Home Manual Reference Source

jscu: A Universal Cryptographic Library for JavaScript

--

Unit Test codecov Maintainability License: MIT

WARNING: At this time this solution should be considered suitable for research and experimentation, further code and security review is needed before utilization in a production application.

NOTE: This repository is a monorepo of a universal cryptographic library for JavaScript called js-crypto-utils (jscu), which is designed to work in most modern browsers and Node.js. A detailed explanation would be given in each package repository. The root package is given here (in develop branch).

Terminated to support MS IE11 and released v1.0 (Sep. 30, 2020).

Introduction and overview of this monorepo

This project called jscu is being developed to provide unified cryptographic APIs for browsers and Node.js. There currently exist various sophisticated cryptographic suites for JavaScript that are implemented as native functions, e.g., WebCrypto API and crypto in Node.js. However, they have different interfaces and are NOT supported on all platforms. For instance, FireFox cannot be fed PKCS8-formatted private key in WebCrypto API but Chrome does. On the other hand, such suites have not been designed to keep compatibility with existing non-Web cryptographic suites like OpenSSL. This can be seen from the fact that WebCrypto API does not support PEM-formatted keys. Hence we (actually I!) need to write ugly codes to enable apps to work in various environments. From this observation, we aim that this library provides support functions to fill such gaps among JS cryptographic suites and that between JavaScript and other popular crypto suites.

In particular, this library provides unified APIs of the following cryptographic functions that work in most modern browsers and Node.js.

Additionally, this library provides random, hash, AES, HMAC, HKDF, and PBKDF functions. This implies the jscu is composed of several subpackages and can be seen as a cryptographic suite like openpgpjs. The root package, js-crypto-utils, of the suite and its subpackages are listed as follows.

The structure of the package is described in the README.md of the root package, and hence we should start from there. But we can use various cryptographic functions not only via the root package, js-crypto-utils, but also by directly importing subpackages of intended functions. We should refer to README.md of each subpackage for its detailed usage.

For developers and contributors

Using npm package is the simplest way to fully leverage jscu functions. Considering you fork, develop, and update jscu packages themselves, i.e., as developers and contributors, usage of this monorepo and procedures for NPM deployment are summarized as follows.

Contributing

jscu is free, open-source software licensed under MIT License.

You can open issues for bugs you've found or features you think are missing. You can also submit pull requests to this repository.

Contributors are more than welcome!

Documentation

The jscu documentation is a dynamically generated site from this monorepo via esdoc. You can submit pull requests to 'docs' of this monorepo for document updates.