Comments (21)
We're experiencing slowly increasing error rate based some Chrome version rollout.
For now, we changed to @aws-crypto/sha256-js
import { Sha256 } from '@aws-crypto/sha256-js';
export const sha256 = (s: string): string => {
const hash = new Sha256();
hash.update(s);
const hashUint8Array = hash.digestSync();
return Buffer.from(hashUint8Array).toString('hex');
};
from js-sha256.
workaround in v0.10.0. Please check if it fixed.
from js-sha256.
I'm having the same issue with Chrome 116.0.5845.110 on x86-64 Linux. The JIT is doing some weird optimizations to the a
variable in the Sha256.prototype.hash
function which causes its value to be inconsistent.
As a workaround, using the a
variable immediately after setting it in each pass seems to fix this. I accomplish this by passing it to an empty unnamed function here.
from js-sha256.
@hanzheliva I can reproduce by download old version. And I use @NicolasFlamel1 's workaround but change to an assignment
{
//...
e = a + t1 << 0;
a = t1 + t2 << 0;
this.chromeBugWorkAround = true;
}
This seems work and won't lose performance too much. I will use this change to fix this issue in next version.
But I can't sign in my npm account to publish. still working on it...
from js-sha256.
@djouf007 I found that I can disable polyfills in my package. use v0.10.1 should work.
from js-sha256.
I have a similar problem with Google Chrome 116.0.0.0, it will produce incorrect hashes for a while and then after a certain number of hashes are computed, all future hash outputs will be correct.
from js-sha256.
Can you give a sample code?
from js-sha256.
I can reproduce it in Chrome 116.0.5845.110 using this code:
<html>
<body>
<pre id="output"></pre>
<script src="https://cdn.jsdelivr.net/gh/emn178/js-sha256/build/sha256.min.js"></script>
<script>
for (let i = 0; i < 100; i++) {
document.getElementById("output").innerText += i + ": " + sha256.hex("a") + "\n"
}
</script>
</body>
</html>
After 33 iterations it starts returning a different value.
from js-sha256.
An input of "b" is even more interesting. Then it produces more than two different values.
from js-sha256.
I can't reproduce in my Chrome 116.0.5845.110 (arm64)
from js-sha256.
I had the same problem and needed to open a traceless browser to solve it.my Chrome 116.0.5845.96
from js-sha256.
Same problem, could you help how to fixe that in angular 16 pls, do i need to go to the file js-sha256? is it possible to explain how we do it
thanks
from js-sha256.
We've replaced this library with @aws-crypto/sha256-browser as a solution
from js-sha256.
I use @slisson 's sample code and tried on many versions and devices. I still can't reproduce this issue. Can you guys reproduce by the sample code?
from js-sha256.
https://commondatastorage.googleapis.com/chromium-browser-snapshots/index.html?prefix=Mac/1160321/
The link is located using https://www.chromium.org/getting-involved/download-chromium/
If you run this Chromium 116.0.5845.96 on Macbook x86 version, you will get a different hash after 132 tries.
And this behavior is not stable if you run the sample code another time
from js-sha256.
My coworker and I narrowed at least part of it down to this i++
operation acting very strangely — if you hover over it and then other expressions on this line repeatedly in the debugger, it causes i
to increment just by previewing that value, which is extremely not-correct behavior. At this state in the debugger i
simultaneously has a value of 0
, and 2
depending on which part of the devtools you ask, and it seems that the incremented value is the one used in the calculation.
Sharing in case this is helpful in updating this library's code to work around this problem. Perhaps not inlining the combined var
and ++
parts might help? In particular it's weird that i
is declared much higher up than where it's used in this loop.
from js-sha256.
FWIW, even though the above debugger behavior was reproducible on my computer, the simple repro case above does not repro for me, but does repro for my coworker consistently. I haven't run into this general problem happening in production, but he does very consistently. IIRC we use the same model of computer (m1 pro macbook pro 16")
from js-sha256.
Thanks Sir but i have this erros with npm install [email protected]
./node_modules/js-sha256/src/sha256.js:68:17-34 - Error: Module not found: Error: Can't resolve 'crypto' in '/var/www/produits/neoshop/neoV16/node_modules/js-sha256/src'
BREAKING CHANGE: webpack < 5 used to include polyfills for node.js core modules by default.
This is no longer the case. Verify if you need this module and configure a polyfill for it.
If you want to include a polyfill, you need to:
- add a fallback 'resolve.fallback: { "crypto": require.resolve("crypto-browserify") }'
- install 'crypto-browserify'
If you don't want to include a polyfill, you can use an empty module like this:
resolve.fallback: { "crypto": false }
How do i can fixe this
Thanks again
from js-sha256.
This version remove eval, so webpack detects "require" and causes this. Please check
https://stackoverflow.com/questions/54162297/module-not-found-error-cant-resolve-crypto
from js-sha256.
Thank you so much; it's all working perfectly @emn178
from js-sha256.
Has anyone opened an issue on crbug.com for this?
from js-sha256.
Related Issues (20)
- Conflict with requirejs HOT 11
- Rollupjs build complains about the use of eval in this library. HOT 7
- Hmac update question HOT 2
- Outdated typescript definition HOT 6
- Using Salt HOT 1
- Example for File Hash SHA256 ? HOT 1
- One of the test cases for HMAC is "wrong" HOT 1
- Library does not work under strict Content-Security-Policy HOT 2
- Different output on online-tools and while using the lib HOT 2
- How fast is it compared to native ? HOT 3
- When will the version be updated? How often is the update? HOT 3
- How to decrypt HOT 4
- 同学,您这个项目引入了22个开源组件,存在3个漏洞,辛苦升级一下 HOT 1
- Deprecate library and reccomend standardized APIs HOT 12
- Sha256
- Generates incorrect hash in some cases HOT 2
- Vend ESM Please
- Set up GitHub release action / provenance
- How to pass the input configs Input Encoding, Output Encoding( UTF-8, HMAC ) HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from js-sha256.