In terms of crypto in Javascript, from google search result, pidcrypt seems to be the most mentioned library. pidCrypt is a crypto library offering modular cryptographic functions in JavaScript. Supports: AES (CBC & CTR Mode), RSA, MD5, SHA-1, SHA-256, SHA-384, SHA-512, ASN.1, Base64, UTF-8. The AES-CBC mode is compatible to OpenSSL.
In my current project, I am looking for a lightweight library or Javascript class to do Javascript RSA encryption, so I found https://github.com/ziyan/javascript-rsa from github. Before I included them into my project, I tested the performance on Mac OSX for 3 different browsers. And the result is: Google Chrome 24.0.1312.56 is much faster than Safari 6.0.2 and Firefox 18.0.1. Chrome is around 6ms, while Safari/Firefox is around 20ms per encryption.
For test, we need first to generate a keypair using OpenSSL, and it is straightforward on Mac OSX.
openssl genrsa -out private_key.pem 1024
openssl rsa -pubout -in private_key.pem -out public_key.pem
openssl rsa -text -in private_key.pem
Update: 2/24/2013
After evaluating the implementation effort, we decided to change to HMAC from original planned RSA. It is also straightforward when there is existing crypto libraries for hmac.
<script type="text/javascript" src="http://crypto-js.googlecode.com/files/2.0.0-crypto-sha1.js"></script>
<script type="text/javascript" src="http://crypto-js.googlecode.com/files/2.0.0-hmac-min.js"></script>
hmacString = Crypto.HMAC(Crypto.SHA1, message, secret-passphrase, { asString: true })
base64String = $.base64.encode(hmacString);
No comments:
Post a Comment