Open evilaliv3 opened 8 years ago
Sorry, that page seems dead now. It took me far too long to get to catching up on issues with this repo.
I am trying to avoid external dependencies in this library though. I am considering forking it into my ethers library though, since it would be nice to consolidate the various SHA2 implementations that end up getting swept along, and that way it can easily use the best SHA2 and PBKDF2 implementations available.
Wow... Just noticed this was opened 2016. I'm way behind schedule.
As far as I can see at https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto#Using_SubtleCrypto (scroll down a little to the table), there is no scrypt support in the WebCrypto API.
I tried replacing PBKDF2_HMAC_SHA256_OneIter with a WebCrypto implementation in https://github.com/ricmoo/scrypt-js/pull/26. It seems to work in Chrome but does not help performance.
The PBKDF2/SHA2 functions are only called a small number of times at the start and end of the scrypt algorithm, and likely aren't worth optimizing (for speed, anyway). The PBKDF2 implementation in my fork is a lot faster for large outputs, but it doesn't matter for typical scrypt parameters.
It would be interesting to evaluate usage of the WebCrypto API in order to speed up the computation.
Here is the possible cross compatible way of using the SHA implemented using web workers: https://github.com/globaleaks/GlobaLeaks/blob/master/client/app/js/crypto/main.js#L48
the example takes into account the difference of API implemented by the great and inimitable Internet Explorer.
This would make the library more secure, modern and efficient.