Pomcor JavaScript Cryptographic Library
npm install pjclThis is version 1.0.0 of the Pomcor JavaScript Cryptographic Library
(PJCL), which has been refactored as an ES6 module and is primarily
intended at this time as a tool for implementing phishing-resistant
cryptographic authentication in web applications, as demonstrated in
the companion repositories
fcorella/crypto-authn-demo-nosql
and
fcorella/crypto-authn-demo-sql.
The file pjcl-with-argument-checking.js augments pjcl.js with code
that checks the arguments of cryptographic functions, to help with
debugging programs that use the library. The file pjcl.js is derived
from the file pjcl-with-argument-checking.js by commenting out the
argument-checking preambles of the functions.
PJCL uses Deterministic Random Bit Generators (DRBGs) as specified in
NIST Special publication 800-90A Revision 1 for generation of random
bits, and needs sources of entropy. The companion repositories
show how /dev/random can be used to obtain server entropy when PJCL is
used on the backend, under Nodejs, and how browser entropy can be
combined with entropy downloaded from the server when PJCL is used on
the front end. The functions in browser-entropy.js provide browser
entropy obtained from the Crypto.getRandomValues() method of the Web
Crypto API.
Extensive cryptographic documentation can be found in the PDF file
pjcl-documentation.pdf,
which is now in the repository together with its latex source file
pjcl-documentation.tex.
Beta test versions of PJCL, not published on GitHub, were available
on the Pomcor
site. The
beta test versions have been archived and
deprecated and
are no longer maintained. Any bugs found in this or future versions
of PJCL should be reported through the Pomcor contact form at
https://pomcor.com/contact-us/ .