, so we dont care , ✔️
Comikfuz : use AES. " formatter: CryptoJS.format.OpenSSL" doesnt change anything apparently. ✔️
CocoManhua : see Mangadig ✔️
Comico : use SHA256 and AES . Successfully recoded with Subtle ✔️
Comikey : ❓
GManga : use AES and SHA256. Recoded using Subtle .TEMPLATE ✔️
HeroScan: use in injected script, so we dont care (and site is dead), ✔️
Mangadig : use AES. ✔️
MangaFox : use SHA256 to check for ad picture. No problem at all i think. TEMPLATE ✔️
MangaHere : see MangaFox ✔️
MangaPark (and derivated) : use in injected script, so we dont care✔️
MangaSY : use in injected script, so we dont care✔️
MangaTales : check GMANGA ✔️
MangaZ : use AES. Successfully recoded with Subtle ✔️
ManhuaScan : use in injected script, so we dont care✔️
PixivComics : removed MD5 uses, now uses SHA256, should be ok ✔️
SinensisScan : use in injected script, so we dont care✔️
VRV : uses HMAC signing. SubtleCrypto support HMAC iirc . TEMPLATE ❓
we use the encoding stuff of CryptoJS to encode Page parameter, but its now useless in Haruneko (?).✔️
Settings are crypted using AES using CryptoJS since there are sensitive data (websites login and passwords) ✔️
See also https://github.com/manga-download/haruneko/pull/156/files
Pixiv dropped MD5. <3
Comic FUZ works without problems https://github.com/manga-download/haruneko/pull/332
Coco/Mangadig done using subtle 👍
There was a talk about getting rid of CryptoJS dependency used in Hakuneko for Haruneko.
First here is a summary of website/connectors witch CryptoJS references, and some words about uses and replacement with SubtleCrypto :
Batoto : use in injected script, so we dont care✔️
Cerisescan : use in injected script, so we dont care , ✔️
Comikfuz : use AES. " formatter: CryptoJS.format.OpenSSL" doesnt change anything apparently. ✔️
CocoManhua : see Mangadig ✔️
Comico : use SHA256 and AES . Successfully recoded with Subtle ✔️
Comikey : ❓
GManga : use AES and SHA256. Recoded using Subtle .TEMPLATE ✔️
HeroScan: use in injected script, so we dont care (and site is dead), ✔️
Mangadig : use AES. ✔️
MangaFox : use SHA256 to check for ad picture. No problem at all i think. TEMPLATE ✔️
MangaHere : see MangaFox ✔️
MangaPark (and derivated) : use in injected script, so we dont care✔️
MangaSY : use in injected script, so we dont care✔️
MangaTales : check GMANGA ✔️
MangaZ : use AES. Successfully recoded with Subtle ✔️
ManhuaScan : use in injected script, so we dont care✔️
PixivComics : removed MD5 uses, now uses SHA256, should be ok ✔️
SinensisScan : use in injected script, so we dont care✔️
VRV : uses HMAC signing. SubtleCrypto support HMAC iirc . TEMPLATE ❓
we use the encoding stuff of CryptoJS to encode Page parameter, but its now useless in Haruneko (?).✔️
Settings are crypted using AES using CryptoJS since there are sensitive data (websites login and passwords) ✔️