Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Stop using CryptoJS for signing token requests #1295

Closed
lawrence-forooghian opened this issue May 24, 2023 · 2 comments
Closed

Stop using CryptoJS for signing token requests #1295

lawrence-forooghian opened this issue May 24, 2023 · 2 comments
Assignees
@lawrence-forooghian

Comments

@lawrence-forooghian
Copy link
Collaborator

lawrence-forooghian commented May 24, 2023
edited
Loading

Split from #1239.

Replace the web token signing code’s use of crypto-js with the Web Crypto API (or something else that doesn't increase bundle size much, if we decide we want to access HMAC in non-secure contexts).
@lawrence-forooghian lawrence-forooghian mentioned this issue May 24, 2023
Closed
@sync-by-unito
Copy link

sync-by-unito bot commented May 24, 2023

➤ Automation for Jira commented:

The link to the corresponding Jira issue is https://ably.atlassian.net/browse/SDK-3605

@lawrence-forooghian lawrence-forooghian self-assigned this May 24, 2023
lawrence-forooghian added a commit that referenced this issue Jun 1, 2023
@lawrence-forooghian
Use Web Crypto for signing token requests on web
fefdc52 
TODO implement this

Resolves #1295.
This was referenced Jun 1, 2023
Closed
Merged
lawrence-forooghian added a commit that referenced this issue Jun 6, 2023
@lawrence-forooghian
Use Web Crypto for signing token requests on web
978c6d7 
TODO implement this

TODO figure out secure context stuff
Resolves #1295.
lawrence-forooghian added a commit that referenced this issue Jun 6, 2023
@lawrence-forooghian
Use Web Crypto for signing token requests on web
a6904cb 
TODO figure out secure context stuff

Resolves #1295.
lawrence-forooghian added a commit that referenced this issue Jun 6, 2023
@lawrence-forooghian
Use Web Crypto for signing token requests on web
2fea474 
TODO figure out secure context stuff

Resolves #1295.
lawrence-forooghian added a commit that referenced this issue Jun 6, 2023
@lawrence-forooghian
Use Web Crypto for signing token requests on web
645dec2 
TODO figure out secure context stuff and what the broad-reaching
implications are

Resolves #1295.

TODO what can we use as the statusCode and code — used generic "bad
request"
lawrence-forooghian added a commit that referenced this issue Jun 6, 2023
@lawrence-forooghian
Use Web Crypto for signing token requests on web
11a4a39 
TODO figure out secure context stuff and what the broad-reaching
implications are

Resolves #1295.

TODO what can we use as the statusCode and code — used generic "bad
request"
@lawrence-forooghian lawrence-forooghian mentioned this issue Jun 7, 2023
Closed
@lawrence-forooghian lawrence-forooghian changed the title Use Web Crypto API for signing token requests Stop using CryptoJS for signing token requests Jun 7, 2023
lawrence-forooghian added a commit that referenced this issue Jun 7, 2023
@lawrence-forooghian
Stop using CryptoJS for token request signing
3845a19 
Instead, use the HMAC implementation added in c197d79.

Resolves #1295.
@lawrence-forooghian lawrence-forooghian mentioned this issue Jun 7, 2023
Merged
lawrence-forooghian added a commit that referenced this issue Jun 7, 2023
@lawrence-forooghian
Stop using CryptoJS for token request signing
90dde04 
Instead, use the HMAC implementation added in fc94b80.

Resolves #1295.
@lawrence-forooghian
Copy link
Collaborator Author

Closed by #1325.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@lawrence-forooghian lawrence-forooghian

Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@lawrence-forooghian