Me and https://github.com/bitwiseshiftleft are the core maintainers, even though bitwiseshiftleft is not very active any more.
I'm thinking about increasing the core maintainer team though.
Release process: We need to work on this.
Roadmap: sjcl is in maintenance mode, meaning that the core maintainers do not add any new features. Thus a roadmap does not make much sense.
The master branch is ahead of 1.0.4.
I know I can encrypt a string using a password with sjcl.encrypt() and decrypt using sjcl.decrypt(), but can I just verify the password to decrypt a string is correct first so then if it is correct, I can go ahead and decrypt and if it's not, I go ahead and spit out an error message?
Hey guys, I'll need to save some sensitive data on client side in localstorage.
I've been wondering what's the best I can do about that and sjcl seems to be a good idea.
I know there's no perfect security, I just want to do the best possible :)
That said, is sjcl.encrypt enough? Is there a better configuration to make it harder to brute force or find with other ways?