RSA Extension #1699
RSA Extension #1699
Conversation
| // Load the JSEncrypt library from a CDN | ||
| const script = document.createElement('script'); | ||
| script.src = 'https://cdn.jsdelivr.net/npm/jsencrypt/bin/jsencrypt.min.js'; | ||
| document.head.appendChild(script); |
There was a problem hiding this comment.
You shouldnt be fetching a file url like that as:
- this forces people to need internet for this extension to work
- url could go down at any point
You should use a data.uri instead.
Also add /* global [library name here] */ to fix the lint errors
There was a problem hiding this comment.
Ok being real here, jsdelivr isnt going down any time soon, and no they should find a way to import the library without using a script tag.
There was a problem hiding this comment.
the desktop app still needs to work without internet (this is why the extension library there can only update when the app does, because it's stored offline).
for importing, i think using await import() and making the extension function async is a simple option (and probably also add /+esm to the jsdelivr url so that you can access the library from import()'s return value without adding stuff to the global scope), but you should still make the extension url a data url because of the offline part
There was a problem hiding this comment.
maybe yeah but that does bring the question is it allowed because stuff like a script tag isnt allowed and they do similar things
| opcode: 'generateKeys', | ||
| blockType: Scratch.BlockType.REPORTER, | ||
| text: 'Generate RSA keys', | ||
| arguments: {} |
| @@ -0,0 +1,89 @@ | |||
| // Name: RSA | |||
| // ID: themadpunter-rsa | |||
There was a problem hiding this comment.
this id should be the same as the extension ID
| class RSAExtension { | ||
| getInfo() { | ||
| return { | ||
| id: 'themadpunter_rsa', |
There was a problem hiding this comment.
_'s should not be used in ids
| getInfo() { | ||
| return { | ||
| id: 'themadpunter_rsa', | ||
| name: 'TurboRSA', |
There was a problem hiding this comment.
this name should be the same as the one listed on the gallery which you put as RSA
| { | ||
| opcode: 'generateKeys', | ||
| blockType: Scratch.BlockType.REPORTER, | ||
| text: 'Generate RSA keys', |
There was a problem hiding this comment.
nitpick: please make the block titles lowercase so "generate RSA keys" as currently it does not follow scratch's conventions, also blocks are not sentence's so yeah
| { | ||
| opcode: 'decrypt', | ||
| blockType: Scratch.BlockType.REPORTER, | ||
| text: 'Decrypt [TEXT] with private key [KEY]', |
There was a problem hiding this comment.
same here as the other name comment
| } | ||
|
|
||
| // Wait for the script to load before registering the extension | ||
| script.onload = () => { |
There was a problem hiding this comment.
after doing what the other reviews suggests (removing the script tag) just remove this
| } | ||
|
|
||
| generateKeys() { | ||
| const crypt = new JSEncrypt({ default_key_size: 1024 }); |
There was a problem hiding this comment.
nitpick: this could be customizable
|
|
||
| encrypt(args) { | ||
| const crypt = new JSEncrypt(); | ||
| crypt.setPublicKey(args.KEY); |
| const crypt = new JSEncrypt(); | ||
| crypt.setPublicKey(args.KEY); | ||
| const encrypted = crypt.encrypt(args.TEXT); | ||
| return encrypted ? encrypted : 'Encryption failed'; |
There was a problem hiding this comment.
instead of returning text which could be the same as the actual output value you should just return an empty string
| const crypt = new JSEncrypt(); | ||
| crypt.setPrivateKey(args.KEY); | ||
| const decrypted = crypt.decrypt(args.TEXT); | ||
| return decrypted ? decrypted : 'Decryption failed'; |
There was a problem hiding this comment.
same goes here for the returning an empty string
An extension to use RSA in TurboWarp.