fix: [#4840] The use of the package browserify-sign could violate Microsoft crypto policy

libraries/botframework-connector/package.json

@@ -59,7 +59,7 @@
     "build:browser:run": "tsup --config ../../tsup/browser.config.ts",
     "build:downlevel-dts": "downlevel-dts lib _ts3.4/lib --checksum",
     "clean": "rimraf _ts3.4 lib tsconfig.tsbuildinfo",
-    "depcheck": "depcheck --config ../../.depcheckrc --ignores azure,sinon,browserify-fs,buffer,crypto-browserify,https-browserify,stream-browserify,stream-http",
+    "depcheck": "depcheck --config ../../.depcheckrc --ignores azure,sinon,browserify-fs,buffer,https-browserify,stream-browserify,stream-http",
     "lint": "eslint .",
     "postbuild": "npm-run-all -p build:browser build:downlevel-dts",
     "test": "yarn build && yarn test:mocha",

package.json

@@ -93,7 +93,6 @@
     "@types/node": "18.19.47",
     "@types/sinon": "^17.0.3",
     "applicationinsights": "^2.9.6",
-    "crypto-browserify": "^3.12.0",
     "depcheck": "^1.4.7",
     "esbuild-plugin-polyfill-node": "^0.3.0",
     "https-browserify": "^1.0.0",

testing/browser-functional/browser-echo-bot/crypto-shim.js

@@ -0,0 +1,58 @@
+/**
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License.
+ */
+
+/* eslint-disable no-undef */
+
+/**
+ * Replacement for the getRandomValues function in the crypto module.
+ *
+ * @param {} array Array to fill with random values.
+ * @returns A reference to the array passed in as an argument, filled with random values.
+ */
+export function getRandomValues(array) {
+    return window.crypto.getRandomValues(array);
+}
+
+/**
+ * Replacement for the createHash function in the crypto module.
+ *
+ * @param {*} algorithm The algorithm to use for hashing.
+ * @returns A hash that can be used to generate hash digests using the given algorithm
+ */
+export function createHash(algorithm) {
+    if (algorithm !== 'sha256') {
+        throw new Error(`Unsupported hash algorithm: ${algorithm}`);
+    }
+
+    return {
+        _data: [],
+        update(data) {
+            if (typeof data === 'string') {
+                this._data.push(new TextEncoder().encode(data));
+            } else if (data instanceof Uint8Array) {
+                this._data.push(data);
+            } else {
+                throw new Error('Unsupported data type for hashing');
+            }
+            return this;
+        },
+        async digest() {
+            const concatenated = new Uint8Array(this._data.reduce((acc, curr) => acc + curr.length, 0));
+            let offset = 0;
+            for (const chunk of this._data) {
+                concatenated.set(chunk, offset);
+                offset += chunk.length;
+            }
+            const hashBuffer = await window.crypto.subtle.digest('SHA-256', concatenated);
+            return new Uint8Array(hashBuffer);
+        },
+    };
+}
+
+export default {
+    ...window.crypto,
+    createHash,
+    getRandomValues,
+};

testing/browser-functional/browser-echo-bot/package.json

@@ -29,7 +29,6 @@
     "babel-loader": "^9.2.1",
     "clean-webpack-plugin": "^4.0.0",
     "copy-webpack-plugin": "^12.0.2",
-    "crypto-browserify": "^3.12.0",
     "css-loader": "^7.1.2",
     "react": "~18.3.1",
     "react-dom": "~18.3.1",

testing/browser-functional/browser-echo-bot/webpack.config.js

@@ -61,11 +61,14 @@ module.exports = {
             tls: false,
             vm: false,
             path: false,
-            crypto: require.resolve('crypto-browserify'),
+            crypto: false,
             stream: require.resolve('stream-browserify'),
             buffer: require.resolve('buffer'),
             'process/browser': require.resolve('process/browser'),
         },
+        alias: {
+            crypto: resolve(__dirname, 'crypto-shim.js'),
+        },
     },
     output: {
         filename: 'app.js',

tsup/browser.config.ts

@@ -40,7 +40,7 @@ export default defineConfig((options) => {
                 global: 'globalThis',
             };
             options.alias = {
-                crypto: 'crypto-browserify',
+                crypto: resolve(__dirname, 'crypto-shim.js'),
                 http: 'stream-http',
                 https: 'https-browserify',
                 stream: 'stream-browserify',

tsup/crypto-shim.js

@@ -0,0 +1 @@
+export default window.crypto;