Fundamental issues with JS/web crypto aside, that is. You would still need something like WebSign (https://www.cyph.com/websign) or a framework like Electron that allows shipping your application outside of the browser.
Agree on the libsodium recommendation. Stanford probably just suffering a little "not invented here" syndrome.
Libsodium is a solid crypto library with long history. It is also embedded in PHP,HHVM,Citrine and Factor "out of the box" and has bindings for many other languages, not just Javascript.
In my view, any competing crypto library would have to be something super special to outweigh all the pros of libsodium.
Having used SJCL before, I'll just say that it's quite old, and I'm not sure how well maintained it is at this point. It also is likely not using any of the new crypto browser APIs which can speed things up like pbkdf2 a ton. Recommend using something more modern and "on the rails" like libsodium if you have a choice.
Does this add anything that many of the more popular and widely-used crypto libraries offer? I haven't been able to find anything, but am always curious to try new tools.
What would those many libraries offer, deserving switching from SJCL? I particularly like the size of the library; having said that, there could be some more important features.
I'm thinking this from the security point of view. Unless you bring the crypto operations outside the battlefield of JS runtime, any js library is basically unsecure.
[+] [-] buu700|5 years ago|reply
Fundamental issues with JS/web crypto aside, that is. You would still need something like WebSign (https://www.cyph.com/websign) or a framework like Electron that allows shipping your application outside of the browser.
[+] [-] BiteCode_dev|5 years ago|reply
If one plans to use the lib in the browser, it makes a huge difference.
Also, I'm not a crypto expert by any mean, but SJCL seems higher level, and hence, easier to use. Not to mention harder to missuse.
Projects like https://0bin.net have been using it for 7 years, with 500000 visitors in the last few months, so I'd say it's pretty battle tested too.
Not nearly has much as libsodium, of course. But I wouldn't discard SJCL, I think it has a place.
[+] [-] traceroute66|5 years ago|reply
Libsodium is a solid crypto library with long history. It is also embedded in PHP,HHVM,Citrine and Factor "out of the box" and has bindings for many other languages, not just Javascript.
In my view, any competing crypto library would have to be something super special to outweigh all the pros of libsodium.
[+] [-] arvinsim|5 years ago|reply
Would you say that libsodium.js is better?
[+] [-] unknown|5 years ago|reply
[deleted]
[+] [-] kyledrake|5 years ago|reply
[+] [-] carterklein13|5 years ago|reply
[+] [-] avmich|5 years ago|reply
[+] [-] memexy|5 years ago|reply
[+] [-] johnisgood|5 years ago|reply
How relevant is it today?
[+] [-] dchest|5 years ago|reply
[+] [-] BiteCode_dev|5 years ago|reply
[+] [-] d0m|5 years ago|reply
[+] [-] hasa|5 years ago|reply
[+] [-] mikece|5 years ago|reply
[+] [-] BiteCode_dev|5 years ago|reply