Forge
A native implementation of TLS (and various other cryptographic tools) in JavaScript.
Introduction
The Forge software is a fully native implementation of the TLS protocol in JavaScript as well as a set of tools for developing Web Apps that utilize many network resources.
Performance
Forge is fast. Benchmarks against other popular JavaScript cryptography libraries can be found here:
http://dominictarr.github.io/crypto-bench/
http://cryptojs.altervista.org/test/simulate-threading-speed_test.html
Getting Started
Node.js
If you want to use forge with node.js, it is available through npm
:
https://npmjs.org/package/node-forge
Installation:
npm install node-forge
You can then use forge as a regular module:
var forge = require('node-forge');
Requirements
- General
- Optional: GNU autotools for the build infrastructure if using Flash.
- Building a Browser Bundle:
- nodejs
- npm
- Testing
- nodejs
- Optional: Python and OpenSSL development environment to build
- a special SSL module with session cache support for testing with flash.
- http://www.python.org/dev/
- http://www.openssl.org/
- Debian users should install python-dev and libssl-dev.
- Optional: Flash
- A pre-built SocketPool.swf is included.
- Adobe Flex 3 SDK to build the Flash socket code.
- http://opensource.adobe.com/wiki/display/flexsdk/
Building a browser bundle
To create a minimized JavaScript bundle, run the following:
npm install
npm run minify
This will create a single minimized file that can be included in the browser:
js/forge.min.js
Include the file via:
Note that the minify script depends on the requirejs package, and that the requirejs binary 'r.js' assumes that the name of the node binary is 'node' not 'nodejs', as it is on some systems. You may need to change the hashbang line to use 'nodejs' or run the command manually.
To create a single non-minimized file that can be included in the browser:
npm install
npm run bundle
This will create:
js/forge.bundle.js
Include the file via:
The above bundles will synchronously create a global 'forge' object.
Keep in mind that these bundles will not include any WebWorker scripts (eg: prime.worker.js) or their dependencies, so these will need to be accessible from the browser if any WebWorkers are used.
Testing with NodeJS & RequireJS
A test server for node.js can be found at ./nodejs
. The following are included:
- Example of how to use
forge
within NodeJS in the form of a mocha test. - Example of how to serve
forge
to the browser using RequireJS.
To run:
cd nodejs
npm install
npm test
npm start
Old build system that includes flash support
To build the whole project, including Flash, run the following:
$ ./build-setup
$ make
This will create the SWF, symlink all the JavaScript files, and build a Python
SSL module for testing. To see configure options, run ./configure --help
.
Old test system including flash support
A test server is provided which can be run in TLS mode and non-TLS mode. Use the --help option to get help for configuring ports. The server will print out the local URL you can vist to run tests.
Some of the simplier tests should be run with just the non-TLS server::
$ ./tests/server.py
More advanced tests need TLS enabled::
$ ./tests/server.py --tls
Contributing
Any contributions (eg: PRs) that are accepted will be brought under the same license used by the rest of the Forge project. This license allows Forge to be used under the terms of either the BSD License or the GNU General Public License (GPL) Version 2.
See: LICENSE
If a contribution contains 3rd party source code with its own license, it may retain it, so long as that license is compatible with the Forge license.
Documentation
Transports
Ciphers
PKI
Message Digests
Utilities
If at any time you wish to disable the use of native code, where available,
for particular forge features like its secure random number generator, you
may set the disableNativeCode
flag on forge
to true
. It
is not recommended that you set this flag as native code is typically more
performant and may have stronger security properties. It may be useful to
set this flag to test certain features that you plan to run in environments
that are different from your testing environment.
To disable native code when including forge in the browser:
forge = disableNativeCode: true;// now include forge script file(s)// Note: with this approach, script files *must*// be included after initializing the global forge var // alternatively, include script files first and then callforge = ; // Note: forge will be permanently reconfigured now;// to avoid this but use the same "forge" var name,// you can wrap your code in a function to shadow the// global var, eg: { // ...};
To disable native code when using node.js:
var forge = disableNativeCode: true;
Transports ### TLS
Provides a native javascript client and server-side TLS implementation.
Examples
// create TLS clientvar client = forgetls; // start the handshake processclient; // when encrypted TLS data is received from the server, process itclient; // create TLS servervar server = forgetls; // when encrypted TLS data is received from the client, process itserver;
Connect to a TLS server using node's net.Socket:
var socket = ; var client = forgetls; socket;socket;socket; // connect to google.comsocket; // or connect to gmail's imap server (but don't send the HTTP header above)//socket.connect(993, 'imap.gmail.com');
Provides a native JavaScript mini-implementation of an http client that uses pooled sockets.
Examples
// create an HTTP GET requestvar request = forgehttp; // send the request somewhere; // receive responsevar buffer = forgeutil;var response = forgehttp;var { if!responsebodyReceived buffer; if!responseheaderReceived ifresponse console; ifresponseheaderReceived && !responsebodyReceived ifresponse console; };
Provides some SSH utility functions.
Examples
// encodes (and optionally encrypts) a private RSA key as a Putty PPK fileforgessh; // encodes a public RSA key as an OpenSSH fileforgessh; // encodes a private RSA key as an OpenSSH fileforgessh; // gets the SSH public key fingerprint in a byte bufferforgessh; // gets a hex-encoded, colon-delimited SSH public key fingerprintforgessh;
Provides an XmlHttpRequest implementation using forge.http as a backend.
Examples
Provides an interface to create and use raw sockets provided via Flash.
Examples
Ciphers ### CIPHER
Provides a basic API for block encryption and decryption. There is built-in support for the ciphers: AES, 3DES, and DES, and for the modes of operation: ECB, CBC, CFB, OFB, CTR, and GCM.
These algorithms are currently supported:
- AES-CBC
- AES-CFB
- AES-OFB
- AES-CTR
- AES-GCM
- 3DES-ECB
- 3DES-CBC
- DES-ECB
- DES-CBC
When using an AES algorithm, the key size will determine whether AES-128, AES-192, or AES-256 is used (all are supported). When a DES algorithm is used, the key size will determine whether 3DES or regular DES is used. Use a 3DES algorithm to enforce Triple-DES.
Examples
// generate a random key and IV// Note: a key size of 16 bytes will use AES-128, 24 => AES-192, 32 => AES-256var key = forgerandom;var iv = forgerandom; /* alternatively, generate a password-based 16-byte keyvar salt = forge.random.getBytesSync(128);var key = forge.pkcs5.pbkdf2('password', salt, numIterations, 16);*/ // encrypt some bytes using CBC mode// (other modes include: CFB, OFB, CTR, and GCM)var cipher = forgecipher;cipherstartiv: iv;cipher;cipher;var encrypted = cipheroutput;// outputs encrypted hexconsole; // decrypt some bytes using CBC mode// (other modes include: CFB, OFB, CTR, and GCM)var decipher = forgecipher;decipherstartiv: iv;decipher;decipher;// outputs decrypted hexconsole; // encrypt some bytes using GCM modevar cipher = forgecipher;cipherstart iv: iv // should be a 12-byte binary-encoded string or byte buffer additionalData: 'binary-encoded string' // optional tagLength: 128 // optional, defaults to 128 bits;cipher;cipher;var encrypted = cipheroutput;var tag = ciphermodetag;// outputs encrypted hexconsole;// outputs authentication tagconsole; // decrypt some bytes using GCM modevar decipher = forgecipher;decipherstart iv: iv additionalData: 'binary-encoded string' // optional tagLength: 128 // optional, defaults to 128 bits tag: tag // authentication tag from encryption;decipher;var pass = decipher;// pass is false if there was a failure (eg: authentication tag didn't match)ifpass // outputs decrypted hex console;
Using forge in node.js to match openssl's "enc" command line tool (Note: OpenSSL "enc" uses a non-standard file format with a custom key derivation function and a fixed iteration count of 1, which some consider less secure than alternatives such as OpenPGP/GnuPG):
var forge = ;var fs = ; // openssl enc -des3 -in input.txt -out input.enc { var input = fs; // 3DES key and IV sizes var keySize = 24; var ivSize = 8; // get derived bytes // Notes: // 1. If using an alternative hash (eg: "-md sha1") pass // "forge.md.sha1.create()" as the final parameter. // 2. If using "-nosalt", set salt to null. var salt = forgerandom; // var md = forge.md.sha1.create(); // "-md sha1" var derivedBytes = forgepbe; var buffer = forgeutil; var key = buffer; var iv = buffer; var cipher = forgecipher; cipherstartiv: iv; cipher; cipher; var output = forgeutil; // if using a salt, prepend this to the output: ifsalt !== null output; // (add to match openssl tool output) output; output; fs;} // openssl enc -d -des3 -in input.enc -out input.dec.txt { var input = fs; // parse salt from input input = forgeutil; // skip "Salted__" (if known to be present) input; // read 8-byte salt var salt = input; // Note: if using "-nosalt", skip above parsing and use // var salt = null; // 3DES key and IV sizes var keySize = 24; var ivSize = 8; var derivedBytes = forgepbe; var buffer = forgeutil; var key = buffer; var iv = buffer; var decipher = forgecipher; decipherstartiv: iv; decipher; var result = decipher; // check 'result' for true/false fs;}
Provides AES encryption and decryption in CBC, CFB, OFB, CTR, and GCM modes. See CIPHER for examples.
### DESProvides 3DES and DES encryption and decryption in ECB and CBC modes. See CIPHER for examples.
### RC2Examples
// generate a random key and IVvar key = forgerandom;var iv = forgerandom; // encrypt some bytesvar cipher = forgerc2;cipherstartiv;cipher;cipher;var encrypted = cipheroutput;// outputs encrypted hexconsole; // decrypt some bytesvar cipher = forgerc2;cipherstartiv;cipher;cipher;// outputs decrypted hexconsole;
PKI
Provides X.509 certificate and RSA public and private key encoding, decoding, encryption/decryption, and signing/verifying.
### RSAExamples
var rsa = forgepkirsa; // generate an RSA key pair synchronouslyvar keypair = rsa; // generate an RSA key pair asynchronously (uses web workers if available)// use workers: -1 to run a fast core estimator to optimize # of workersrsa; // generate an RSA key pair in steps that attempt to run for a specified period// of time on the main JS threadvar state = rsa;var { // run for 100 ms if!rsa ; else // done, turn off progress indicator, use state.keys };// turn on progress indicator, schedule generation to run; // sign data with a private key and output DigestInfo DER-encoded bytes// (defaults to RSASSA PKCS#1 v1.5)var md = forgemdsha1;md;var signature = privateKey; // verify data with a public key// (defaults to RSASSA PKCS#1 v1.5)var verified = publicKey; // sign data using RSASSA-PSS where PSS uses a SHA-1 hash, a SHA-1 based// masking function MGF1, and a 20 byte saltvar md = forgemdsha1;md;var pss = forgepss;var signature = privateKey; // verify RSASSA-PSS signaturevar pss = forgepss;var md = forgemdsha1;md;publicKey; // encrypt data with a public key (defaults to RSAES PKCS#1 v1.5)var encrypted = publicKey; // decrypt data with a private key (defaults to RSAES PKCS#1 v1.5)var decrypted = privateKey; // encrypt data with a public key using RSAES PKCS#1 v1.5var encrypted = publicKey; // decrypt data with a private key using RSAES PKCS#1 v1.5var decrypted = privateKey; // encrypt data with a public key using RSAES-OAEPvar encrypted = publicKey; // decrypt data with a private key using RSAES-OAEPvar decrypted = privateKey; // encrypt data with a public key using RSAES-OAEP/SHA-256var encrypted = publicKey; // decrypt data with a private key using RSAES-OAEP/SHA-256var decrypted = privateKey; // encrypt data with a public key using RSAES-OAEP/SHA-256/MGF1-SHA-1// compatible with Java's RSA/ECB/OAEPWithSHA-256AndMGF1Paddingvar encrypted = publicKey; // decrypt data with a private key using RSAES-OAEP/SHA-256/MGF1-SHA-1// compatible with Java's RSA/ECB/OAEPWithSHA-256AndMGF1Paddingvar decrypted = privateKey;
Examples
// generate an RSA key pair asynchronously (uses web workers if available)// use workers: -1 to run a fast core estimator to optimize # of workersforgersa; // generate and encapsulate a 16-byte secret keyvar kdf1 = forgemdsha1;var kem = forgekemrsa;var result = kem;// result has 'encapsulation' and 'key' // encrypt some bytesvar iv = forgerandom;var someBytes = 'hello world!';var cipher = forgecipher;cipherstartiv: iv;cipher;cipher;var encrypted = cipheroutput;var tag = ciphermodetag; // send 'encrypted', 'iv', 'tag', and result.encapsulation to recipient // decrypt encapsulated 16-byte secret keyvar kdf1 = forgemdsha1;var kem = forgekemrsa;var key = kem; // decrypt some bytesvar decipher = forgecipher;decipherstartiv: iv tag: tag;decipher;var pass = decipher;// pass is false if there was a failure (eg: authentication tag didn't match)ifpass // outputs 'hello world!' console;
Examples
var pki = forgepki; // convert a PEM-formatted public key to a Forge public keyvar publicKey = pki; // convert a Forge public key to PEM-formatvar pem = pki; // convert an ASN.1 SubjectPublicKeyInfo to a Forge public keyvar publicKey = pki; // convert a Forge public key to an ASN.1 SubjectPublicKeyInfovar subjectPublicKeyInfo = pki; // gets a SHA-1 RSAPublicKey fingerprint a byte bufferpki; // gets a SHA-1 SubjectPublicKeyInfo fingerprint a byte bufferpki; // gets a hex-encoded, colon-delimited SHA-1 RSAPublicKey public key fingerprintpki; // gets a hex-encoded, colon-delimited SHA-1 SubjectPublicKeyInfo public key fingerprintpki; // gets a hex-encoded, colon-delimited MD5 RSAPublicKey public key fingerprintpki; // creates a CA storevar caStore = pki; // add a certificate to the CA storecaStore; // gets the issuer (its certificate) for the given certificatevar issuerCert = caStore; // verifies a certificate chain against a CA storepki; // signs a certificate using the given private keycert; // signs a certificate using SHA-256 instead of SHA-1cert; // verifies an issued certificate using the certificates public keyvar verified = issuer; // generate a keypair and create an X.509v3 certificatevar keys = pkirsa;var cert = pki;certpublicKey = keyspublicKey;// alternatively set public key from a csr//cert.publicKey = csr.publicKey;certserialNumber = '01';certvaliditynotBefore = ;certvaliditynotAfter = ;certvaliditynotAfter;var attrs = name: 'commonName' value: 'example.org' name: 'countryName' value: 'US' shortName: 'ST' value: 'Virginia' name: 'localityName' value: 'Blacksburg' name: 'organizationName' value: 'Test' shortName: 'OU' value: 'Test';cert;// alternatively set subject from a csr//cert.setSubject(csr.subject.attributes);cert;cert;/* alternatively set extensions from a csrvar extensions = csr.getAttribute({name: 'extensionRequest'}).extensions;// optionally add more extensionsextensions.push.apply(extensions, [{ name: 'basicConstraints', cA: true}, { name: 'keyUsage', keyCertSign: true, digitalSignature: true, nonRepudiation: true, keyEncipherment: true, dataEncipherment: true}]);cert.setExtensions(extensions);*/// self-sign certificatecert; // convert a Forge certificate to PEMvar pem = pki; // convert a Forge certificate from PEMvar cert = pki; // convert an ASN.1 X.509x3 object to a Forge certificatevar cert = pki; // convert a Forge certificate to an ASN.1 X.509v3 objectvar asn1Cert = pki;
Provides the password-based key-derivation function from PKCS#5.
Examples
// generate a password-based 16-byte key// note an optional message digest can be passed as the final parametervar salt = forgerandom;var derivedKey = forgepkcs5; // generate key asynchronously// note an optional message digest can be passed before the callbackforgepkcs5;
Provides cryptographically protected messages from PKCS#7.
Examples
// convert a message from PEMvar p7 = forgepkcs7;// look at p7.recipients // find a recipient by the issuer of a certificatevar recipient = p7; // decryptp7; // create a p7 enveloped messagevar p7 = forgepkcs7; // add a recipientvar cert = forgepki;p7; // set contentp7content = forgeutil; // encryptp7; // convert message to PEMvar pem = forgepkcs7; // create a degenerate PKCS#7 certificate container// (CRLs not currently supported, only certificates)var p7 = forgepkcs7;p7;p7;var pem = forgepkcs7;
Examples
var pki = forgepki; // convert a PEM-formatted private key to a Forge private keyvar privateKey = pki; // convert a Forge private key to PEM-formatvar pem = pki; // convert an ASN.1 PrivateKeyInfo or RSAPrivateKey to a Forge private keyvar privateKey = pki; // convert a Forge private key to an ASN.1 RSAPrivateKeyvar rsaPrivateKey = pki; // wrap an RSAPrivateKey ASN.1 object in a PKCS#8 ASN.1 PrivateKeyInfovar privateKeyInfo = pki; // convert a PKCS#8 ASN.1 PrivateKeyInfo to PEMvar pem = pki; // encrypts a PrivateKeyInfo and outputs an EncryptedPrivateKeyInfovar encryptedPrivateKeyInfo = pki; // decrypts an ASN.1 EncryptedPrivateKeyInfovar privateKeyInfo = pki; // converts an EncryptedPrivateKeyInfo to PEMvar pem = pki; // converts a PEM-encoded EncryptedPrivateKeyInfo to ASN.1 formatvar encryptedPrivateKeyInfo = pki; // wraps and encrypts a Forge private key and outputs it in PEM formatvar pem = pki; // encrypts a Forge private key and outputs it in PEM format using OpenSSL's// proprietary legacy format + encapsulated PEM headers (DEK-Info)var pem = pki; // decrypts a PEM-formatted, encrypted private keyvar privateKey = pki; // sets an RSA public key from a private keyvar publicKey = pki;
Provides certification requests or certificate signing requests (CSR) from PKCS#10.
Examples
// generate a key pairvar keys = forgepkirsa; // create a certification request (CSR)var csr = forgepki;csrpublicKey = keyspublicKey;csr;// set (optional) attributescsr; // sign certification requestcsr; // verify certification requestvar verified = csr; // convert certification request to PEM-formatvar pem = forgepki; // convert a Forge certification request from PEM-formatvar csr = forgepki; // get an attributecsr; // get extensions arraycsrextensions;
Provides the cryptographic archive file format from PKCS#12.
Examples
// decode p12 from base64var p12Der = forgeutil;// get p12 as ASN.1 objectvar p12Asn1 = forgeasn1;// decrypt p12 using the password 'password'var p12 = forgepkcs12;// decrypt p12 using non-strict parsing mode (resolves some ASN.1 parse errors)var p12 = forgepkcs12;// decrypt p12 using literally no password (eg: Mac OS X/apple push)var p12 = forgepkcs12;// decrypt p12 using an "empty" password (eg: OpenSSL with no password input)var p12 = forgepkcs12;// p12.safeContents is an array of safe contents, each of// which contains an array of safeBags // get bags by friendlyNamevar bags = p12;// bags are key'd by attribute type (here "friendlyName")// and the key values are an array of matching objectsvar cert = bagsfriendlyName0; // get bags by localKeyIdvar bags = p12;// bags are key'd by attribute type (here "localKeyId")// and the key values are an array of matching objectsvar cert = bagslocalKeyId0; // get bags by localKeyId (input in hex)var bags = p12;// bags are key'd by attribute type (here "localKeyId", *not* "localKeyIdHex")// and the key values are an array of matching objectsvar cert = bagslocalKeyId0; // get bags by typevar bags = p12;// bags are key'd by bagType and each bagType key's value// is an array of matches (in this case, certificate objects)var cert = bagsforgepkioidscertBag0; // get bags by friendlyName and filter on bag typevar bags = p12; // generate a p12 using AES (default)var p12Asn1 = forgepkcs12; // generate a p12 that can be imported by Chrome/Firefox// (requires the use of Triple DES instead of AES)var p12Asn1 = forgepkcs12; // base64-encode p12var p12Der = forgeasn1;var p12b64 = forgeutil; // create download link for p12var a = document;adownload = 'example.p12';a;a;
Provides ASN.1 DER encoding and decoding.
Examples
var asn1 = forgeasn1; // create a SubjectPublicKeyInfovar subjectPublicKeyInfo = asn1; // serialize an ASN.1 object to DER formatvar derBuffer = asn1; // deserialize to an ASN.1 object from a byte buffer filled with DER datavar object = asn1; // convert an OID dot-separated string to a byte buffervar derOidBuffer = asn1; // convert a byte buffer with a DER-encoded OID to a dot-separated stringconsole;// output: 1.2.840.113549.1.1.5 // validates that an ASN.1 object matches a particular ASN.1 structure and// captures data of interest from that structure for easy accessvar publicKeyValidator = name: 'SubjectPublicKeyInfo' tagClass: asn1ClassUNIVERSAL type: asn1TypeSEQUENCE constructed: true captureAsn1: 'subjectPublicKeyInfo' value: name: 'SubjectPublicKeyInfo.AlgorithmIdentifier' tagClass: asn1ClassUNIVERSAL type: asn1TypeSEQUENCE constructed: true value: name: 'AlgorithmIdentifier.algorithm' tagClass: asn1ClassUNIVERSAL type: asn1TypeOID constructed: false capture: 'publicKeyOid' // subjectPublicKey name: 'SubjectPublicKeyInfo.subjectPublicKey' tagClass: asn1ClassUNIVERSAL type: asn1TypeBITSTRING constructed: false value: // RSAPublicKey name: 'SubjectPublicKeyInfo.subjectPublicKey.RSAPublicKey' tagClass: asn1ClassUNIVERSAL type: asn1TypeSEQUENCE constructed: true optional: true captureAsn1: 'rsaPublicKey' ; var capture = {};var errors = ;if!asn1 throw 'ASN.1 object is not a SubjectPublicKeyInfo.';// capture.subjectPublicKeyInfo contains the full ASN.1 object// capture.rsaPublicKey contains the full ASN.1 object for the RSA public key// capture.publicKeyOid only contains the value for the OIDvar oid = asn1;ifoid !== pkioids'rsaEncryption' throw 'Unsupported OID.'; // pretty print an ASN.1 object to a string for debugging purposesasn1;
Message Digests ### SHA1
Provides SHA-1 message digests.
Examples
var md = forgemdsha1;md;console;// output: 2fd4e1c67a2d28fced849ee1bb76e7391b93eb12
Provides SHA-256 message digests.
Examples
var md = forgemdsha256;md;console;// output: d7a8fbb307d7809469ca9abcb0082e4f8d5651e46d3cdb762d02d0bf37c9e592
Provides SHA-384 message digests.
Examples
var md = forgemdsha384;md;console;// output: ca737f1014a48f4c0b6dd43cb177b0afd9e5169367544c494011e3317dbf9a509cb1e5dc1e85a941bbee3d7f2afbc9b1
Provides SHA-512 message digests.
Examples
// SHA-512var md = forgemdsha512;md;console;// output: 07e547d9586f6a73f73fbac0435ed76951218fb7d0c8d788a309d785436bbb642e93a252a954f23912547d1e8a3b5ed6e1bfd7097821233fa0538f3db854fee6 // SHA-512/224var md = forgemdsha512sha224;md;console;// output: 944cd2847fb54558d4775db0485a50003111c8e5daa63fe722c6aa37 // SHA-512/256var md = forgemdsha512sha256;md;console;// output: dd9d67b371519c339ed8dbd25af90e976a1eeefd4ad3d889005e532fc5bef04d
Provides MD5 message digests.
Examples
var md = forgemdmd5;md;console;// output: 9e107d9d372bb6826bd81d3542a419d6
Provides HMAC w/any supported message digest algorithm.
Examples
var hmac = forgehmac;hmacstart'sha1' 'Jefe';hmac;console;// output: effcdf6ae5eb2fa2d27416d5f184df9c259a7c79
Utilities ### Prime
Provides an API for generating large, random, probable primes.
Examples
// generate a random prime on the main JS threadvar bits = 1024;forgeprime; // generate a random prime using Web Workers (if available, otherwise// falls back to the main thread)var bits = 1024;var options = algorithm: name: 'PRIMEINC' workers: -1 // auto-optimize # of workers ;forgeprime;
Provides a Fortuna-based cryptographically-secure pseudo-random number generator, to be used with a cryptographic function backend, e.g. AES. An implementation using AES as a backend is provided. An API for collecting entropy is given, though if window.crypto.getRandomValues is available, it will be used automatically.
Examples
// get some random bytes synchronouslyvar bytes = forgerandom;console; // get some random bytes asynchronouslyforgerandom; // collect some entropy if you'd likeforgerandom;; // specify a seed file for use with the synchronous API if you'd likeforgerandom { // get 'needed' number of random bytes from somewhere return fetchedRandomBytes;}; // specify a seed file for use with the asynchronous API if you'd likeforgerandom { // get the 'needed' number of random bytes from somewhere ;}); // register the main thread to send entropy or a Web Worker to receive// entropy on demand from the main threadforgerandom; // generate a new instance of a PRNG with no collected entropyvar myPrng = forgerandom;
Provides queuing and synchronizing tasks in a web application.
Examples
Provides utility functions, including byte buffer support, base64, bytes to/from hex, zlib inflate/deflate, etc.
Examples
// encode/decode base64var encoded = forgeutil;var str = forgeutil; // encode/decode UTF-8var encoded = forgeutil;var str = forgeutil; // bytes to/from hexvar bytes = forgeutil;var hex = forgeutil; // create an empty byte buffervar buffer = forgeutil;// create a byte buffer from raw binary bytesvar buffer = forgeutil;// create a byte buffer from utf8 bytesvar buffer = forgeutil; // get the length of the buffer in bytesbufferlength;// put bytes into the bufferbuffer;// put a 32-bit integer into the bufferbuffer;// buffer to hexbuffer;// get a copy of the bytes in the bufferbytes;// empty this buffer and get its contentsbytes; // convert a forge buffer into a node.js Buffer// make sure you specify the encoding as 'binary'var forgeBuffer = forgeutil;var nodeBuffer = forgeBuffer 'binary'; // convert a node.js Buffer into a forge buffer// make sure you specify the encoding as 'binary'var nodeBuffer = ;var forgeBuffer = forgeutil; // parse a URLvar parsed = forgeutil;// parsed.scheme, parsed.host, parsed.port, parsed.path, parsed.fullHost
Provides logging to a javascript console using various categories and levels of verbosity.
Examples
Provides storage of debugging information normally inaccessible in closures for viewing/investigation.
Examples
Provides an Apache module "mod_fsp" that can serve up a Flash Socket
Policy. See mod_fsp/README
for more details. This module makes it easy to
modify an Apache server to allow cross domain requests to be made to it.
Library Details
- http://digitalbazaar.com/2010/07/20/javascript-tls-1/
- http://digitalbazaar.com/2010/07/20/javascript-tls-2/
Contact
- Code: https://github.com/digitalbazaar/forge
- Bugs: https://github.com/digitalbazaar/forge/issues
- Email: support@digitalbazaar.com
Donations welcome:
- Donate: paypal@digitalbazaar.com