From 17171139d23b4d2040ae1fefc254f94ba148ee12 Mon Sep 17 00:00:00 2001
From: Eric Swanson <64809312+ericswanson-dfinity@users.noreply.github.com>
Date: Fri, 25 Mar 2022 15:47:53 -0700
Subject: [PATCH 1/2] fix: make makeNonce return unique random values (#546)

[SDK-396]
* fix: make makeNonce return unique random values

* fix: makeNonce generates 128 bits of data in the nonce, not 8

view.setBigUInt(1,...) sets data starting at byte offset 1, not byte offset 9 (where the second bigint would start)

* Fixes https://dfinity.atlassian.net/browse/SDK-396
---
 docs/generated/changelog.html              |  7 +++++++
 packages/agent/src/agent/http/http.test.ts | 10 +++++++++-
 packages/agent/src/agent/http/types.ts     | 10 ++++++----
 3 files changed, 22 insertions(+), 5 deletions(-)

diff --git a/docs/generated/changelog.html b/docs/generated/changelog.html
index c1d267001..e5f15c9cb 100644
--- a/docs/generated/changelog.html
+++ b/docs/generated/changelog.html
@@ -10,6 +10,13 @@
     <h1>Agent-JS Changelog</h1>
 
     <section>
+      <h2>Version 0.10.5</h2>
+      <ul>
+        <li>
+          makeNonce now returns unique values. Previously only the first byte of the nonce was
+          populated.
+        </li>
+      </ul>
       <h2>Version 0.10.3</h2>
       <ul>
         <li>
diff --git a/packages/agent/src/agent/http/http.test.ts b/packages/agent/src/agent/http/http.test.ts
index 7548d4dd3..a32d5de86 100644
--- a/packages/agent/src/agent/http/http.test.ts
+++ b/packages/agent/src/agent/http/http.test.ts
@@ -1,13 +1,14 @@
 import { HttpAgent, Nonce } from '../index';
 import * as cbor from '../../cbor';
 import { Expiry, makeNonceTransform } from './transforms';
-import { CallRequest, Envelope, SubmitRequestType } from './types';
+import { CallRequest, Envelope, makeNonce, SubmitRequestType } from './types';
 import { Principal } from '@dfinity/principal';
 import { requestIdOf } from '../../request_id';
 
 import { JSDOM } from 'jsdom';
 import { AnonymousIdentity, SignIdentity } from '../..';
 import { Ed25519KeyIdentity } from '../../../../identity/src/identity/ed25519';
+import { toHexString } from '../../../../identity/src/buffer';
 import { AgentError } from '../../errors';
 const { window } = new JSDOM(`<!DOCTYPE html><p>Hello world</p>`);
 window.fetch = global.fetch;
@@ -354,3 +355,10 @@ describe('replace identity', () => {
     expect(mockFetch).toBeCalledTimes(1);
   });
 });
+describe('makeNonce should create unique values', () => {
+  const nonces = new Set();
+  for (let i = 0; i < 100; i++) {
+    nonces.add(toHexString(makeNonce()));
+  }
+  expect(nonces.size).toBe(100);
+});
diff --git a/packages/agent/src/agent/http/types.ts b/packages/agent/src/agent/http/types.ts
index 55b2dd80b..ff8e3da92 100644
--- a/packages/agent/src/agent/http/types.ts
+++ b/packages/agent/src/agent/http/types.ts
@@ -107,10 +107,12 @@ export function makeNonce(): Nonce {
   // Encode 128 bits.
   const buffer = new ArrayBuffer(16);
   const view = new DataView(buffer);
-  const value = BigInt(+Date.now()) * BigInt(100000) + BigInt(Math.floor(Math.random() * 100000));
-  view.setBigUint64(0, value);
-  // tslint:disable-next-line:no-bitwise
-  view.setBigUint64(1, value >> BigInt(64));
+  const now = BigInt(+Date.now());
+  const randHi = Math.floor(Math.random() * 0xffffffff);
+  const randLo = Math.floor(Math.random() * 0xffffffff);
+  view.setBigUint64(0, now);
+  view.setUint32(8, randHi);
+  view.setUint32(12, randLo);
 
   return buffer as Nonce;
 }

From f9bfa59ee95a65ed3cafcddd00810fb8b01e9e97 Mon Sep 17 00:00:00 2001
From: jzxchiang1 <15524484+jzxchiang1@users.noreply.github.com>
Date: Fri, 25 Mar 2022 15:53:44 -0700
Subject: [PATCH 2/2] fix: Update webappsec types dependency

---
 packages/identity/package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/identity/package.json b/packages/identity/package.json
index 3dc75945c..78e4e6433 100644
--- a/packages/identity/package.json
+++ b/packages/identity/package.json
@@ -40,6 +40,7 @@
     "@dfinity/principal": "^0.10.4"
   },
   "dependencies": {
+    "@types/webappsec-credential-management": "^0.6.2",
     "borc": "^2.1.1",
     "js-sha256": "^0.9.0",
     "secp256k1": "^4.0.2",
@@ -49,7 +50,6 @@
     "@trust/webcrypto": "^0.9.2",
     "@types/jest": "^27.0.2",
     "@types/secp256k1": "^4.0.3",
-    "@types/webappsec-credential-management": "^0.6.2",
     "@typescript-eslint/eslint-plugin": "^4.14.2",
     "@typescript-eslint/parser": "^4.14.2",
     "eslint": "^7.19.0",