

OpenPGP JavaScript implementation - Sami_Lehtinen
https://github.com/openpgpjs/openpgpjs

======
mrmekon
If anybody uses this, please keep in mind the differences in security
possibilities between native C code and Javascript.

Both this and GnuPG encrypt and decrypt data with PGP keys. GnuPG, however,
does this _securely_ , in many, many senses of the word. For instance, GnuPG
maps all of its buffers to protected memory pages, and clears its buffers
frequently and early.

A very large portion of GnuPG's code is dedicated to _protecting your private
keys_ , and the techniques that they use simply aren't available to
javascript.

This doesn't mean the JS library is bad, it's just a good thing to keep in
mind. Don't run your nuclear launch codes through this.

~~~
oconnore
<https://github.com/eschulte/node-gpg>

(a Javascript PGP library that might be safe for nuclear launch codes)

~~~
mrmekon
This is not a PGP library. It's a wrapper around gpgme, which in turn is a
wrapper around gnupg. node-gpg just exposes the GnuPG command line as
javascript functions.

~~~
oconnore
And nodejs is not a javascript server, it's just a wrapper around V8 and the
kernel's socket API? Linux is not an operating system kernel, it's just a
wrapper around X86?

That distinction is silly.

~~~
mrmekon
Nothing is anything. We're all just subatomic particles destined for heat
death

But, really:

openpgpjs, the topic of the article, is a program that implements the OpenPGP
standard, and the cryptographic algorithms it depends on.

node-gpg, the topic of this comment, does not implement any part of the
OpenPGP standard, nor any cryptographic algorithms. It executes a local C
program, GnuPG. If you don't have that C program, it does nothing.

Suggesting that they are the same thing is silly. The distinction is
_massive_.

Otherwise, I could claim I just implemented a world-class PGP implementation!
To try it out, just run: perl -e "exec 'gpg'"

------
losvedir
Sigh, the comments on this page are abysmal. Since no one has shouted the
(correct) party line yet: DON'T USE CRYPTOGRAPHY IN THE BROWSER.

This is an example of cargo cult thinking: well, cryptography is good, right?
It protects me. I wish I had ENCRYPTED WEBMAIL, wow!

But seriously, think for a second what the threat model is.

Do you trust the webmail host to securely store your data and only give it up
under warrants, etc? If so, then ordinary plain text communication over SSL is
fine.

Do you not trust the host? Then them saying "oh, look at us, we're encrypting
your emails" shouldn't make you feel any better. I mean, if you use the site
to view your damn emails, then THEY'RE SITTING THERE "DECRYPTED" ON THE PAGE,
and the host that you don't trust can do a simple $.post(...) of its contents,
for example.

I seriously fail to see any example where this library is useful. Anyone have
suggestions? In your suggestion be sure to note whether you trust the host or
not, and if so why not just use SSL, and if not, why the host can't just
bypass it with a line of jquery.

~~~
tinco
There are circumstances where you can trust the host. For example if you run
it yourself. I myself would like to run a self-hosted gmail clone if I can
find a decent one.

I could even use gmail as the pop3/smtp server, if the mails are encrypted
anyway.

Anyway if you control the host, and it communicates with you through SSL using
a self-signed certificate, and you make sure you have no awkward browser
extensions installed then your attack vectors are dwindling fast.

~~~
zokier
If you are trusting the host, why not let it do the encryption instead and
make the whole system a whole lot more secure.

~~~
tinco
That is a true point :) But keep in mind that there is something to be said
for not storing encrypted data on the same machine as the key.

Ofcourse once the machine is compromised it can trick you into giving it the
key, but there are also countless scenarios where that is not possible. It is
really an improvement onto your security.

Lets not pretend that read-protected memory is such a secure way of storing
private keys.

~~~
zokier
If JS sent by server has access to your key, then by that proxy the server has
access to the key too. The security is equivalent to having key stored in
encrypted form and decrypted only for the duration of the session/use and the
password not being stored on the server.

------
DanBC
Please: have fun playing with your toy crypto systems. Enjoy making and
breaking them. Use it for learning how to implement stuff, and where the
difficulties are in implementing secure crypto. Perhaps even use them if your
security needs are mild.

But don't release them as products. Especially don't release them as RFC
compliant secure products!

A few people need effective security. Not having good crypto puts those people
at risk of lifetime imprisonment, or death, or torture.

Proper cryptography is _hard_. There are very many seemingly small things that
can ruin the security of the cryptography.

This is something that well funded governments have struggled with. The people
involved with making and breaking crypto systems are smart, and experienced,
and sometimes have considerable resources available to them.

------
Stubbs
I really hope this takes off, there have been several efforts to bring PKS &
PKE to the browser than have unfortunately just withered & died.

WebPG (<http://webpg.org/>) is the best implementation so far for GMail
integration, and as far as I can tell it's the only one still being developed,
but it falls over at the last hurdle, it won't send the email :)

As a resident of the UK, with our governments boner for introducing a snoopers
charter this kind of thing really interests me.

~~~
DanBC
The snoopers charter is not interested in message content at all. It is only
interested in dates and times and recipients and senders.

Encrypting the content of your messages will do nothing to prevent people from
getting the information available to them under the snoopers charter.

(<http://www.bbc.co.uk/news/uk-northern-ireland-20677850>)

------
rubbingalcohol
This is incredible. This is something I've wanted for so long. Serious kudos
to the developers.

Also, check out their site at <http://openpgpjs.org/>

------
pfortuny
There is something I do not get. Everybody complaining about 'do not use this
is the browser' but...

Would it not be possible to develop a 'client' node.js _application_ with this
library?

I mean, node.js is all the rave out there for severs but surely you can use it
in (so to say) bundled client apps?

Please: correct me, for I may be wrong (I have _no_ idea of node.js) but it
does not sound like 'nuts' to me. Just another language, another runtime,
another PGP library. Download once, run whenever you need it.

~~~
deelowe
node.js doesn't run in the browser. It's typically a server side application.
And, yes, I think most would agree that node.js might be one of the few valid
use cases for this.

~~~
mrmekon
Except this library doesn't have proper memory protection, and node.js has
system access so it could just use GnuPG and be a lot more secure (and almost
certainly faster, too).

------
616c
This is a problem I am interested in a lot, and is perhaps the only reason I
cannot completely move away from dedicated email clients on my computer.

I am not well-versed in the issue, but I have read the infamous Masanto
cryptography in JS article, rebuttals, differents JS projects revolving around
cryptography.

I currently am evaluating Firefox's WebPG for some functionality, but the dev
has to work hard to basically build a Firefox plugin (in JS, so we are back to
the same problem) to call GnuPG calls and return the data.

So, we have browser specific plugins and web-app code in a language that is
controversially unsuitable for such use in decryption cases. What can we use
as alternative to secure web applications? Does asm.js change anything? As far
as I can tell, no. Alternative browser languages? I guess, but still a pain.
Are we going to have to build this functionality into web browsers, as a
standard or otherwise. I am generally curious what people who are trying to
engage this problem see in the future.

------
Osmium
There seems to be a certain irony here that the recent "doing cryptography in
the browser with JavaScript is a bad idea" articles seems to have spurred
people's interest in doing just that! It's almost like the Streisand effect.
Oh well.

------
nodesocket
Can somebody provide some practical use cases?

~~~
bigiain
Plausible deniability.

I can get you to encrypt data with your public key before I upload it to my
server. If the cops ever come to _me_ asking for your data, I can say "Sure!
Here's the pgp encrypted blob. Sorry, I never get to see the unencrypted
data." (Unfortunately, as per xkcd #538, they'll then just hit me with a $5
wrench until I send you a version of the OpenGPG javascript that bypasses the
encryption step…)

------
posixplz
Won't really ever be useful for decryption unfortunately. Not until we solve
the gpg+pcks11+browser smartcard debacle.

------
aioprisan
are there any benchmarks for this piece's speed?

