[security-dev] JS libraries for crypto and signatures
Anil Saldhana
Anil.Saldhana at redhat.com
Thu Apr 10 10:44:57 EDT 2014
An important topic.
Until the W3C Web Cryptographic Group
(http://www.w3.org/2011/11/webcryptography-charter.html)
finalizes its standard and we have conforming implementations,
the question of trustworthy implementations cannot be really answered.
If the JS library is just implementing signature or crypto algorithms
and you have tested it, may be you
should go for it.
The situation is very similar to the following:
- JSON processing (Until JSON-P JSR https://jcp.org/en/jsr/detail?id=353
was finalized, we could go either with Jackson or other json library)
- Captcha libraries (there are many)
Your application has to choose one and go forward.
On 04/10/2014 09:07 AM, Pedro Igor Silva wrote:
> Hi,
>
> Have you ever looked/used these JS libraries for crypto and signature ?
>
> https://github.com/kjur/jsrsasign
>
> I did some signatures tests and it seems to work fine. Wondering if someone have used it for real ...
>
> Regards.
> Pedro Igor
More information about the security-dev
mailing list