New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: expose ripemd160 hash from boringssl #16454
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The technical implications of this LGTM, I'm more worried about who needs RIPEMD160 and why? I don't think it's a great idea, and that might be why Google removed the function from the default builds.
Yep, I agree that ripemd160 is not a wise choice of digest, but since it's right there I figured this was easier than arguing about it. If BoringSSL removes it upstream I'm happy to drop support for it in Electron. |
@nornagon sounds fair. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me assuming CI passes.
CI failures are unrelated, so I'm going to go ahead and merge. |
Release Notes Persisted
|
I was unable to backport this PR to "4-0-x" cleanly; |
I have automatically backported this PR to "5-0-x", please check out #16572 |
A maintainer has manually backported this PR to "4-0-x", please check out #16574 |
A maintainer has manually backported this PR to "4-0-x", please check out #16574 |
This is why some cryptocurrency-related libraries require this hash: |
@sirasistant I suppose to trim the hash (which is otherwise 32 bytes because SHA256)? |
I think so too, 20 bytes vs 32. But the fact is that it's part of many blockchain network protocols, which are not precisely easy to change. Breaking the compatibility of electron with this hash in the future could be quite problematic for many apps built on electron. |
@sirasistant agreed, that's a fair reason for including RIPEMD160. |
…her for CypherPoker.JS that retains existing "web" and "server" structures and uses a SQLite 3 database for local storage; tested on Windows 10 and all functionality appears to work as expected (compared to existing web version); note that a "postinstall.js" script applies a patch to bitcoinjs-lib and BIP32 modules for compatibility with >= Electron 4.x.x (since switch to BoringSSL -- electron/electron#16454).
So, how to fix this problem? thanks |
Ref #16195
ripemd160 is available in openssl by default, but boringssl does not build it by default. This adds a patch to expose it from boringssl.
Checklist
npm test
passesRelease Notes
Notes: Restored support for RIPEMD160 digest, which was lost when switching from OpenSSL to BoringSSL.