txiki.js icon indicating copy to clipboard operation
txiki.js copied to clipboard
verified publisher icon saghul

Add cryptographic operations with libsodium

Open saghul opened this issue 3 years ago • 4 comments

Check how mush of the WebCrypto API can be implemented with it.

saghul avatar Mar 29 '22 09:03 saghul

Not much. libsodium is very much built around the principle of "there's only one way to do it" so there's only one way to hash, one way to encrypt, etc. WebCrypto on the other hand is a smorgasbord of hashes, ciphers, and so on.

bnoordhuis avatar Mar 31 '22 08:03 bnoordhuis

I was thinking about having something like a minimal WebCrypto of sorts. Not too keen on wrapping OpenSSL :-P

saghul avatar Mar 31 '22 08:03 saghul

Supporting only SHA-256 and SHA-512 (but not SHA-384) in digest() could work but, excepting HMAC, there's nothing in libsodium that's suitable for encrypt/decrypt(), sign/verify(), or key management.

If you could get over the Rust hump, you can lift deno's webcrypto implementation almost verbatim. :p

bnoordhuis avatar Mar 31 '22 09:03 bnoordhuis

If you could get over the Rust hump, you can lift deno's webcrypto implementation almost verbatim. :p

Maaaaybe :-)

saghul avatar Mar 31 '22 10:03 saghul