expose API for further hashing operations: process(), finish() and reset()

[pohutukawa]

When computing message digests of large amounts of data, the currently exposed hashing functions (e. g. SHA256.bytes(data)) are not sufficient. One needs to obtain an instance on a message digest object, and then process(data) on the object as it comes in, to finally get the result via a finish() call on it. It then could be reused for other/future message digest operations.

src/sha256/exports.js for example does this already with the sha256_bytes(data) function (mapped to asmCrypto.SHA256.bytes(data):

return get_sha256_instance().reset().process(data).finish().result;

So I guess it's a matter of just exposing this part of the implementation to the outside API.

[vibornoff]

Not exactly: https://github.com/vibornoff/asmcrypto.js/issues/38

Firefox had a bug preventing asm.js module being re-linked with another heap object. That's why current API reuses static objects and exposes only one-shot operations.

[alippai]

It's fixed now: http://hg.mozilla.org/mozilla-central/rev/2a34429afff1

[vibornoff]

Oh, that's awesome.

I had a try with FF 31 and it works. Do you know the exact FF version from which we can be sure this bug is fixed?

[pohutukawa]

OK, good to know the reasoning for statically fixing this.

But, now that it's resolved, it would be really good to get access to a digest object instance and use the different methods on it as needed.

[pohutukawa]

I think this might be the Firefox bug link in question: https://bugzilla.mozilla.org/show_bug.cgi?id=973725

Maybe that helps in finding out when it was resolved. This link suggests, that it might have been fixed in a nightly of 30a1:

http://forums.mozillazine.org/viewtopic.php?f=23&t=2802749

[alippai]

It seems we can safely remove this support, Firefox 29 has practically zero usage now. This practice also matches the common Google policy, that last two versions of the browsers are supported (the latest stable Firefox release is version 32).

[pohutukawa]

Is there some kind of expectation, when a constructor to a hashing instance will be exported through the public API?

[vibornoff]

It's already done with https://github.com/vibornoff/asmcrypto.js/commit/63fa6aadfd450293b29b9fcc3861aec7dce468dc and as for other potentially unsafe things turned off by default. Also I'd like to put some tests for this feature. Suppose it'll be finished till the end of this week.

[pohutukawa]

Excellent. Thanks for that.

So I suppose one would create a new instance using new asmCrypto.SHA256(), and then process(), finish() and reset() methods are available on that object. Correct?

[vibornoff]

Yep, you right.