diff --git a/packages/remix-node/sessions/fileStorage.ts b/packages/remix-node/sessions/fileStorage.ts index 0a06213238e..61f2e4bd613 100644 --- a/packages/remix-node/sessions/fileStorage.ts +++ b/packages/remix-node/sessions/fileStorage.ts @@ -40,8 +40,8 @@ export function createFileSessionStorage({ let content = JSON.stringify({ data, expires }); while (true) { - // TODO: Once node v16 is available on AWS we should use the webcrypto - // API's crypto.getRandomValues() function here instead. + // TODO: Once Node v19 is supported we should use the globally provided + // // Web Crypto API's crypto.getRandomValues() function here instead. let randomBytes = crypto.randomBytes(8); // This storage manages an id space of 2^64 ids, which is far greater // than the maximum number of files allowed on an NTFS or ext4 volume diff --git a/packages/remix-server-runtime/crypto.ts b/packages/remix-server-runtime/crypto.ts index 6f839a7117f..2ccd59c58bb 100644 --- a/packages/remix-server-runtime/crypto.ts +++ b/packages/remix-server-runtime/crypto.ts @@ -5,22 +5,15 @@ export type UnsignFunction = ( secret: string ) => Promise; -// TODO: Once node v16 is available on AWS we should use the globally provided -// webcrypto "crypto" variable and re-enable this code-path in "./cookies.ts" -// instead of referencing the sign and unsign globals. +// TODO: Once Node v19 is supported we should use the globally provided +// Web Crypto API's and re-enable this code-path in "./cookies.ts" +// instead of referencing the `sign` and `unsign` globals. // const encoder = new TextEncoder(); -// export async function sign(value: string, secret: string): Promise { -// let key = await crypto.subtle.importKey( -// "raw", -// encoder.encode(secret), -// { name: "HMAC", hash: "SHA-256" }, -// false, -// ["sign"] -// ); - +// export const sign = async (value: string, secret: string): Promise => { // let data = encoder.encode(value); +// let key = await createKey(secret, ["sign"]); // let signature = await crypto.subtle.sign("HMAC", key, data); // let hash = btoa(String.fromCharCode(...new Uint8Array(signature))).replace( // /=+$/, @@ -28,31 +21,36 @@ export type UnsignFunction = ( // ); // return value + "." + hash; -// } +// }; -// export async function unsign( +// export const unsign = async ( // cookie: string, // secret: string -// ): Promise { -// let key = await crypto.subtle.importKey( -// "raw", -// encoder.encode(secret), -// { name: "HMAC", hash: "SHA-256" }, -// false, -// ["verify"] -// ); - +// ): Promise => { // let value = cookie.slice(0, cookie.lastIndexOf(".")); // let hash = cookie.slice(cookie.lastIndexOf(".") + 1); // let data = encoder.encode(value); +// let key = await createKey(secret, ["verify"]); // let signature = byteStringToUint8Array(atob(hash)); // let valid = await crypto.subtle.verify("HMAC", key, signature, data); // return valid ? value : false; -// } +// }; + +// const createKey = async ( +// secret: string, +// usages: CryptoKey["usages"] +// ): Promise => +// crypto.subtle.importKey( +// "raw", +// encoder.encode(secret), +// { name: "HMAC", hash: "SHA-256" }, +// false, +// usages +// ); -// function byteStringToUint8Array(byteString: string): Uint8Array { +// const byteStringToUint8Array = (byteString: string): Uint8Array => { // let array = new Uint8Array(byteString.length); // for (let i = 0; i < byteString.length; i++) { @@ -60,4 +58,4 @@ export type UnsignFunction = ( // } // return array; -// } +// };