Author: Jason Davies 2018-04-10 00:42:32
Published on: 2018-04-10T00:42:32+00:00
The issues with the jsbn library stem from the implementation of an RC4-based RNG with insecure fallback entropy. Tom Wu's original code, which is published on his website, is the source of the problem. There is a more up-to-date fork of this code available on NPM that should be used instead. Jason Davies' repository was only meant to be a mirror of Tom Wu's code and will likely be deleted due to better JavaScript alternatives and this report. The actual code in question can be found in a pull request linked by Mustafa at musalbas.com.
Updated on: 2023-06-13T01:26:32.237579+00:00