Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Core Library Request: Crypto Shim #5023

Closed
southpolesteve opened this issue Sep 6, 2019 · 3 comments
Closed

Core Library Request: Crypto Shim #5023

southpolesteve opened this issue Sep 6, 2019 · 3 comments
Assignees
@joheredi
Labels
Azure.Core Client This issue points to a problem in the data-plane of the library. Cosmos

Comments

@southpolesteve
Copy link
Contributor

Cosmos currently needs these platform crypto functions in both browser and node:

  • SHA1
  • HMAC-256
  • atob

We currently use crypto-hash but it does not support HMAC256 and uses syntax incompatible with Edge. I propose the development of a new core library that shims these and any other required crypto functions for azure SDK packages.

cc @bterlson
@bterlson
Copy link
Member

bterlson commented Sep 6, 2019

/cc @schaabs @jonathandturner

@kaerm kaerm added Client This issue points to a problem in the data-plane of the library. Cosmos labels Sep 6, 2019
@triage-new-issues triage-new-issues bot removed the triage label Sep 6, 2019
@southpolesteve southpolesteve mentioned this issue Sep 17, 2019
Closed
@mayurid mayurid mentioned this issue Sep 26, 2019
Closed
3 tasks
@joheredi joheredi self-assigned this Oct 9, 2019
@joheredi
Copy link
Member

joheredi commented Oct 9, 2019

There are 2 main things behind this issue

  1. Cosmos is broken in Edge because crypto-hash uses incompatible syntax (such as spread) and features (such as 'SHA-1' with SubtleCrypto.digest())

  2. Cosmos uses crypto-js for signing headers and we'd like to remove the dependency on it.

For fixing (1), I spoke with @southpolesteve and it seems like we should be able to use another algorithm (maybe SHA256). This hashing logic can be hosted within the Cosmos repo and drop the dependency on crypto-hash

For (2) 2 things need to happen
a) Move cosmos-sign into Cosmos repo
b) Drop the dependency on crypto-js and shim HMAC256

atob requirement has been addressed by this merge

@southpolesteve please feel free to fill in if I missed anything

/cc @ramya-rao-a @bterlson

This was referenced Oct 9, 2019
Merged
Merged
@joheredi
Copy link
Member

Fixed with #5493

@github-actions github-actions bot locked and limited conversation to collaborators Apr 12, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@joheredi joheredi

Labels
Azure.Core Client This issue points to a problem in the data-plane of the library. Cosmos
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@bterlson @southpolesteve @joheredi @kaerm