feat(browser): Implement fallback SHA256 for non-HTTPS environments and enhance browser tests for consistent hashing
This commit is contained in:
74
changelog.md
Normal file
74
changelog.md
Normal file
@ -0,0 +1,74 @@
|
||||
# Changelog
|
||||
|
||||
## 2025-06-19 - 3.1.0 - feat(browser)
|
||||
Implement fallback SHA256 for non-HTTPS environments and enhance browser tests for consistent hashing
|
||||
|
||||
- Added a pure JavaScript SHA256 fallback in ts_web/sha256.fallback.ts for environments without crypto.subtle
|
||||
- Updated ts_web/index.ts to use the fallback when necessary
|
||||
- Enhanced browser tests in test/test.browser.ts to verify consistent hash outputs
|
||||
- Reflected new features in documentation updates (readme.plan.md)
|
||||
|
||||
## 2025-06-19 - 3.0.4 - feat
|
||||
Merge isohash functionality into smarthash to enable cross‐environment hash support. This release introduces browser‐compatible SHA256 functions via the Web Crypto API and plugins for environment detection and JSON handling.
|
||||
|
||||
- Added new plan and implementation steps to merge isohash into smarthash.
|
||||
- Updated test files to use the new tapbundle import.
|
||||
- Implemented browser‐specific hashing functions in ts_web/index.ts and ts_web/plugins.ts.
|
||||
- Created browser tests in test/test.browser.ts for SHA256 functions.
|
||||
- Ensured consistent smarthash functionality across environments.
|
||||
|
||||
Note: Several non–breaking maintenance updates (e.g. description, tsconfig, and npmextra.json adjustments) were applied between 2024 and 2023 alongside version marker commits.
|
||||
|
||||
---
|
||||
|
||||
## 2023-09-22 to 2022-06-26 - 3.0.0 - Maintenance
|
||||
Between versions 3.0.3 and 3.0.0, a series of core fixes and organizational improvements were rolled out.
|
||||
|
||||
- Multiple “fix(core)” commits addressed various update needs.
|
||||
- A couple of releases also switched to a new organization scheme.
|
||||
- Routine maintenance commits ensured stability across these versions.
|
||||
|
||||
---
|
||||
|
||||
## 2022-06-26 - 2.1.10 - BREAKING CHANGE
|
||||
A major change was introduced by switching the module system.
|
||||
|
||||
- BREAKING CHANGE(core): Switched to ESM, requiring consumers to update their imports accordingly.
|
||||
|
||||
---
|
||||
|
||||
## 2021-03-01 to 2019-11-21 - 2.1.0 - Maintenance
|
||||
Across versions 2.1.9 down to 2.1.0, the project received multiple fixes and CI updates.
|
||||
|
||||
- Repeated “fix(core)” commits improved internal stability.
|
||||
- A “fix(ci)” update was also introduced to streamline continuous integration processes.
|
||||
|
||||
---
|
||||
|
||||
## 2019-11-21 - 2.0.6 - feat
|
||||
New functionality was added to expand the available hashing algorithms.
|
||||
|
||||
- feat(md5): Now creates MD5 hashes, broadening the project’s cryptographic capabilities.
|
||||
|
||||
---
|
||||
|
||||
## 2019-07-04 to 2018-09-07 - 2.0.0 - Maintenance
|
||||
This range of releases was dedicated to refining core functionality and enhancing security.
|
||||
|
||||
- Numerous “fix(core)” commits ensured consistent behavior.
|
||||
- A “fix(snyk)” commit added a .snyk file and marked the project as Open Source for improved security auditing.
|
||||
|
||||
---
|
||||
|
||||
## 2018-09-07 - 1.0.4 - BREAKING CHANGE
|
||||
A breaking change was introduced by renaming the package scope.
|
||||
|
||||
- BREAKING CHANGE(scope): Changed the package name to @pushrocks/smarthash, requiring updates for consumers referencing the old name.
|
||||
|
||||
---
|
||||
|
||||
## 2016-08-16 to 2016-05-23 - 1.0.0 - Initial Setup
|
||||
During the early days of the project, core implementation and structure were established.
|
||||
|
||||
- Early commits included the initial implementation (“implementation is ready”), package metadata adjustments (e.g. “update package tags”, “fix README”), and structural additions (“add structure”).
|
||||
- The journey began with the Initial commit on 2016-05-23, setting the groundwork for future development.
|
@ -37,4 +37,9 @@ Merge the functionality from @push.rocks/isohash into @push.rocks/smarthash to p
|
||||
- The web version uses native Web Crypto API for performance
|
||||
- The Node.js version continues using the existing crypto implementation
|
||||
- API remains consistent across both environments
|
||||
- No breaking changes to existing smarthash functionality
|
||||
- No breaking changes to existing smarthash functionality
|
||||
|
||||
## Additional Features Implemented
|
||||
- **Fallback for non-HTTPS environments**: Added pure JavaScript SHA256 implementation that automatically activates when crypto.subtle is not available (e.g., HTTP or file:// protocols)
|
||||
- **Comprehensive browser tests**: Created test.browser.ts with specific browser environment tests
|
||||
- **Cross-environment consistency**: Ensured hash outputs match across Node.js and browser implementations
|
@ -62,4 +62,16 @@ tap.test('md5FromString should throw in browser environment', async () => {
|
||||
await expect(smarthash.md5FromString('test')).rejects.toThrow();
|
||||
});
|
||||
|
||||
tap.test('sha256 produces consistent results across environments', async () => {
|
||||
// Test that our implementation produces the same hash as Node.js crypto
|
||||
const testHash = await smarthash.sha256FromString('test');
|
||||
const expectedHash = '9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08';
|
||||
expect(testHash).toEqual(expectedHash);
|
||||
|
||||
// Test with different string
|
||||
const testHash2 = await smarthash.sha256FromString('hello world');
|
||||
const expectedHash2 = 'b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9';
|
||||
expect(testHash2).toEqual(expectedHash2);
|
||||
});
|
||||
|
||||
export default tap.start();
|
@ -1,8 +1,8 @@
|
||||
/**
|
||||
* autocreated commitinfo by @pushrocks/commitinfo
|
||||
* autocreated commitinfo by @push.rocks/commitinfo
|
||||
*/
|
||||
export const commitinfo = {
|
||||
name: '@push.rocks/smarthash',
|
||||
version: '3.0.4',
|
||||
description: 'simplified access to node hash functions'
|
||||
version: '3.1.0',
|
||||
description: 'Cross-environment hash functions (SHA256 and MD5) for Node.js and browsers, with support for strings, streams, and files.'
|
||||
}
|
||||
|
8
ts_web/00_commitinfo_data.ts
Normal file
8
ts_web/00_commitinfo_data.ts
Normal file
@ -0,0 +1,8 @@
|
||||
/**
|
||||
* autocreated commitinfo by @push.rocks/commitinfo
|
||||
*/
|
||||
export const commitinfo = {
|
||||
name: '@push.rocks/smarthash',
|
||||
version: '3.1.0',
|
||||
description: 'Cross-environment hash functions (SHA256 and MD5) for Node.js and browsers, with support for strings, streams, and files.'
|
||||
}
|
@ -1,4 +1,5 @@
|
||||
import * as plugins from './plugins.js';
|
||||
import { sha256Fallback } from './sha256.fallback.js';
|
||||
|
||||
/**
|
||||
* Convert ArrayBuffer to hex string
|
||||
@ -21,15 +22,28 @@ const hex = (buffer: ArrayBuffer): string => {
|
||||
return hexCodes.join("");
|
||||
};
|
||||
|
||||
/**
|
||||
* Check if crypto.subtle is available
|
||||
*/
|
||||
const isCryptoSubtleAvailable = (): boolean => {
|
||||
return typeof crypto !== 'undefined' && crypto.subtle !== undefined;
|
||||
};
|
||||
|
||||
/**
|
||||
* Computes sha256 Hash from String
|
||||
*/
|
||||
export const sha256FromString = async (stringArg: string): Promise<string> => {
|
||||
// Get the string as arraybuffer.
|
||||
const buffer = (new TextEncoder()).encode(stringArg);
|
||||
const hash = await crypto.subtle.digest("SHA-256", buffer);
|
||||
const result = hex(hash);
|
||||
return result;
|
||||
|
||||
if (isCryptoSubtleAvailable()) {
|
||||
const hash = await crypto.subtle.digest("SHA-256", buffer);
|
||||
const result = hex(hash);
|
||||
return result;
|
||||
} else {
|
||||
// Use fallback for non-HTTPS environments
|
||||
return sha256Fallback(buffer);
|
||||
}
|
||||
};
|
||||
|
||||
/**
|
||||
@ -45,9 +59,15 @@ export const sha256FromStringSync = (stringArg: string): string => {
|
||||
* Computes sha256 Hash from ArrayBuffer
|
||||
*/
|
||||
export const sha256FromBuffer = async (bufferArg: ArrayBuffer | Uint8Array): Promise<string> => {
|
||||
const hash = await crypto.subtle.digest("SHA-256", bufferArg);
|
||||
const result = hex(hash);
|
||||
return result;
|
||||
if (isCryptoSubtleAvailable()) {
|
||||
const hash = await crypto.subtle.digest("SHA-256", bufferArg);
|
||||
const result = hex(hash);
|
||||
return result;
|
||||
} else {
|
||||
// Use fallback for non-HTTPS environments
|
||||
const uint8Array = bufferArg instanceof Uint8Array ? bufferArg : new Uint8Array(bufferArg);
|
||||
return sha256Fallback(uint8Array);
|
||||
}
|
||||
};
|
||||
|
||||
/**
|
||||
|
121
ts_web/sha256.fallback.ts
Normal file
121
ts_web/sha256.fallback.ts
Normal file
@ -0,0 +1,121 @@
|
||||
/**
|
||||
* Pure JavaScript SHA256 implementation
|
||||
* Used as fallback when crypto.subtle is not available (non-HTTPS contexts)
|
||||
*/
|
||||
|
||||
/**
|
||||
* SHA256 constants
|
||||
*/
|
||||
const K: number[] = [
|
||||
0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
|
||||
0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
|
||||
0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
|
||||
0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
|
||||
0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
|
||||
0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
|
||||
0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
|
||||
0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
|
||||
];
|
||||
|
||||
/**
|
||||
* Initial hash values
|
||||
*/
|
||||
const H: number[] = [
|
||||
0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a,
|
||||
0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19
|
||||
];
|
||||
|
||||
/**
|
||||
* Rotate right
|
||||
*/
|
||||
function rotr(n: number, b: number): number {
|
||||
return (n >>> b) | (n << (32 - b));
|
||||
}
|
||||
|
||||
/**
|
||||
* SHA256 compression function
|
||||
*/
|
||||
function sha256Transform(W: number[], H: number[]): void {
|
||||
let a = H[0];
|
||||
let b = H[1];
|
||||
let c = H[2];
|
||||
let d = H[3];
|
||||
let e = H[4];
|
||||
let f = H[5];
|
||||
let g = H[6];
|
||||
let h = H[7];
|
||||
|
||||
for (let j = 0; j < 64; j++) {
|
||||
if (j >= 16) {
|
||||
const s0 = rotr(W[j - 15], 7) ^ rotr(W[j - 15], 18) ^ (W[j - 15] >>> 3);
|
||||
const s1 = rotr(W[j - 2], 17) ^ rotr(W[j - 2], 19) ^ (W[j - 2] >>> 10);
|
||||
W[j] = (W[j - 16] + s0 + W[j - 7] + s1) >>> 0;
|
||||
}
|
||||
|
||||
const S1 = rotr(e, 6) ^ rotr(e, 11) ^ rotr(e, 25);
|
||||
const ch = (e & f) ^ ((~e) & g);
|
||||
const temp1 = (h + S1 + ch + K[j] + W[j]) >>> 0;
|
||||
|
||||
const S0 = rotr(a, 2) ^ rotr(a, 13) ^ rotr(a, 22);
|
||||
const maj = (a & b) ^ (a & c) ^ (b & c);
|
||||
const temp2 = (S0 + maj) >>> 0;
|
||||
|
||||
h = g;
|
||||
g = f;
|
||||
f = e;
|
||||
e = (d + temp1) >>> 0;
|
||||
d = c;
|
||||
c = b;
|
||||
b = a;
|
||||
a = (temp1 + temp2) >>> 0;
|
||||
}
|
||||
|
||||
H[0] = (H[0] + a) >>> 0;
|
||||
H[1] = (H[1] + b) >>> 0;
|
||||
H[2] = (H[2] + c) >>> 0;
|
||||
H[3] = (H[3] + d) >>> 0;
|
||||
H[4] = (H[4] + e) >>> 0;
|
||||
H[5] = (H[5] + f) >>> 0;
|
||||
H[6] = (H[6] + g) >>> 0;
|
||||
H[7] = (H[7] + h) >>> 0;
|
||||
}
|
||||
|
||||
/**
|
||||
* Calculate SHA256 hash from bytes
|
||||
*/
|
||||
export function sha256Fallback(bytes: Uint8Array): string {
|
||||
const H_copy = [...H];
|
||||
const msgLen = bytes.length;
|
||||
const msgBitLen = msgLen * 8;
|
||||
|
||||
// Padding
|
||||
const padLen = (msgLen % 64 < 56) ? 56 - (msgLen % 64) : 120 - (msgLen % 64);
|
||||
const padded = new Uint8Array(msgLen + padLen + 8);
|
||||
padded.set(bytes);
|
||||
padded[msgLen] = 0x80;
|
||||
|
||||
// Append length (64-bit big-endian)
|
||||
const dataView = new DataView(padded.buffer);
|
||||
dataView.setUint32(padded.length - 8, 0, false); // high 32 bits
|
||||
dataView.setUint32(padded.length - 4, msgBitLen >>> 0, false); // low 32 bits
|
||||
|
||||
// Process blocks
|
||||
for (let offset = 0; offset < padded.length; offset += 64) {
|
||||
const W = new Array(64);
|
||||
|
||||
// Copy block into W[0..15]
|
||||
for (let i = 0; i < 16; i++) {
|
||||
W[i] = dataView.getUint32(offset + i * 4, false);
|
||||
}
|
||||
|
||||
sha256Transform(W, H_copy);
|
||||
}
|
||||
|
||||
// Convert to hex string
|
||||
let hex = '';
|
||||
for (let i = 0; i < 8; i++) {
|
||||
hex += H_copy[i].toString(16).padStart(8, '0');
|
||||
}
|
||||
|
||||
return hex;
|
||||
}
|
Reference in New Issue
Block a user