Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: certificate time checks #763

Merged
merged 6 commits into from
Sep 15, 2023
Merged

Conversation

krpeacock
Copy link
Contributor

@krpeacock krpeacock commented Sep 8, 2023

Description

The time on certificates returned by read_state requests is currently not checked in agent-js.

It is a good practice to check the time to avoid using stale data. For example, we do it for asset certification in the service worker because otherwise a malicious node could serve stale/outdated HTTP assets.

Fixes SDK-1132

How Has This Been Tested?

new unit tests with mocked time and custom errors

Checklist:

  • My changes follow the guidelines in CONTRIBUTING.md.
  • The title of this PR complies with Conventional Commits.
  • I have edited the CHANGELOG accordingly.
  • I have made corresponding changes to the documentation.

@krpeacock krpeacock requested a review from a team as a code owner September 8, 2023 18:20
@github-actions
Copy link
Contributor

github-actions bot commented Sep 8, 2023

size-limit report 📦

Path Size
@dfinity/agent 87.38 KB (+0.24% 🔺)
@dfinity/candid 13.52 KB (0%)
@dfinity/principal 5.15 KB (0%)
@dfinity/auth-client 92.55 KB (+0.02% 🔺)
@dfinity/assets 89.96 KB (+0.3% 🔺)
@dfinity/identity 89.82 KB (+0.02% 🔺)
@dfinity/identity-secp256k1 232.51 KB (+0.11% 🔺)

provides mechanism for verifying the max age so that delegations can be signed up to 30 days in advance and will still validate correctly.
packages/agent/src/certificate.test.ts Outdated Show resolved Hide resolved
packages/agent/src/certificate.ts Outdated Show resolved Hide resolved
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants