ironcorelabs / recrypt-wasm-binding Goto Github PK

Pull in the ironcore-search-helpers and expose functions. Requires these steps:

• Upgrade to recrypt 0.11
• Expose the generate_hashes_for_string_with_padding and generate_hashes_for_string functions, behind a feature flag.

GitHub is reporting three vulnerabilities:

lodash critical CVE-2019-10744
mixin-deep high sev CVE-2019-10746
set-value high sev CVE-2019-10747

//Transform the encrypted data (without decrypting it!) so that it can be decrypted with the second key pair
const transformedEncryptedValue = Api256.transform(encryptedValue, userToDeviceTransformKey, signingKeys.privateKey);

I was wondering why this step needs the sigingKeys.privateKey. Doesn't that add the risk that comes with transferring the signignKey privateKey to the device?

I'm not sure which version of wasm-bindgen is running in CI, but my local attempts with wasm-bindgen 0.2.74 (d1d64200a) failed to compile.

It looks like there need to be significant reworks in the fixBindgenShim.js code, as the output of wasm-bindgen has changed pretty significantly itself.

function removeNodeJSFunctions() {
    const shimJS = fs.readFileSync(SOURCE_JS_FILE, "utf8");

    //Replace the entire __wbg_require and randomFillSync method that is auto generated in the output.
    const codeWithoutNode = shimJS
        .replace(/\nexport function __wbg_require_[a-f0-9]*[(]arg0, arg1[)] {[^}]*};\n/, "")
        .replace(/\nexport function __wbg_randomFillSync_[a-f0-9]*[(]arg0, arg1, arg2[)] {[^}]*};\n/, "");

    if (codeWithoutNode.includes("require(") || codeWithoutNode.includes("randomFillSync")) {
        throw new Error("Replacement of NodeJS import and/or randomFillSync functions failed!");
    }
    fs.writeFileSync(SOURCE_JS_FILE, codeWithoutNode, "utf8");
}

That worked to fix the removeNodeJSFunctions breakage, but it looks like each of the other replacement functions may have changed as well.

According to https://caniuse.com/cryptography, WebCrypto support in WebWorkers was added to Edge at the end of 2018, we may now be safe to drop all the stuff we're doing in the shim to use Recrypt.setRandomSeed instead in Edge, which would simplify the shim drastically.

There are several downstream vulnerabilities that could tangentially impact this library, update dependencies.

We need to upgrade to the latest recrypt-rs version which involves some rand changes that we'll need to figure out. In addition we need to expose a function to subtract a private key from another private key in order to do key rotation.

Edge doesn't yet support the PBKDF2 flavor that we've implemented for master private key escrow and the pure-JS polyfill is very slow. To better support Edge we should implement PBKDF2 in wasm so that we get better performance numbers and can call it from IronWeb.

Publish version to match recrypt to designate "production ready" usage.

When transliterate_string(str) has been added to the search-helpers, expose it along with the other substring search functions.

I found the webpack-usage documentation somewhat confusing, even after trying to eject a create-react-app project. I'm new to wasm+react, but was hoping using the npm module would make it more seamless.

Would love any additional documentation for using this in client-side browser applications.

This build failed in the Get version step:

Version 'null' in './examples/create-react-app-example/package.json' doesn't match '0.6.24-pre' from others in './Cargo.toml
./examples/create-react-app-example/package.json
./package.json'

The example app has a version that doesn't match the other versions in the repo. The bump-version workflow doesn't know what to do with that.

The current logic for package.json files is: If package.json is in the root of the repo, read the version from it. Otherwise, ignore the deeply nested package.json and read the version from package.json in the root of the repo, which must exist.

Options:

• Change the example app so it has the same version as the repo.
• Nest the example app more deeply so it gets ignored by find . -maxdepth 3.
• Modify the bump-version scripts so they ignore that file. Maybe ignore deeply-nested package.json completely if there's no root package.json?

Hi,

we still need to support Internet Explorer which does not support WebAssembly.

recrypt with ScalaJS is not an option because decrypting a transformed cipher takes up to 25 seconds with IE.

For a fallback solution I wanted to try asm.js compilation: I changed the target to asmjs-unknown-emscripten. Then I had to change the crate type to lib because cdylib was not supported by asmjs-unknown-emscripten. However, compilation failed:

   Compiling ed25519-dalek v1.0.0-pre.0 (https://github.com/IronCoreLabs/ed25519-dalek?branch=rand-0.6#1132665a)
error[E0277]: the trait bound `rand::distributions::Standard: rand::distributions::Distribution<u128>` is not satisfied
   --> /home/dph/.cargo/git/checkouts/ed25519-dalek-ab972af0b2b0a306/1132665/src/ed25519.rs:984:44
    |
984 |         .map(|_| Scalar::from(thread_rng().gen::<u128>()))
    |                                            ^^^ the trait `rand::distributions::Distribution<u128>` is not implemented for `rand::distributions::Standard`
    |
    = help: the following implementations were found:
              <rand::distributions::Standard as rand::distributions::Distribution<()>>
              <rand::distributions::Standard as rand::distributions::Distribution<(A, B)>>
              <rand::distributions::Standard as rand::distributions::Distribution<(A, B, C)>>
              <rand::distributions::Standard as rand::distributions::Distribution<(A, B, C, D)>>
            and 58 others

error: aborting due to previous error

For more information about this error, try `rustc --explain E0277`.
error: Could not compile `ed25519-dalek`.
warning: build failed, waiting for other jobs to finish...
error: build failed

Do you have any experience with asm.js compilation of recrypt-rs via emscripten?

The wasm-bindgen shim that gets generated as part of this package includes code that attempts to call the WebCrypto API. When this WASM module is used in a WebWorker, that API is not available in MS Edge which causes errors. We should expose a method in the shim to let users pass in a random value to be used in lieu of calling crypto.getRandomValues.

Our ed25519 dependency in recrypt supports using a 32-bit backend instead of the default 64 bit. This both improves performance and reduces the file size in the WASM code. We should figure out how to enable that feature at the WASM level to gain these improvements.