Opened 6 years ago

Last modified 13 days ago

#5894 new enhancement

Replace sha256.js and base64_encode() with Mozilla's internal equivalents

Reported by: gk Owned by: pde
Priority: Low Milestone:
Component: HTTPS Everywhere/EFF-HTTPS Everywhere Version:
Severity: Normal Keywords:
Cc: gk, Drugoy Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

To reduce code bloat and avoid JavaScript's bit shifting inefficiencies it would be good to replace sha256.js and base64_encode() in ssl-observatory.js with functionality provided by Mozilla itself. The former is quite easy using nsICryptoHash (see the the example "Computing the Hash of a String" on https://developer.mozilla.org/en/XPCOM_Interface_Reference/nsICryptoHash). The latter is not working directly using btoa(). The reason is that |derData| is an array but btoa() needs a string as argument. But one can construct a string out of the array and use that in turn as input. The relevant code snipped would be something like

  let result = "";
  for (let j = 0, dataLength = derData.length; j < dataLength; ++j) {
    result += String.fromCharCode(derData[j]);
  }
  base64Certs.push(btoa(result));

I have implemented both approaches in JonDoFox and they work as expected.

Child Tickets

TicketTypeStatusOwnerSummary
#5478defectclosedpdeUse internal module to work with SHA256

Change History (3)

comment:1 Changed 6 years ago by pde

Cc: Drugoy added
Priority: normalminor

This is a good idea, but it will have trouble making to the top of my HTTPS Everywhere todo list.  Tested pull requests are welcome.

comment:2 Changed 5 years ago by pde

geko's base64 change landed in 3.0development.5

comment:3 Changed 13 days ago by teor

Severity: Normal

Set all open tickets without a severity to "Normal"

Note: See TracTickets for help on using tickets.