Comments (12)
The current known issues are here: https://github.com/PeculiarVentures/webcrypto/issues?q=is%3Aissue+is%3Aopen+label%3A%22blocking+deprecation+of+node-webcrypto-ossl%22
We have done benchmarking and in all cases, if I recall correctly the performance between node-webcrypto-ossl was essentially the same or marginally faster. I suspect that there will be no issue but we should create a bug to test for this.
The desire to deprecate the native c module is based on:
- Some people have no C experience and when they encounter issues building they move on to using all JS solutions that are very insecure.
- Maintaining the C version is more costly.
The downsides of doing the switch are (so far):
- People have to switch.
- We get blocked by the node team for support for different algorthms.
- When node deprecates an algorithm we will have to also.
Were open to different approaches here, we just are trying to help the internet with this library.
from webcrypto.
webcrypto
is based on NodeJS crypto
API. The minimum version of NodeJS must be v10. But electron doesn't implement all NodeJS crypto API (etc. generateKeys
). This is why I use node-webcrypto-ossl
for my Fortify project
from webcrypto.
@microshine are you able to build node-webcrypto-ossl for electron on windows?
from webcrypto.
@microshine i saw your fortify project and added
openssl_1_0_2 = 1 to my .npmrc seems like build succeeded.
Thank you
from webcrypto.
@yalamber You must put libeay32.dll
near nodessl.node
(node-webcrypto-oss/build/Release
) or electron.exe
from webcrypto.
@yalamber you can take prebuild openssl here https://github.com/PeculiarVentures/fortify/releases
from webcrypto.
@microshine Thank you so much. I rebuilt using old version of openssl and it went fine.
from webcrypto.
Will this eventually replace node-crypto-ossl?
from webcrypto.
Yes, our current thinking is that once all the blocking issues are addressed (assuming that can be done) we will make that switch.
Right now some algorithms can't be implemented because of issues in node.crypto and there is an issue with running inside Electron applications. We are not aware of any other issues at this time.
from webcrypto.
Are all the blocking issues listed somewhere?
Also I'm concerned about whether the crypto API will be truely async across all the platforms. See the concerns listed on this package: https://www.npmjs.com/package/@ronomon/crypto-async
from webcrypto.
Reopening this issue so people can use it to discuss the topic.
from webcrypto.
Now that nodejs has a webcrypto object crypto.webcrypto
. Does this library use any routines directly from crypto.webcrypto
?
It seems to rely only on node's crypto
library and just reimplements the same interface.
I was using @pecular/x509
and there was an example on the README.md that showed the ability to fill in the crypto provider:
It seemed like this was sufficient:
import { webcrypto } from 'crypto';
import * as x509 from '@peculiar/x509';
x509.cryptoProvider.set(webcrypto as Crypto);
In that case, is there still a reason to use this library if the node version is 16.17+?
from webcrypto.
Related Issues (20)
- "Error: Unknown message digest" caused by crypto.subtle.verify({'name':'ECDSA', 'hash':'SHA-256'}, ...) when bundling via browserify HOT 2
- node14.5安装失败 HOT 1
- Browser support HOT 1
- ArrayBufferViews aren't always aligned with their ArrayBuffer HOT 2
- `oct` JWK should not require alg during importKey HOT 3
- Improve JWK importing
- [webview-crypto] error in `parse` of message & ReferenceError: Property 'abvs' doesn't exist HOT 1
- Can't use AES-WRAP in Electron apps HOT 12
- No support for modulusLength 3072 bit HOT 3
- ECDSA signature variations HOT 3
- Fails to build with the latest typescript HOT 3
- Error: Cannot get schema for 'PrivateKeyInfo' target HOT 3
- Honour hash algo and set salt length when generating RSA-PSS key pairs
- Cannot import private and public key HOT 2
- AES encrypt / decrypt with a passphrase HOT 8
- Incompatibility with Node's Webcrypto when using Ed25519 keys HOT 6
- RSA Public Key re-export results in malformed buffer HOT 2
- Implement Ed mechanisms W3
- Merge dependabot Pull-Request to bump json5 from 1.0.1 to 1.0.2
- Crypto.randomUUID() definition breaks on TypeScript 5 HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from webcrypto.