Purge SJCL (#73)

* Remove SJCL from browser random source

* Use crypto feature detection rather than generic runtime detection

* Remove packages vendoring portions of the SJCL

* Fix flaky signature tests

Author: jeskew

packages/crypto-random-source-browser/package.json

@@ -7,12 +7,10 @@
         "pretest": "tsc -p tsconfig.test.json",
         "test": "jest"
     },
-    "author": "aws-javascript-sdk-team@amazon.com",
-    "license": "UNLICENSED",
+    "author": "aws-sdk-js@amazon.com",
+    "license": "Apache-2.0",
     "dependencies": {
         "@aws/crypto-ie11-detection": "^0.0.1",
-        "@aws/crypto-sjcl-random": "^0.0.1",
-        "@aws/crypto-sjcl-codecArrayBuffer": "^0.0.1",
         "@aws/crypto-supports-webCrypto": "^0.0.1",
         "@aws/types": "^0.0.1",
         "@aws/util-locate-window": "^0.0.1"
@@ -25,4 +23,4 @@
     },
     "main": "./build/index.js",
     "types": "./build/index.d.ts"
-}
+}

packages/crypto-random-source-browser/src/ie11RandomValues.spec.ts

@@ -25,7 +25,8 @@ describe('randomValues', () => {
                 }
             };
 
-            await expect(randomValues(12)).rejects;
+            await expect(randomValues(12)).rejects
+                .toMatchObject(new Error('PANIC PANIC'));
         }
     );
 });

packages/crypto-random-source-browser/src/index.spec.ts

@@ -14,11 +14,6 @@ jest.mock('./ie11RandomValues', () => {
 });
 import {randomValues as ie11RandomValues} from './ie11RandomValues';
 
-jest.mock('./jsRandomValues', () => {
-    return { randomValues: jest.fn() };
-});
-import {randomValues as jsRandomValues} from './jsRandomValues';
-
 jest.mock('./webCryptoRandomValues', () => {
     return { randomValues: jest.fn() };
 });
@@ -28,7 +23,6 @@ beforeEach(() => {
     (isMsWindow as any).mockReset();
     (supportsWebCrypto as any).mockReset();
     (ie11RandomValues as any).mockReset();
-    (jsRandomValues as any).mockReset();
     (webCryptoRandomValues as any).mockReset();
 });
 
@@ -39,7 +33,7 @@ describe('implementation selection', () => {
         await randomValues(1);
 
         expect((webCryptoRandomValues as any).mock.calls.length).toBe(1);
-        expect((jsRandomValues as any).mock.calls.length).toBe(0);
+        expect((ie11RandomValues as any).mock.calls.length).toBe(0);
     });
 
     it('should use IE 11 WebCrypto when available', async () => {
@@ -48,7 +42,7 @@ describe('implementation selection', () => {
         await randomValues(1);
 
         expect((ie11RandomValues as any).mock.calls.length).toBe(1);
-        expect((jsRandomValues as any).mock.calls.length).toBe(0);
+        expect((webCryptoRandomValues as any).mock.calls.length).toBe(0);
     });
 
     it(
@@ -61,20 +55,20 @@ describe('implementation selection', () => {
 
             expect((webCryptoRandomValues as any).mock.calls.length).toBe(1);
             expect((ie11RandomValues as any).mock.calls.length).toBe(0);
-            expect((jsRandomValues as any).mock.calls.length).toBe(0);
         }
     );
 
-    it('should fall back on the SJCL', async () => {
-        (supportsWebCrypto as any).mockImplementation(() => false);
-        (isMsWindow as any).mockImplementation(() => false);
-
-        await randomValues(1);
+    it(
+        'should throw if neither WebCrypto nor IE 11 Crypto is available',
+        async () => {
+            await expect(randomValues(1)).rejects.toMatchObject(
+                new Error('Unable to locate secure random source.')
+            );
 
-        expect((webCryptoRandomValues as any).mock.calls.length).toBe(0);
-        expect((ie11RandomValues as any).mock.calls.length).toBe(0);
-        expect((jsRandomValues as any).mock.calls.length).toBe(1);
-    });
+            expect((webCryptoRandomValues as any).mock.calls.length).toBe(0);
+            expect((ie11RandomValues as any).mock.calls.length).toBe(0);
+        }
+    );
 });
 
 describe('global detection', () => {
@@ -91,21 +85,21 @@ describe('global detection', () => {
         (global as any).self = _self;
     });
 
-    it(
-        'should fall back to the SJCL if neither window nor self is defined',
-        async () => {
-            await randomValues(1);
+    it('should throw if neither window nor self is defined', async () => {
+        await expect(randomValues(1)).rejects.toMatchObject(
+            new Error('Unable to locate secure random source.')
+        );
 
-            expect((webCryptoRandomValues as any).mock.calls.length).toBe(0);
-            expect((ie11RandomValues as any).mock.calls.length).toBe(0);
-            expect((jsRandomValues as any).mock.calls.length).toBe(1);
-        }
-    );
+        expect((webCryptoRandomValues as any).mock.calls.length).toBe(0);
+        expect((ie11RandomValues as any).mock.calls.length).toBe(0);
+    });
 
     it('should use `self` if window is not defined', async () => {
         (global as any).self = _self;
 
-        await randomValues(1);
+        try {
+            await randomValues(1);
+        } catch {}
 
         expect((supportsWebCrypto as any).mock.calls.length).toBe(1);
         expect((supportsWebCrypto as any).mock.calls[0][0]).toBe(_self);

packages/crypto-random-source-browser/src/index.ts

@@ -1,11 +1,10 @@
 import {randomValues as ie11RandomValues} from './ie11RandomValues';
 import {randomValues as webCryptoRandomValues} from './webCryptoRandomValues';
-import {randomValues as sjclRandomValues} from './jsRandomValues';
 import {isMsWindow} from '@aws/crypto-ie11-detection';
 import {supportsWebCrypto} from '@aws/crypto-supports-webCrypto';
 import {locateWindow} from '@aws/util-locate-window';
 
-export {ie11RandomValues, webCryptoRandomValues, sjclRandomValues};
+export {ie11RandomValues, webCryptoRandomValues};
 
 export function randomValues(byteLength: number): Promise<Uint8Array> {
     // Find the global scope for this runtime
@@ -17,5 +16,7 @@ export function randomValues(byteLength: number): Promise<Uint8Array> {
         return ie11RandomValues(byteLength);
     }
 
-    return sjclRandomValues(byteLength);
+    return Promise.reject(
+        new Error(`Unable to locate a secure random source.`)
+    );
 }

packages/crypto-random-source-browser/src/jsRandomValues.spec.ts

@@ -25,7 +25,8 @@ describe('randomValues', () => {
                 }
             };
 
-            await expect(randomValues(12)).rejects;
+            await expect(randomValues(12)).rejects
+                .toMatchObject(new Error('PANIC PANIC'));
         }
     );
 });

packages/crypto-random-source-browser/src/jsRandomValues.ts

@@ -12,7 +12,6 @@
     "dependencies": {
         "@aws/crypto-random-source-browser": "^0.0.1",
         "@aws/crypto-random-source-node": "^0.0.1",
-        "@aws/is-node": "^0.0.1",
         "@aws/types": "^0.0.1"
     },
     "devDependencies": {
@@ -26,4 +25,4 @@
     },
     "main": "./build/index.js",
     "types": "./build/index.d.ts"
-}
+}

packages/crypto-random-source-browser/src/webCryptoRandomValues.spec.ts

@@ -0,0 +1,31 @@
+import {randomValues} from './';
+
+jest.mock('crypto', () => {
+    throw new Error('Crypto module is not defined');
+});
+
+jest.mock('@aws/crypto-random-source-browser', () => {
+    return { randomValues: jest.fn() };
+});
+import {randomValues as browserRandomValues} from '@aws/crypto-random-source-browser';
+jest.mock('@aws/crypto-random-source-node', () => {
+    return { randomValues: jest.fn() };
+});
+import {randomValues as nodeRandomValues} from '@aws/crypto-random-source-node';
+
+beforeEach(() => {
+    (browserRandomValues as any).mockReset();
+    (nodeRandomValues as any).mockReset();
+});
+
+describe('implementation selection', () => {
+    it(
+        'should use the browser implementation when the crypto module is not defined',
+        async () => {
+            await randomValues(1);
+
+            expect((nodeRandomValues as any).mock.calls.length).toBe(0);
+            expect((browserRandomValues as any).mock.calls.length).toBe(1);
+        }
+    );
+});

packages/crypto-random-source-universal/package.json

@@ -1,4 +1,3 @@
-import {isNode} from '@aws/is-node';
 import {
     randomValues as browserRandomValues
 } from '@aws/crypto-random-source-browser';
@@ -11,9 +10,24 @@ import {randomValues as IRandomValues} from '@aws/types';
  * @implements {IRandomValues}
  */
 export function randomValues(byteLength: number): Promise<Uint8Array> {
-    if (isNode()) {
+    if (supportsCryptoModule) {
         return nodeRandomValues(byteLength);
     }
 
     return browserRandomValues(byteLength);
 }
+
+/**
+ * Try to require Node's crypto module and record whether the operation
+ * succeeded.
+ *
+ * @internal
+ */
+const supportsCryptoModule: boolean = (() => {
+    try {
+        require('crypto');
+        return true;
+    } catch {
+        return false;
+    }
+})();