diff --git a/node_modules b/node_modules index 965a58e6107b..3b55d1f7801f 160000 --- a/node_modules +++ b/node_modules @@ -1 +1 @@ -Subproject commit 965a58e6107b185be2c6387f7802ee057301282f +Subproject commit 3b55d1f7801f47e570e16a81bc3aef519c9f7612 diff --git a/package.json b/package.json index fcdbc3fe23d3..05dfebd5d513 100644 --- a/package.json +++ b/package.json @@ -11,8 +11,6 @@ "@patternfly/react-table": "5.4.13", "@patternfly/react-tokens": "5.4.1", "dequal": "2.0.3", - "js-sha1": "0.7.0", - "js-sha256": "0.11.0", "json-stable-stringify-without-jsonify": "1.0.1", "prop-types": "15.8.1", "react": "18.3.1", diff --git a/pkg/storaged/crypto/tang.jsx b/pkg/storaged/crypto/tang.jsx index faed1c889d47..6578652b6b24 100644 --- a/pkg/storaged/crypto/tang.jsx +++ b/pkg/storaged/crypto/tang.jsx @@ -23,12 +23,19 @@ import React from "react"; import { ClipboardCopy } from "@patternfly/react-core/dist/esm/components/ClipboardCopy/index.js"; import { Text, TextContent, TextVariants } from "@patternfly/react-core/dist/esm/components/Text/index.js"; -import sha1 from "js-sha1"; -import sha256 from "js-sha256"; +import { useInit } from "hooks"; + import stable_stringify from "json-stable-stringify-without-jsonify"; const _ = cockpit.gettext; +async function digest(text, hash) { + const encoder = new TextEncoder(); + const data = encoder.encode(text); + const digest = await window.crypto.subtle.digest(hash, data); + return [...new Uint8Array(digest)]; +} + export function validate_url(url) { if (url.length === 0) return _("Address cannot be empty"); @@ -68,7 +75,7 @@ function jwk_b64_encode(bytes) { .replace(/=+$/, ''); } -function compute_thp(jwk) { +async function compute_thp(jwk) { const REQUIRED_ATTRS = { RSA: ['kty', 'p', 'd', 'q', 'dp', 'dq', 'qi', 'oth'], EC: ['kty', 'crv', 'x', 'y'], @@ -83,10 +90,23 @@ function compute_thp(jwk) { const req = REQUIRED_ATTRS[jwk.kty]; const norm = { }; req.forEach(k => { if (k in jwk) norm[k] = jwk[k]; }); - return { - sha256: jwk_b64_encode(sha256.digest(stable_stringify(norm))), - sha1: jwk_b64_encode(sha1.digest(stable_stringify(norm))) - }; + + const hashes = {}; + try { + const sha256 = jwk_b64_encode(await digest(stable_stringify(norm), "SHA-256")); + hashes.sha256 = sha256; + } catch (err) { + console.warn("Unable to create a sha256 hash", err); + } + + try { + const sha1 = jwk_b64_encode(await digest(stable_stringify(norm), "SHA-1")); + hashes.sha1 = sha1; + } catch (err) { + console.warn("Unable to create a sha1 hash", err); + } + + return hashes; } function compute_sigkey_thps(adv) { @@ -106,7 +126,15 @@ function compute_sigkey_thps(adv) { export const TangKeyVerification = ({ url, adv }) => { const parsed = parse_url(url); const cmd = cockpit.format("ssh $0 tang-show-keys $1", parsed.hostname, parsed.port); - const sigkey_thps = compute_sigkey_thps(tang_adv_payload(adv)); + const [sigkey_thps, setSigKey] = React.useState(null); + + useInit(async () => { + const sigkey = await Promise.all(compute_sigkey_thps(tang_adv_payload(adv))); + setSigKey(sigkey); + }); + + if (sigkey_thps === null) + return null; return ( diff --git a/tools/build-debian-copyright b/tools/build-debian-copyright index c5f193abad78..3e8a091ead24 100755 --- a/tools/build-debian-copyright +++ b/tools/build-debian-copyright @@ -28,7 +28,6 @@ license_patterns = { copyright_patterns = { # Common patterns r'Copyright (.*)$': [r'\1'], - r'@copyright (.*)$': [r'\1'], r'\(c\) (.*)$': [r'\1'], # https://github.com/focus-trap/focus-trap/blob/master/LICENSE