What level of encryption was chosen for TW's SJCL?

Justin_H · March 9, 2024, 6:18am

Just out of curiousity, I was wondering if, when SJCL was implemented into tiddlywiki, was AES 256 chosen and adopted, or a different amount? It appears to match the provided minified code, however I wasn’t sure what level that was either

And, not completely related but, does the encrypt individual tiddlers plugin piggyback off of the normal encrypt js in tiddlywiki?

Unfortunately I can’t read JS well enough to find the answers myself, so any insight from someone who knows would be greatly appreciated.

arunnbabu81 · March 9, 2024, 8:24am

This discussion might be of help to you

jeremyruston · March 9, 2024, 9:42am

SJCL was integrated into TiddlyWiki 5 in September 2012 in this commit. I chose SJCL because it was the most widely used and trusted open source JS cryptographic library at the time. Nowadays one might be tempted to use the new browser crypto APIs but it’s actually convenient for TW to have the same code available on the server and in the browser.

Justin_H · March 9, 2024, 12:59pm

It did indeed! The answer is aes 128 in ccm mode!

That being said, I’m going to look into what sukima mentioned and try to change it to aes 256.

Honestly, I think the right choice was made in choosing SJCL.