Closed joepio closed 2 years ago
Hey there.
You could replace hashing code with code from noble-crypto
. It's an interesting problem, because even though hashes could be replaced, randomBytes
cannot. randomBytes
also cannot be re-implemented in JS, it needs low-level system entropy. ed25519 does not really use randomness in its flow, but secp256k1 schnorr sigs do.
We won't include fallback by default because we don't want any deps.
For now, you can edit your fork of noble-ed to replace sha512 with noble-hashes/sha512
Ah, crypto.getRandom does not require a secure context, so that's a good start.
Try this:
const { sha512 } = require('@noble/hashes/sha512');
ed25519.utils.sha512 = (msg) => Promise.resolve(sha512(msg))
Will do! I'll let you if it worked soon.
Thanks for the quick help btw 👍
Seems like I can't build @noble/hashes
for some reason:
[20:12:16] [snowpack] rimrafSafe(): /Users/joep/dev/github/joepio/atomic-data-browser/node_modules/@noble/hashes/cryptoBrowser.js outside of buildOptions.out /Users/joep/dev/github/joepio/atomic-data-browser/data-browser/publish
[20:12:16] [snowpack] Error: rimrafSafe(): /Users/joep/dev/github/joepio/atomic-data-browser/node_modules/@noble/hashes/cryptoBrowser.js outside of buildOptions.out /Users/joep/dev/github/joepio/atomic-data-browser/data-browser/publish
at Object.deleteFromBuildSafe (/Users/joep/dev/github/joepio/atomic-data-browser/node_modules/snowpack/lib/cjs/util.js:75:15)
at Object.runBuiltInOptimize (/Users/joep/dev/github/joepio/atomic-data-browser/node_modules/snowpack/lib/cjs/build/optimize.js:419:24)
at runMicrotasks (<anonymous>)
at processTicksAndRejections (node:internal/process/task_queues:96:5)
at async Object.optimize (/Users/joep/dev/github/joepio/atomic-data-browser/node_modules/snowpack/lib/cjs/build/process.js:299:9)
at async build (/Users/joep/dev/github/joepio/atomic-data-browser/node_modules/snowpack/lib/cjs/commands/build.js:18:5)
at async Object.command (/Users/joep/dev/github/joepio/atomic-data-browser/node_modules/snowpack/lib/cjs/commands/build.js:35:9)
at async cli (/Users/joep/dev/github/joepio/atomic-data-browser/node_modules/snowpack/lib/cjs/index.js:174:9)
Report this to snowpack.
Seems to be this. Sorry, this blocks me from testing your fix at the moment.
I've found a workaround to build it, and I can confirm your fix works, @paulmillr !
Thanks for the help :)
Hi there! Thanks for creating this :)
After updating from
noble-ed25519 1.0.4
to@noble/ed25519 1.33
, I got this error in anhttp
context:Na.web.subtle is undefined
. I'm not entirely sure whether this error would have appeared before.It seems to appear only if I'm running my server on a local network system using HTTP, but not on localhost or in HTTPS in production.
The code seems to emerges from here.
After some googling I learned that the
crypto
module is not available in non-localhost HTTP environments.So what does this mean for me as a user of this dependency? I feel like, in my usecase, it should be able to run in HTTP contexts, so I'd like some fallback. Should this library provide a fallback? Should I as a user of this library provide a fallback, or show some custom error? Would love to hear your thoughts on this.
Thanks!