haruneko
haruneko copied to clipboard
manga-download
Crypto discussion
There was a talk about getting rid of CryptoJS dependency used in Hakuneko for Haruneko.
First here is a summary of website/connectors witch CryptoJS references, and some words about uses and replacement with SubtleCrypto :
-
Batoto : use in injected script, so we dont care✔️
-
Cerisescan : use in injected script, so we dont care , ✔️
-
Comikfuz : use AES. " formatter: CryptoJS.format.OpenSSL" doesnt change anything apparently. ✔️
-
CocoManhua : see Mangadig ✔️
-
Comico : use SHA256 and AES . Successfully recoded with Subtle ✔️
-
Comikey : ❓
-
GManga : use AES and SHA256. Recoded using Subtle .TEMPLATE ✔️
-
HeroScan: use in injected script, so we dont care (and site is dead), ✔️
-
Mangadig : use AES. ✔️
-
MangaFox : use SHA256 to check for ad picture. No problem at all i think. TEMPLATE ✔️
-
MangaHere : see MangaFox ✔️
-
MangaPark (and derivated) : use in injected script, so we dont care✔️
-
MangaSY : use in injected script, so we dont care✔️
-
MangaTales : check GMANGA ✔️
-
MangaZ : use AES. Successfully recoded with Subtle ✔️
-
ManhuaScan : use in injected script, so we dont care✔️
-
PixivComics : removed MD5 uses, now uses SHA256, should be ok ✔️
-
SinensisScan : use in injected script, so we dont care✔️
-
VRV : uses HMAC signing. SubtleCrypto support HMAC iirc . TEMPLATE ❓
-
we use the encoding stuff of CryptoJS to encode Page parameter, but its now useless in Haruneko (?).✔️
-
Settings are crypted using AES using CryptoJS since there are sensitive data (websites login and passwords) ✔️
Comic FUZ works without problems https://github.com/manga-download/haruneko/pull/332