Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: replaces the js-sha256 library with @noble/hashes #753

Merged
merged 4 commits into from
Aug 22, 2023
Merged

feat: replaces the js-sha256 library with @noble/hashes #753

merged 4 commits into from
Aug 22, 2023

Conversation

krpeacock
Copy link
Contributor

@krpeacock krpeacock commented Aug 22, 2023
edited
Loading

Description

Due to an ongoing incident where the js-sha256 library is breaking on new versions of Chrome, we are replacing it with the industry standard library, @noble/hashes

This is a compact, audited, pure JS library, and it is able to produce hashes synchronously, which makes it easier to drop into our library than the WebCrypto.subtle.digest api, which is promise-based.

Fixes # (issue)

How Has This Been Tested?

Updates to a few unit tests, and running against existing golden canonical hashes and e2e test suite

Checklist:

  • My changes follow the guidelines in CONTRIBUTING.md.
  • The title of this PR complies with Conventional Commits.
  • I have edited the CHANGELOG accordingly.
  • I have made corresponding changes to the documentation.

@krpeacock krpeacock requested a review from a team as a code owner August 22, 2023 16:47
@github-actions
Copy link
Contributor

github-actions bot commented Aug 22, 2023
edited
Loading

size-limit report 📦

Path Size
@dfinity/agent 86.96 KB (-2.51% 🔽)
@dfinity/candid 13.52 KB (-12.69% 🔽)
@dfinity/principal 5.15 KB (-23.91% 🔽)
@dfinity/auth-client 92.54 KB (-2.48% 🔽)
@dfinity/assets 89.56 KB (-2.34% 🔽)
@dfinity/identity 89.81 KB (-2.35% 🔽)
@dfinity/identity-secp256k1 232.06 KB (+0.66% 🔺)

@keplervital
Copy link
Member

I can confirm that moving to use @noble/hashes fixes the issue i was having on Chrome Version 116.0.5845.96 (Official Build) (arm64).

@krpeacock krpeacock merged commit ac5d163 into main Aug 22, 2023
12 checks passed
@krpeacock krpeacock deleted the kyle/sha-library-incident branch August 22, 2023 17:56
@rsundar01
Copy link

I took a look at the code updates and it seemed pretty straightforward. I don't have any major feedback. Perhaps, it would help to wrap the crypto impl details that would help to localize the changes.

@peterpeterparker peterpeterparker mentioned this pull request Aug 28, 2023
Merged
peterpeterparker added a commit to dfinity/ic-js that referenced this pull request Sep 4, 2023
@peterpeterparker
feat: replaces the js-sha256 library with @noble/hashes (#405)
f9ea40c 
# Motivation

Similar to what was done in `agent-js` to solve the issue regarding last version of Chrome and validation of the certificate, replace `js-sha256` with `@noble/hashes`.

Related agent-js PR is dfinity/agent-js#753
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dfx-json dfx-json dfx-json approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@krpeacock @keplervital @rsundar01 @dfx-json