/msrCrypto

GitHub mirror of the MSR JavaScript Cryptography Library

Primary LanguageJavaScriptOtherNOASSERTION

This library has been modified from [the original](https://www.microsoft.com/en-us/download/details.aspx?id=52439).
A list of changes is available in [the commit history](https://github.com/kevlened/msrCrypto/commits/master).

Included Scripts:

	msrcrypto.js 		: Full library
	msrcrypto.min.js	: Full library in minified form
	msrcrypto.aes.js	: AES-CBC and SHA-256 only
   	msrcrypto.aes.min.js	: AES-CBC and SHA-256 only in minified form


Changes with version 1.4.1

	Includes bug fixes to the elliptic curve module, to:
		* avoid erroneous calculations that could theoretically leak private data 
		* correct the NIST p-521 curve definition
		* avoid rare failures in ECDSA when using the curves NUMSP512D1 and NUMSP512T1.

Changes with version 1.4

	The API has been updated to support the latest Web Crypto Api spec and be compatible with the
	implementation on the latest browsers.

	Promises are now supported and the IE11 based events are removed. Crypto calls are now in the 
	form:

	// NEW STYLE with Promises
        msrCrypto.subtle.encrypt(<parameters>).then(
	    function(encryptionResult) {

		... do something here with the result

	    },
	    function(error) {

		... handle error

	    }
        );


	This will break code that uses the pre-1.4 calling conventions:

	// OLD STYLE with events (before version 1.4)
	var cryptoOperation =  msrCrypto.subtle.encrypt(<parameters>);
	
	cryptoOperation.onComplete = 
	    function(encryptionResult) {

		... do something here with the result

	    };

	cryptoOperation.onError = 
	    function(encryptionResult) {

		... handle error

	    };


Samples:

	msrCrypto\samples\MsrCryptoHMACSample.html : sample page that performs HMAC signing.
	msrCrypto\samples\MsrCryptoRsaSample.html  : sample page that performs RSA-OAEP encrypt/decrypt.



API Documentation:

	Microsoft Edge browser has a native Web Crypto API implementation. The msrCrypto API mirrors
	that API. A link to the Microsoft Edge API has been included. Code written to run on the Microsoft 
	Edge API should also run with the msrCrypto API.



Browser compatibility:

   msrCrypto.js is compatible with IE8 and up; latest versions of Chrome, Safari, Opera

   Known issues:
   IE8:		'Catch' is a reserved keyword, so using Promises.catch() function will throw and error.
			To use the catch function use the promise['catch']() form.

   IE8/9:	IE8 & IE9 do not support typed arrays (ArrayBuffer, UInt8Array, etc...). 
			You must use regular Arrays for inputting data into msrCrypto when using IE8/9. 
			Results will be returned as regular Arrays as well. 
			For IE10 and up, results will be returned as an ArrayBuffer.

			IE8 & IE9 do not support web workers. Web workers allow separate threads of
			execution in JavaScript. msrCrypto will use web workers, when available, to 
			perform its crypto work. When web workers are not available, msrCrypto will 
			perform its work synchronously in the main thread.



Bundling & web workers:

	msrCrypto uses web workers when available. Web workers use separate threads of 
	execution to perform work in parallel with the main thread. Web workers are instantiated 
	by calling 'new Worker(pathToJavaScriptFile);' The caller has to provide a valid path at the time
	of web worker creation. The worker will then be created and run the code from the script.
	For msrCrypto to create a new web worker, it determines its own path at load time and passes
	that path to the new Worker() call. For example: new Worker('..\scripts\msrCrypto.js');
	
	If you bundle msrCrypto into a larger JavaScript bundle, web workers will most likely fail.
	msrCrypto will determine its path and call new Worker('..\scripts\bundleOfScript.js').
	The web worker environment does not have access to the browser DOM and several other
	generally available global item. Therefore, the other JavaScript in your bundle will 
	most likely cause an error in the web worker and cause the web worker to quietly fail.

	Do not bundle msrCrypto.js to ensure web workers will function. If you must bundle, you 
	will need to ensure the bundled code will not cause errors in the restricted web worker 
	environment.

	If you cannot avoid bundling and cannot create a web worker friendly bundle, you can
	force msrCrypto to run in synchronous mode. Synchronous mode does not use web workers
	and performs the crypto operations within the main thread. Depending on the crypto 
	operations, you may notice severe slowdowns.

	To force synchronous mode set the following property:
	msrCrypto.subtle.forceSync = true;

	The bundling of the scripts might require the installation of Bundler & Minifier extension:
	https://marketplace.visualstudio.com/items?itemName=MadsKristensen.BundlerMinifier



Native Crypto API:

	As of now, Chrome, Firefox, Opera, IE11 and Microsoft Edge provide access to native crypto API 
	conforming to the W3C web crypto standard.

	msrCrypto does not check for this API nor does it pass crypto calls through to the native
	API. You should use the native API when available. To check for and use the native API do 
	the following:
	var crypto = window.msCrypto | window.crypto | msrCrypto;

	Now use crypto.subtle for your encryption calls.

	IE11's web crypto implementation is a bit different from the newer browsers. The main 
	difference is that it uses events to return the results of api calls. The other browsers
	and msrCrypto uses Promises (as described in the W3C web crypto api spec.)

	You will have to ensure your code can handle the IE11 event conventions if you want
	your code to use the IE11 native web crypto calls.



Random number generator (PRNG):

	Many of msrCrypto's crypto algorithms require random numbers. Random numbers for cryptography
	need to be obtained from a cryptographically secure random number generator. This is not 
	available on older browsers (IE10, IE9, & IE8). 

	msrCrypto has its own secure random number generator written in JavaScript (PRNG). However, the PRNG 
	needs to be initialized with some bytes of random entropy. It is important that this entropy is 
	obtained from a secure random source - such as from a crypto api on the server.

	Once the entropy is obtained initialize the PRNG before calling any functions:
		window.msrCrypto.initPrng(randomArrayOf48Bytes);



Supported Algorithms:

	msrCrypto supports the following algorithms:

		Encryption/Decryption:
			RSA-OAEP, RSA-PKCSv1.15, AES-CBC, AES-GCM

		Signature/Verify
			RSA-PSS, RSA-PKCSv1.15, HMAC, ECDSA

		Hash
			SHA-1, SHA-224, SHA-256, SHA-384, SHA-512

		Derive Key/Bits
			Concat-KDF, ECDH 

		Supported ECC curves:
			P-256, P-384, P-521, BN-254, NUMSP256D1, NUMSP256T1, NUMSP384D1, NUMSP384T1

		KeyWrap
			AES-GCM