-
Notifications
You must be signed in to change notification settings - Fork 73
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Check certificate before passing to wasm #374
Merged
Ansonhkg
merged 14 commits into
staging/3.2.1
from
fix/check-cert-outside-wasm-before-passing-it-in
Feb 22, 2024
Merged
Check certificate before passing to wasm #374
Ansonhkg
merged 14 commits into
staging/3.2.1
from
fix/check-cert-outside-wasm-before-passing-it-in
Feb 22, 2024
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#360) * use testThis in testThese to unify criteria and fix the pipeline that was missing some tests due to testThese finishing the process with code 0 * fmt * remove problematic process.exit
* Add `K256` as alias of `ECDSA_CAIT_SITH` sig type (#356) * add comment pointing to repo --------- Co-authored-by: Massimo Cairo <cairomassimo@gmail.com>
* implement new interface to unify session authentication in client * fix eth pkp wallet creation unit test * update test to use global config * add test group to CI * change encryption test to also validate getting session sigs from cache * remove process termination order included on testThese that was avoiding other tests to run * Add `K256` as alias of `ECDSA_CAIT_SITH` sig type (#356) * fix rpc constant used in testing * add empty resourceAbilityRequests to test * fix and clean test using new session cache interface to sign using PKPEthersWallet * fix encryption test * remove old test * staging * chore: update readme * v? * use throwError function * remove unnnecessary sessionKeys as they are obtained from cache afterwards * move authContext validation to function that validates the PKP auth context * backwards compatibility to avoid a breaking change * fmt * fmt * fix siwe import --------- Co-authored-by: Massimo Cairo <cairomassimo@gmail.com> Co-authored-by: Ansonhkg <ansonox@gmail.com>
|
Ansonhkg
deleted the
fix/check-cert-outside-wasm-before-passing-it-in
branch
February 22, 2024 04:58
Ansonhkg
added a commit
that referenced
this pull request
Feb 22, 2024
* init patch * Feature/lit 2545 js sdk fix cosmjscrypto (#381) * fix: should add dependencies to related packages * fix: include cosmos dependencies * fix: correct version * fix: correct version * Check certificate before passing to wasm (#374) * init release * feat: fix contracts-sdk (#359) * use testThis in testThese to unify criteria and fix the pipeline that… (#360) * use testThis in testThese to unify criteria and fix the pipeline that was missing some tests due to testThese finishing the process with code 0 * fmt * remove problematic process.exit * Add `K256` as alias of `ECDSA_CAIT_SITH` sig type * add CI run on PRs targeting staging branches (#361) * add comment pointing to repo (#362) * Add `K256` as alias of `ECDSA_CAIT_SITH` sig type (#356) * add comment pointing to repo --------- Co-authored-by: Massimo Cairo <cairomassimo@gmail.com> * prettied * feature/lit-2511-js-sdk-review-remove-lit-siwe (#373) * implement new interface to unify session authentication in client (#358) * implement new interface to unify session authentication in client * fix eth pkp wallet creation unit test * update test to use global config * add test group to CI * change encryption test to also validate getting session sigs from cache * remove process termination order included on testThese that was avoiding other tests to run * Add `K256` as alias of `ECDSA_CAIT_SITH` sig type (#356) * fix rpc constant used in testing * add empty resourceAbilityRequests to test * fix and clean test using new session cache interface to sign using PKPEthersWallet * fix encryption test * remove old test * staging * chore: update readme * v? * use throwError function * remove unnnecessary sessionKeys as they are obtained from cache afterwards * move authContext validation to function that validates the PKP auth context * backwards compatibility to avoid a breaking change * fmt * fmt * fix siwe import --------- Co-authored-by: Massimo Cairo <cairomassimo@gmail.com> Co-authored-by: Ansonhkg <ansonox@gmail.com> * remove vanilla js builds (#372) * Feature/lit 2494 js sdk get rid of lit third party libs (#371) * remove 3rd party libs * fix: revert back to fix react * it works * cherry picks 735438f 3b0422f * readme * resolve conflicts --------- Signed-off-by: Anson <ansonox@gmail.com> * fix: build issues * Check certificate before passing to wasm --------- Signed-off-by: Anson <ansonox@gmail.com> Co-authored-by: Ansonhkg <ansonox@gmail.com> Co-authored-by: Federico Amura <federicoamura@gmail.com> Co-authored-by: Massimo Cairo <cairomassimo@gmail.com> * fix: add blockhash to react demo app (#379) --------- Signed-off-by: Anson <ansonox@gmail.com> Co-authored-by: Chris Cassano <1285652+glitch003@users.noreply.github.com> Co-authored-by: Federico Amura <federicoamura@gmail.com> Co-authored-by: Massimo Cairo <cairomassimo@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
When the VCEK certificate retrieval fails, the wasm breaks. This is breaking out of a surrounding try / catch on AWS lambda.
This PR checks the VCEK certificate before passing it to wasm. The hope is that, if the cert retrieval fails, we just return a JS error, and the error doesn't come from the WASM.
I picked 256 as the minimum certificate size because it seems reasonable. They are typically 1300 bytes so if it's less than 256 it's probably just an error message or something.
I have no idea if this works because I can't reproduce the bug - the certificates always retrieve properly for me. But this is an attempt at a fix.