Purge SJCL (#73)

* Remove SJCL from browser random source

* Use crypto feature detection rather than generic runtime detection

* Remove packages vendoring portions of the SJCL

* Fix flaky signature tests

Author: jeskew

packages/crypto-random-source-browser/package.json

@@ -7,12 +7,10 @@
         "pretest": "tsc -p tsconfig.test.json",
         "test": "jest"
     },
-    "author": "aws-javascript-sdk-team@amazon.com",
-    "license": "UNLICENSED",
+    "author": "aws-sdk-js@amazon.com",
+    "license": "Apache-2.0",
     "dependencies": {
         "@aws/crypto-ie11-detection": "^0.0.1",
-        "@aws/crypto-sjcl-random": "^0.0.1",
-        "@aws/crypto-sjcl-codecArrayBuffer": "^0.0.1",
         "@aws/crypto-supports-webCrypto": "^0.0.1",
         "@aws/types": "^0.0.1",
         "@aws/util-locate-window": "^0.0.1"
@@ -25,4 +23,4 @@
     },
     "main": "./build/index.js",
     "types": "./build/index.d.ts"
-}
+}

packages/crypto-random-source-browser/src/ie11RandomValues.spec.ts

@@ -22,6 +22,8 @@ describe("randomValues", () => {
       }
     };
 
-    await expect(randomValues(12)).rejects;
+    await expect(randomValues(12)).rejects.toMatchObject(
+      new Error("PANIC PANIC")
+    );
   });
 });

packages/crypto-random-source-browser/src/index.spec.ts

@@ -14,11 +14,6 @@ jest.mock("./ie11RandomValues", () => {
 });
 import { randomValues as ie11RandomValues } from "./ie11RandomValues";
 
-jest.mock("./jsRandomValues", () => {
-  return { randomValues: jest.fn() };
-});
-import { randomValues as jsRandomValues } from "./jsRandomValues";
-
 jest.mock("./webCryptoRandomValues", () => {
   return { randomValues: jest.fn() };
 });
@@ -28,7 +23,6 @@ beforeEach(() => {
   (isMsWindow as any).mockReset();
   (supportsWebCrypto as any).mockReset();
   (ie11RandomValues as any).mockReset();
-  (jsRandomValues as any).mockReset();
   (webCryptoRandomValues as any).mockReset();
 });
 
@@ -39,7 +33,7 @@ describe("implementation selection", () => {
     await randomValues(1);
 
     expect((webCryptoRandomValues as any).mock.calls.length).toBe(1);
-    expect((jsRandomValues as any).mock.calls.length).toBe(0);
+    expect((ie11RandomValues as any).mock.calls.length).toBe(0);
   });
 
   it("should use IE 11 WebCrypto when available", async () => {
@@ -48,7 +42,7 @@ describe("implementation selection", () => {
     await randomValues(1);
 
     expect((ie11RandomValues as any).mock.calls.length).toBe(1);
-    expect((jsRandomValues as any).mock.calls.length).toBe(0);
+    expect((webCryptoRandomValues as any).mock.calls.length).toBe(0);
   });
 
   it("should prefer standards-compliant WebCrypto over IE 11 WebCrypto", async () => {
@@ -59,18 +53,15 @@ describe("implementation selection", () => {
 
     expect((webCryptoRandomValues as any).mock.calls.length).toBe(1);
     expect((ie11RandomValues as any).mock.calls.length).toBe(0);
-    expect((jsRandomValues as any).mock.calls.length).toBe(0);
   });
 
-  it("should fall back on the SJCL", async () => {
-    (supportsWebCrypto as any).mockImplementation(() => false);
-    (isMsWindow as any).mockImplementation(() => false);
-
-    await randomValues(1);
+  it("should throw if neither WebCrypto nor IE 11 Crypto is available", async () => {
+    await expect(randomValues(1)).rejects.toMatchObject(
+      new Error("Unable to locate secure random source.")
+    );
 
     expect((webCryptoRandomValues as any).mock.calls.length).toBe(0);
     expect((ie11RandomValues as any).mock.calls.length).toBe(0);
-    expect((jsRandomValues as any).mock.calls.length).toBe(1);
   });
 });
 
@@ -88,18 +79,21 @@ describe("global detection", () => {
     (global as any).self = _self;
   });
 
-  it("should fall back to the SJCL if neither window nor self is defined", async () => {
-    await randomValues(1);
+  it("should throw if neither window nor self is defined", async () => {
+    await expect(randomValues(1)).rejects.toMatchObject(
+      new Error("Unable to locate secure random source.")
+    );
 
     expect((webCryptoRandomValues as any).mock.calls.length).toBe(0);
     expect((ie11RandomValues as any).mock.calls.length).toBe(0);
-    expect((jsRandomValues as any).mock.calls.length).toBe(1);
   });
 
   it("should use `self` if window is not defined", async () => {
     (global as any).self = _self;
 
-    await randomValues(1);
+    try {
+      await randomValues(1);
+    } catch {}
 
     expect((supportsWebCrypto as any).mock.calls.length).toBe(1);
     expect((supportsWebCrypto as any).mock.calls[0][0]).toBe(_self);

packages/crypto-random-source-browser/src/index.ts

@@ -1,11 +1,10 @@
 import { randomValues as ie11RandomValues } from "./ie11RandomValues";
 import { randomValues as webCryptoRandomValues } from "./webCryptoRandomValues";
-import { randomValues as sjclRandomValues } from "./jsRandomValues";
 import { isMsWindow } from "@aws/crypto-ie11-detection";
 import { supportsWebCrypto } from "@aws/crypto-supports-webCrypto";
 import { locateWindow } from "@aws/util-locate-window";
 
-export { ie11RandomValues, webCryptoRandomValues, sjclRandomValues };
+export { ie11RandomValues, webCryptoRandomValues };
 
 export function randomValues(byteLength: number): Promise<Uint8Array> {
   // Find the global scope for this runtime
@@ -17,5 +16,5 @@ export function randomValues(byteLength: number): Promise<Uint8Array> {
     return ie11RandomValues(byteLength);
   }
 
-  return sjclRandomValues(byteLength);
+  return Promise.reject(new Error(`Unable to locate a secure random source.`));
 }

packages/crypto-random-source-browser/src/jsRandomValues.spec.ts

@@ -22,6 +22,8 @@ describe("randomValues", () => {
       }
     };
 
-    await expect(randomValues(12)).rejects;
+    await expect(randomValues(12)).rejects.toMatchObject(
+      new Error("PANIC PANIC")
+    );
   });
 });

packages/crypto-random-source-browser/src/jsRandomValues.ts

@@ -12,7 +12,6 @@
     "dependencies": {
         "@aws/crypto-random-source-browser": "^0.0.1",
         "@aws/crypto-random-source-node": "^0.0.1",
-        "@aws/is-node": "^0.0.1",
         "@aws/types": "^0.0.1"
     },
     "devDependencies": {
@@ -26,4 +25,4 @@
     },
     "main": "./build/index.js",
     "types": "./build/index.d.ts"
-}
+}

packages/crypto-random-source-browser/src/webCryptoRandomValues.spec.ts

@@ -0,0 +1,28 @@
+import { randomValues } from "./";
+
+jest.mock("crypto", () => {
+  throw new Error("Crypto module is not defined");
+});
+
+jest.mock("@aws/crypto-random-source-browser", () => {
+  return { randomValues: jest.fn() };
+});
+import { randomValues as browserRandomValues } from "@aws/crypto-random-source-browser";
+jest.mock("@aws/crypto-random-source-node", () => {
+  return { randomValues: jest.fn() };
+});
+import { randomValues as nodeRandomValues } from "@aws/crypto-random-source-node";
+
+beforeEach(() => {
+  (browserRandomValues as any).mockReset();
+  (nodeRandomValues as any).mockReset();
+});
+
+describe("implementation selection", () => {
+  it("should use the browser implementation when the crypto module is not defined", async () => {
+    await randomValues(1);
+
+    expect((nodeRandomValues as any).mock.calls.length).toBe(0);
+    expect((browserRandomValues as any).mock.calls.length).toBe(1);
+  });
+});

packages/crypto-random-source-universal/package.json

@@ -1,4 +1,3 @@
-import { isNode } from "@aws/is-node";
 import { randomValues as browserRandomValues } from "@aws/crypto-random-source-browser";
 import { randomValues as nodeRandomValues } from "@aws/crypto-random-source-node";
 import { randomValues as IRandomValues } from "@aws/types";
@@ -7,9 +6,24 @@ import { randomValues as IRandomValues } from "@aws/types";
  * @implements {IRandomValues}
  */
 export function randomValues(byteLength: number): Promise<Uint8Array> {
-  if (isNode()) {
+  if (supportsCryptoModule) {
     return nodeRandomValues(byteLength);
   }
 
   return browserRandomValues(byteLength);
 }
+
+/**
+ * Try to require Node's crypto module and record whether the operation
+ * succeeded.
+ *
+ * @internal
+ */
+const supportsCryptoModule: boolean = (() => {
+  try {
+    require("crypto");
+    return true;
+  } catch {
+    return false;
+  }
+})();

packages/crypto-random-source-universal/src/browserUsage.spec.ts

@@ -1,5 +1,9 @@
 import { randomValues } from "./";
 
+jest.mock("crypto", () => {
+  return {};
+});
+
 jest.mock("@aws/crypto-random-source-browser", () => {
   return { randomValues: jest.fn() };
 });
@@ -8,33 +12,21 @@ jest.mock("@aws/crypto-random-source-node", () => {
   return { randomValues: jest.fn() };
 });
 import { randomValues as nodeRandomValues } from "@aws/crypto-random-source-node";
-jest.mock("@aws/is-node", () => {
-  return { isNode: jest.fn() };
-});
-import { isNode } from "@aws/is-node";
 
 beforeEach(() => {
   (browserRandomValues as any).mockReset();
   (nodeRandomValues as any).mockReset();
-  (isNode as any).mockReset();
 });
 
 describe("implementation selection", () => {
-  it("should use the node implementation in node", async () => {
-    (isNode as any).mockImplementation(() => true);
+  it("should use the node implementation when the crypto module is defined", async () => {
+    jest.mock("crypto", () => {
+      return {};
+    });
 
     await randomValues(1);
 
     expect((nodeRandomValues as any).mock.calls.length).toBe(1);
     expect((browserRandomValues as any).mock.calls.length).toBe(0);
   });
-
-  it("should use the browser implementation elsewhere", async () => {
-    (isNode as any).mockImplementation(() => false);
-
-    await randomValues(1);
-
-    expect((nodeRandomValues as any).mock.calls.length).toBe(0);
-    expect((browserRandomValues as any).mock.calls.length).toBe(1);
-  });
 });