A cryptography library developed by Microsoft Research has been released for researchers and developers.
The library is described as being under active development. It is intended for use with HTML-5 cloud services. The algorithms in the library are exposed using the W3C Web Cryptography interface. This is an API that lets you create secure web apps without the need for a secure connection using SSL or similar protocols.
The actions specified by the Web Cryptography API let you carry out the following:
Protected document exchange
Data integrity protection
The cryptographic functions currently included in the library start with RSA PKCS#1 v1.5, OAEP, and PSS. AES-CBC and GCM are also supported. Secure Hash Standard (SHA) 256, 384 and 512 are supported, alongside HMAC with supported hash functions, PRNG (AES-CTR based) as specified by NIST, ECDH, ECDSA, and KDF (Concat mode).
The library includes big number integer arithmetic to support the cryptographic algorithms, and this element of the library is, according to Microsoft Research, likely to change in future releases. In its current form it supports unsigned big integer arithmetic with addition, subtraction, multiplication, division, reduction, inversion, GCD, extended Euclidean algorithm (EEA), Montgomery multiplication, and modular exponentiation.
Other elements in the library are utility functions such as endianness management and conversion routines.
One of the foundations of AJAX, it is what made it possible, is the XMLHttpRequest method, which allows you to programatically download new data and resources. It isn't perfect but it seems to work. M [ ... ]