Hacker News new | past | comments | ask | show | jobs | submit login

Hello,

maybe a stupid question, but any reason why not use OpenPGP.js?

Is it even worse for your case than SJCL?




Not a stupid question at all. We actually considered this option, but OpenPGP.js looked pretty bad back then.

Security-wise the library wasn't in good shape. One of our cryptographers would "classify [OpenPGP.js] as trash". It has been audited recently, but the result doesn't look very good either [1]. I don't know the current status though.

OpenPGP.js didn't actually implement most of the ciphers - it just imported them from various sources. This made the library inconsistent, i.e., some functions expect string, while others expect byte array, which in turn made it harder to use correctly in a language like Javascript. If we chose OpenPGP.js, we needed to change these ciphers anyway, so we thought it's just better to write them from scratch.

[1] https://cure53.de/pentest-report_openpgpjs.pdf.


I'm a contributor to OpenPGP.js. I understand your choice as the code was indeed in quite bad shape several months ago. I do want to point out though, that the code has gone through a big refactoring an cleanup since then: https://github.com/openpgpjs/openpgpjs/releases

We also fixed all critical, high and medium issue: https://github.com/openpgpjs/openpgpjs/wiki/Cure53-security-...

Having said that, a consistent rewrite using typed array and native web crypto apis under the hood does indeed sound very reasonable. I saw that native web crypto is not used throughout. What are your plans in regards to web crypto?

Also what is the predicted timeline for getting End-to-End into a production ready state? We would be quite interested in using it as a standalone library in our Chrome Packaged App: https://whiteout.io

Thanks


Thanks for the update on OpenPGP.js.

> What are your plans in regards to web crypto?

The plan is to use WebCrypto if it's available. We've moved RSA to WebCrypto, and the next targets are ECDH and ECDSA.

> Also what is the predicted timeline for getting End-to-End into a production ready state? We would be quite interested in using it as a standalone library in our Chrome Packaged App: https://whiteout.io

I can't tell you about our timeline for the extension. But if you just want to use the crypto library, you may want to wait for a couple of weeks, just to make sure none discovers any serious vulnerabilities.

I like WhiteOut. It's a great product in the right direction. We really want and will support the usage of the library in products like yours.


Thanks for for reply. I'm wondering if you know if it's possible to use the AES-CFB mode from the Web Crypto Apis, since the OpenPGP CFB (resync) mode seems to have special requirements?

> I like WhiteOut. It's a great product in the right direction. We really want and will support the usage of the library in products like yours.

Thanks! Is there a guide somewhere that explains how to build the standalone lib?


> Thanks for for reply. I'm wondering if you know if it's possible to use the AES-CFB mode from the Web Crypto Apis, since the OpenPGP CFB (resync) mode seems to have special requirements?

I haven't looked into it.

> Thanks! Is there a guide somewhere that explains how to build the standalone lib?

No, there isn't. But can you file a bug with us? I'll make sure we have something for you.

PS: how can I contact you?


My email is tankred@whiteout.io


IIRC, openpgp.js is what both Lavaboom and Protonmail use.


Thanks.

I considered using OpenPGP.js in one project, I didn't go so deep though. Thanks for the information.




Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: