From 17171139d23b4d2040ae1fefc254f94ba148ee12 Mon Sep 17 00:00:00 2001 From: Eric Swanson <64809312+ericswanson-dfinity@users.noreply.github.com> Date: Fri, 25 Mar 2022 15:47:53 -0700 Subject: [PATCH 1/2] fix: make makeNonce return unique random values (#546) [SDK-396] * fix: make makeNonce return unique random values * fix: makeNonce generates 128 bits of data in the nonce, not 8 view.setBigUInt(1,...) sets data starting at byte offset 1, not byte offset 9 (where the second bigint would start) * Fixes https://dfinity.atlassian.net/browse/SDK-396 --- docs/generated/changelog.html | 7 +++++++ packages/agent/src/agent/http/http.test.ts | 10 +++++++++- packages/agent/src/agent/http/types.ts | 10 ++++++---- 3 files changed, 22 insertions(+), 5 deletions(-) diff --git a/docs/generated/changelog.html b/docs/generated/changelog.html index c1d267001..e5f15c9cb 100644 --- a/docs/generated/changelog.html +++ b/docs/generated/changelog.html @@ -10,6 +10,13 @@
Hello world
`); window.fetch = global.fetch; @@ -354,3 +355,10 @@ describe('replace identity', () => { expect(mockFetch).toBeCalledTimes(1); }); }); +describe('makeNonce should create unique values', () => { + const nonces = new Set(); + for (let i = 0; i < 100; i++) { + nonces.add(toHexString(makeNonce())); + } + expect(nonces.size).toBe(100); +}); diff --git a/packages/agent/src/agent/http/types.ts b/packages/agent/src/agent/http/types.ts index 55b2dd80b..ff8e3da92 100644 --- a/packages/agent/src/agent/http/types.ts +++ b/packages/agent/src/agent/http/types.ts @@ -107,10 +107,12 @@ export function makeNonce(): Nonce { // Encode 128 bits. const buffer = new ArrayBuffer(16); const view = new DataView(buffer); - const value = BigInt(+Date.now()) * BigInt(100000) + BigInt(Math.floor(Math.random() * 100000)); - view.setBigUint64(0, value); - // tslint:disable-next-line:no-bitwise - view.setBigUint64(1, value >> BigInt(64)); + const now = BigInt(+Date.now()); + const randHi = Math.floor(Math.random() * 0xffffffff); + const randLo = Math.floor(Math.random() * 0xffffffff); + view.setBigUint64(0, now); + view.setUint32(8, randHi); + view.setUint32(12, randLo); return buffer as Nonce; } From f9bfa59ee95a65ed3cafcddd00810fb8b01e9e97 Mon Sep 17 00:00:00 2001 From: jzxchiang1 <15524484+jzxchiang1@users.noreply.github.com> Date: Fri, 25 Mar 2022 15:53:44 -0700 Subject: [PATCH 2/2] fix: Update webappsec types dependency --- packages/identity/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/identity/package.json b/packages/identity/package.json index 3dc75945c..78e4e6433 100644 --- a/packages/identity/package.json +++ b/packages/identity/package.json @@ -40,6 +40,7 @@ "@dfinity/principal": "^0.10.4" }, "dependencies": { + "@types/webappsec-credential-management": "^0.6.2", "borc": "^2.1.1", "js-sha256": "^0.9.0", "secp256k1": "^4.0.2", @@ -49,7 +50,6 @@ "@trust/webcrypto": "^0.9.2", "@types/jest": "^27.0.2", "@types/secp256k1": "^4.0.3", - "@types/webappsec-credential-management": "^0.6.2", "@typescript-eslint/eslint-plugin": "^4.14.2", "@typescript-eslint/parser": "^4.14.2", "eslint": "^7.19.0",