diff --git a/docs/functions/util_random.random.md b/docs/functions/util_random.random.md deleted file mode 100644 index 30fefd078f..0000000000 --- a/docs/functions/util_random.random.md +++ /dev/null @@ -1,13 +0,0 @@ -# Function: random - -▸ `Const` **random**(`array`): `Uint8Array` - -#### Parameters - -| Name | Type | -| :------ | :------ | -| `array` | `Uint8Array` | - -#### Returns - -`Uint8Array` diff --git a/docs/modules/util_random.md b/docs/modules/util_random.md deleted file mode 100644 index c20095b7ae..0000000000 --- a/docs/modules/util_random.md +++ /dev/null @@ -1,17 +0,0 @@ -# Module: util/random - -## Table of contents - -### References - -- [default](util_random.md#default) - -### Functions - -- [random](../functions/util_random.random.md) - -## References - -### default - -Renames and exports: [random](../functions/util_random.random.md) diff --git a/package.json b/package.json index 7b8d731c12..50c7130c1d 100644 --- a/package.json +++ b/package.json @@ -194,11 +194,6 @@ "browser": "./dist/browser/util/generate_secret.js", "import": "./dist/node/esm/util/generate_secret.js", "require": "./dist/node/cjs/util/generate_secret.js" - }, - "./util/random": { - "browser": "./dist/browser/util/random.js", - "import": "./dist/node/esm/util/random.js", - "require": "./dist/node/cjs/util/random.js" } }, "typesVersions": { diff --git a/src/util/random.ts b/src/util/random.ts deleted file mode 100644 index 10c2db9f8a..0000000000 --- a/src/util/random.ts +++ /dev/null @@ -1,9 +0,0 @@ -import runtimeRandom from '../runtime/random.js' - -interface GetRandomValuesFunction { - (array: Uint8Array): Uint8Array -} - -const random: GetRandomValuesFunction = runtimeRandom -export { random } -export default random diff --git a/test-browser/jwe_asymmetric.js b/test-browser/jwe_asymmetric.js index b40503a4aa..ebc34687d7 100644 --- a/test-browser/jwe_asymmetric.js +++ b/test-browser/jwe_asymmetric.js @@ -1,7 +1,6 @@ import * as Bowser from 'bowser'; import generateKeyPair from '../dist/browser/util/generate_key_pair'; -import random from '../dist/browser/util/random'; import FlattenedEncrypt from '../dist/browser/jwe/flattened/encrypt'; import decryptFlattened from '../dist/browser/jwe/flattened/decrypt'; import decodeProtectedHeader from '../dist/browser/util/decode_protected_header'; @@ -13,9 +12,9 @@ const p521 = browser.engine.name !== 'WebKit'; async function test(generate, alg, assert) { const { publicKey, privateKey } = await generate(); - const jwe = await new FlattenedEncrypt(random(new Uint8Array(32))) + const jwe = await new FlattenedEncrypt(crypto.getRandomValues(new Uint8Array(32))) .setProtectedHeader({ alg, enc: 'A256GCM' }) - .setAdditionalAuthenticatedData(random(new Uint8Array(32))) + .setAdditionalAuthenticatedData(crypto.getRandomValues(new Uint8Array(32))) .encrypt(publicKey); assert.ok(decodeProtectedHeader(jwe)); diff --git a/test-browser/jwe_symmetric.js b/test-browser/jwe_symmetric.js index e656194136..306424bb70 100644 --- a/test-browser/jwe_symmetric.js +++ b/test-browser/jwe_symmetric.js @@ -1,7 +1,6 @@ import * as Bowser from 'bowser'; import generateSecret from '../dist/browser/util/generate_secret'; -import random from '../dist/browser/util/random'; import FlattenedEncrypt from '../dist/browser/jwe/flattened/encrypt'; import decryptFlattened from '../dist/browser/jwe/flattened/decrypt'; import decodeProtectedHeader from '../dist/browser/util/decode_protected_header'; @@ -13,9 +12,9 @@ const aes192 = browser.engine.name !== 'Blink'; async function test(generate, { alg, enc }, assert) { const secretKey = await generate(); - const jwe = await new FlattenedEncrypt(random(new Uint8Array(32))) + const jwe = await new FlattenedEncrypt(crypto.getRandomValues(new Uint8Array(32))) .setProtectedHeader({ alg, enc }) - .setAdditionalAuthenticatedData(random(new Uint8Array(32))) + .setAdditionalAuthenticatedData(crypto.getRandomValues(new Uint8Array(32))) .encrypt(secretKey); assert.ok(decodeProtectedHeader(jwe)); @@ -155,7 +154,7 @@ QUnit.test( QUnit.test( 'PBES2-HS256+A128KW', - test.bind(undefined, () => random(new Uint8Array(10)), { + test.bind(undefined, () => crypto.getRandomValues(new Uint8Array(10)), { alg: 'PBES2-HS256+A128KW', enc: 'A256GCM', }), @@ -163,7 +162,7 @@ QUnit.test( if (aes192) { QUnit.test( 'PBES2-HS384+A192KW', - test.bind(undefined, () => random(new Uint8Array(10)), { + test.bind(undefined, () => crypto.getRandomValues(new Uint8Array(10)), { alg: 'PBES2-HS384+A192KW', enc: 'A256GCM', }), @@ -171,7 +170,7 @@ if (aes192) { } else { QUnit.test('PBES2-HS384+A192KW', async (assert) => { await assert.rejects( - test.bind(undefined, () => random(new Uint8Array(10)), { + test.bind(undefined, () => crypto.getRandomValues(new Uint8Array(10)), { alg: 'PBES2-HS384+A192KW', enc: 'A256GCM', })(assert), @@ -180,7 +179,7 @@ if (aes192) { } QUnit.test( 'PBES2-HS512+A256KW', - test.bind(undefined, () => random(new Uint8Array(10)), { + test.bind(undefined, () => crypto.getRandomValues(new Uint8Array(10)), { alg: 'PBES2-HS512+A256KW', enc: 'A256GCM', }), diff --git a/test-browser/jws.js b/test-browser/jws.js index 8ac2266e01..a940fcc5d7 100644 --- a/test-browser/jws.js +++ b/test-browser/jws.js @@ -2,7 +2,6 @@ import * as Bowser from 'bowser'; import generateKeyPair from '../dist/browser/util/generate_key_pair'; import generateSecret from '../dist/browser/util/generate_secret'; -import random from '../dist/browser/util/random'; import FlattenedSign from '../dist/browser/jws/flattened/sign'; import verifyFlattened from '../dist/browser/jws/flattened/verify'; import decodeProtectedHeader from '../dist/browser/util/decode_protected_header'; @@ -21,7 +20,7 @@ async function test(generate, alg, assert) { ({ publicKey, privateKey } = generated); } - const jws = await new FlattenedSign(random(new Uint8Array(32))) + const jws = await new FlattenedSign(crypto.getRandomValues(new Uint8Array(32))) .setProtectedHeader({ alg }) .sign(privateKey); diff --git a/test-cloudflare-workers/cloudflare.test.mjs b/test-cloudflare-workers/cloudflare.test.mjs index 967ed226a2..4108cb3db5 100644 --- a/test-cloudflare-workers/cloudflare.test.mjs +++ b/test-cloudflare-workers/cloudflare.test.mjs @@ -465,16 +465,16 @@ test('A256KW', macro, async () => { }); test('PBES2-HS256+A128KW', macro, async () => { - const secretKey = utilRandom(new Uint8Array(10)); + const secretKey = crypto.getRandomValues(new Uint8Array(10)); await jweSymmetricTest(secretKey, { alg: 'PBES2-HS256+A128KW', enc: 'A256GCM' }); }); test('PBES2-HS384+A192KW', macro, async () => { - const secretKey = utilRandom(new Uint8Array(10)); + const secretKey = crypto.getRandomValues(new Uint8Array(10)); await jweSymmetricTest(secretKey, { alg: 'PBES2-HS384+A192KW', enc: 'A256GCM' }); }); test('PBES2-HS512+A256KW', macro, async () => { - const secretKey = utilRandom(new Uint8Array(10)); + const secretKey = crypto.getRandomValues(new Uint8Array(10)); await jweSymmetricTest(secretKey, { alg: 'PBES2-HS512+A256KW', enc: 'A256GCM' }); }); diff --git a/test-cloudflare-workers/template.js b/test-cloudflare-workers/template.js index e1687d3107..cbc4480184 100644 --- a/test-cloudflare-workers/template.js +++ b/test-cloudflare-workers/template.js @@ -20,7 +20,6 @@ import jwtVerify from '../dist/browser/jwt/verify.js'; import utilDecodeProtectedHeader from '../dist/browser/util/decode_protected_header.js'; import utilGenerateKeyPair from '../dist/browser/util/generate_key_pair.js'; import utilGenerateSecret from '../dist/browser/util/generate_secret.js'; -import utilRandom from '../dist/browser/util/random.js'; import * as keyImport from '../dist/browser/key/import.js'; import * as keyExport from '../dist/browser/key/export.js'; @@ -112,9 +111,9 @@ addEventListener('fetch', (event) => { }); async function jweAsymmetricTest({ publicKey, privateKey }, alg) { - const jwe = await new jweFlattenedEncrypt(utilRandom(new Uint8Array(32))) + const jwe = await new jweFlattenedEncrypt(crypto.getRandomValues(new Uint8Array(32))) .setProtectedHeader({ alg, enc: 'A256GCM' }) - .setAdditionalAuthenticatedData(utilRandom(new Uint8Array(32))) + .setAdditionalAuthenticatedData(crypto.getRandomValues(new Uint8Array(32))) .encrypt(publicKey); utilDecodeProtectedHeader(jwe); @@ -122,7 +121,7 @@ async function jweAsymmetricTest({ publicKey, privateKey }, alg) { } async function jwsAsymmetricTest({ publicKey, privateKey }, alg) { - const jws = await new jwsFlattenedSign(utilRandom(new Uint8Array(32))) + const jws = await new jwsFlattenedSign(crypto.getRandomValues(new Uint8Array(32))) .setProtectedHeader({ alg }) .sign(privateKey); @@ -131,7 +130,7 @@ async function jwsAsymmetricTest({ publicKey, privateKey }, alg) { } async function jwsSymmetricTest(secretKey, alg) { - const jws = await new jwsFlattenedSign(utilRandom(new Uint8Array(32))) + const jws = await new jwsFlattenedSign(crypto.getRandomValues(new Uint8Array(32))) .setProtectedHeader({ alg }) .sign(secretKey); @@ -140,9 +139,9 @@ async function jwsSymmetricTest(secretKey, alg) { } async function jweSymmetricTest(secretKey, { alg, enc }) { - const jwe = await new jweFlattenedEncrypt(utilRandom(new Uint8Array(32))) + const jwe = await new jweFlattenedEncrypt(crypto.getRandomValues(new Uint8Array(32))) .setProtectedHeader({ alg, enc }) - .setAdditionalAuthenticatedData(utilRandom(new Uint8Array(32))) + .setAdditionalAuthenticatedData(crypto.getRandomValues(new Uint8Array(32))) .encrypt(secretKey); utilDecodeProtectedHeader(jwe); diff --git a/test-deno/jwe_asymmetric.test.ts b/test-deno/jwe_asymmetric.test.ts index 82927a7426..a7770581b8 100644 --- a/test-deno/jwe_asymmetric.test.ts +++ b/test-deno/jwe_asymmetric.test.ts @@ -1,7 +1,6 @@ import { assert, assertThrowsAsync } from 'https://deno.land/std@0.109.0/testing/asserts.ts'; import generateKeyPair from '../dist/deno/util/generate_key_pair.ts'; -import random from '../dist/deno/util/random.ts'; import FlattenedEncrypt from '../dist/deno/jwe/flattened/encrypt.ts'; import decryptFlattened from '../dist/deno/jwe/flattened/decrypt.ts'; import decodeProtectedHeader from '../dist/deno/util/decode_protected_header.ts'; @@ -9,9 +8,9 @@ import decodeProtectedHeader from '../dist/deno/util/decode_protected_header.ts' async function test(generate: () => ReturnType, alg: string) { const { publicKey, privateKey } = await generate(); - const jwe = await new FlattenedEncrypt(random(new Uint8Array(32))) + const jwe = await new FlattenedEncrypt(crypto.getRandomValues(new Uint8Array(32))) .setProtectedHeader({ alg, enc: 'A192CBC-HS384' }) - .setAdditionalAuthenticatedData(random(new Uint8Array(32))) + .setAdditionalAuthenticatedData(crypto.getRandomValues(new Uint8Array(32))) .encrypt(publicKey); assert(decodeProtectedHeader(jwe)); diff --git a/test-deno/jwe_symmetric.test.ts b/test-deno/jwe_symmetric.test.ts index 8c0f6cc76f..7c55f9c37c 100644 --- a/test-deno/jwe_symmetric.test.ts +++ b/test-deno/jwe_symmetric.test.ts @@ -1,7 +1,6 @@ import { assert } from 'https://deno.land/std@0.109.0/testing/asserts.ts'; import generateSecret from '../dist/deno/util/generate_secret.ts'; -import random from '../dist/deno/util/random.ts'; import FlattenedEncrypt from '../dist/deno/jwe/flattened/encrypt.ts'; import decryptFlattened from '../dist/deno/jwe/flattened/decrypt.ts'; import decodeProtectedHeader from '../dist/deno/util/decode_protected_header.ts'; @@ -12,9 +11,9 @@ async function test( ) { const secretKey = await generate(); - const jwe = await new FlattenedEncrypt(random(new Uint8Array(32))) + const jwe = await new FlattenedEncrypt(crypto.getRandomValues(new Uint8Array(32))) .setProtectedHeader({ alg, enc }) - .setAdditionalAuthenticatedData(random(new Uint8Array(32))) + .setAdditionalAuthenticatedData(crypto.getRandomValues(new Uint8Array(32))) .encrypt(secretKey); assert(decodeProtectedHeader(jwe)); @@ -119,7 +118,7 @@ Deno.test( Deno.test( 'Encrypt/Decrypt PBES2-HS256+A128KW', - test.bind(undefined, async () => random(new Uint8Array(10)), { + test.bind(undefined, async () => crypto.getRandomValues(new Uint8Array(10)), { alg: 'PBES2-HS256+A128KW', enc: 'A192CBC-HS384', }), @@ -127,7 +126,7 @@ Deno.test( Deno.test( 'Encrypt/Decrypt PBES2-HS384+A192KW', - test.bind(undefined, async () => random(new Uint8Array(10)), { + test.bind(undefined, async () => crypto.getRandomValues(new Uint8Array(10)), { alg: 'PBES2-HS384+A192KW', enc: 'A192CBC-HS384', }), @@ -135,7 +134,7 @@ Deno.test( Deno.test( 'Encrypt/Decrypt PBES2-HS512+A256KW', - test.bind(undefined, async () => random(new Uint8Array(10)), { + test.bind(undefined, async () => crypto.getRandomValues(new Uint8Array(10)), { alg: 'PBES2-HS512+A256KW', enc: 'A192CBC-HS384', }), diff --git a/test-deno/jws.test.ts b/test-deno/jws.test.ts index 9ad5b4c7b3..b40aa5dd15 100644 --- a/test-deno/jws.test.ts +++ b/test-deno/jws.test.ts @@ -6,7 +6,6 @@ import { import generateKeyPair from '../dist/deno/util/generate_key_pair.ts'; import generateSecret from '../dist/deno/util/generate_secret.ts'; -import random from '../dist/deno/util/random.ts'; import FlattenedSign from '../dist/deno/jws/flattened/sign.ts'; import verifyFlattened from '../dist/deno/jws/flattened/verify.ts'; import decodeProtectedHeader from '../dist/deno/util/decode_protected_header.ts'; @@ -26,7 +25,7 @@ async function test( ({ publicKey, privateKey } = generated); } - const jws = await new FlattenedSign(random(new Uint8Array(32))) + const jws = await new FlattenedSign(crypto.getRandomValues(new Uint8Array(32))) .setProtectedHeader({ alg }) .sign(privateKey); diff --git a/test/jwe/flattened.decrypt.test.mjs b/test/jwe/flattened.decrypt.test.mjs index 7f401fb73a..eb741f35f5 100644 --- a/test/jwe/flattened.decrypt.test.mjs +++ b/test/jwe/flattened.decrypt.test.mjs @@ -1,12 +1,12 @@ import test from 'ava'; +import * as crypto from 'crypto'; const root = !('WEBCRYPTO' in process.env) ? '#dist' : '#dist/webcrypto'; Promise.all([ import(`${root}/jwe/flattened/encrypt`), import(`${root}/jwe/flattened/decrypt`), - import(`${root}/util/random`), ]).then( - ([{ default: FlattenedEncrypt }, { default: flattenedDecrypt }, { default: random }]) => { + ([{ default: FlattenedEncrypt }, { default: flattenedDecrypt }]) => { test.before(async (t) => { const encode = TextEncoder.prototype.encode.bind(new TextEncoder()); t.context.plaintext = encode('It’s a dangerous business, Frodo, going out your door.'); @@ -187,7 +187,7 @@ Promise.all([ }); test('AES CBC + HMAC', async (t) => { - const secret = random(new Uint8Array(32)); + const secret = crypto.randomFillSync(new Uint8Array(32)); const jwe = await new FlattenedEncrypt(t.context.plaintext) .setProtectedHeader({ alg: 'dir', enc: 'A128CBC-HS256' }) .encrypt(secret); diff --git a/test/jwe/general.decrypt.test.mjs b/test/jwe/general.decrypt.test.mjs index 54f75372ff..e0b205df0a 100644 --- a/test/jwe/general.decrypt.test.mjs +++ b/test/jwe/general.decrypt.test.mjs @@ -1,18 +1,15 @@ import test from 'ava'; +import * as crypto from 'crypto'; const root = !('WEBCRYPTO' in process.env) ? '#dist' : '#dist/webcrypto'; -Promise.all([ - import(`${root}/jwe/flattened/encrypt`), - import(`${root}/jwe/general/decrypt`), - import(`${root}/util/random`), -]).then( - ([{ default: FlattenedEncrypt }, { default: generalDecrypt }, { default: random }]) => { +Promise.all([import(`${root}/jwe/flattened/encrypt`), import(`${root}/jwe/general/decrypt`)]).then( + ([{ default: FlattenedEncrypt }, { default: generalDecrypt }]) => { test.before(async (t) => { const encode = TextEncoder.prototype.encode.bind(new TextEncoder()); t.context.plaintext = encode('It’s a dangerous business, Frodo, going out your door.'); t.context.additionalAuthenticatedData = encode('The Fellowship of the Ring'); - t.context.initializationVector = random(new Uint8Array(12)); - t.context.secret = random(new Uint8Array(16)); + t.context.initializationVector = crypto.randomFillSync(new Uint8Array(12)); + t.context.secret = crypto.randomFillSync(new Uint8Array(16)); }); test('JWS format validation', async (t) => { diff --git a/test/jwe/smoke.test.mjs b/test/jwe/smoke.test.mjs index 0f3b9d5000..f72d5c7e0f 100644 --- a/test/jwe/smoke.test.mjs +++ b/test/jwe/smoke.test.mjs @@ -1,4 +1,5 @@ import test from 'ava'; +import * as crypto from 'crypto'; let root; let keyRoot; @@ -15,7 +16,6 @@ if ('WEBCRYPTO' in process.env) { Promise.all([ import(`${root}/jwe/flattened/encrypt`), import(`${root}/jwe/flattened/decrypt`), - import(`${root}/util/random`), import(`${root}/util/base64url`), import(`${keyRoot}/key/import`), import(`${keyRoot}/util/generate_key_pair`), @@ -24,7 +24,6 @@ Promise.all([ ([ { default: FlattenedEncrypt }, { default: decryptFlattened }, - { default: random }, { encode: base64url }, { importJWK }, { default: generateKeyPair }, @@ -158,44 +157,72 @@ Promise.all([ generate: { crv: 'P-521' }, }, octAny: { - secret: { ext: false, kty: 'oct', k: base64url(random(new Uint8Array(160 >> 3))) }, + secret: { + ext: false, + kty: 'oct', + k: base64url(crypto.randomFillSync(new Uint8Array(160 >> 3))), + }, algs: ['PBES2-HS256+A128KW', 'PBES2-HS384+A192KW', 'PBES2-HS512+A256KW'], generate: false, }, oct128: { - secret: { ext: false, kty: 'oct', k: base64url(random(new Uint8Array(128 >> 3))) }, + secret: { + ext: false, + kty: 'oct', + k: base64url(crypto.randomFillSync(new Uint8Array(128 >> 3))), + }, algs: ['A128KW'], }, oct192: { - secret: { ext: false, kty: 'oct', k: base64url(random(new Uint8Array(192 >> 3))) }, + secret: { + ext: false, + kty: 'oct', + k: base64url(crypto.randomFillSync(new Uint8Array(192 >> 3))), + }, algs: ['A192KW'], }, oct256: { - secret: { ext: false, kty: 'oct', k: base64url(random(new Uint8Array(256 >> 3))) }, + secret: { + ext: false, + kty: 'oct', + k: base64url(crypto.randomFillSync(new Uint8Array(256 >> 3))), + }, algs: ['A256KW'], }, oct128gcm: { - secret: { ext: false, kty: 'oct', k: base64url(random(new Uint8Array(128 >> 3))) }, + secret: { + ext: false, + kty: 'oct', + k: base64url(crypto.randomFillSync(new Uint8Array(128 >> 3))), + }, algs: ['A128GCM', 'A128GCMKW'], }, oct192gcm: { - secret: { ext: false, kty: 'oct', k: base64url(random(new Uint8Array(192 >> 3))) }, + secret: { + ext: false, + kty: 'oct', + k: base64url(crypto.randomFillSync(new Uint8Array(192 >> 3))), + }, algs: ['A192GCM', 'A192GCMKW'], }, oct256gcm: { - secret: { ext: false, kty: 'oct', k: base64url(random(new Uint8Array(256 >> 3))) }, + secret: { + ext: false, + kty: 'oct', + k: base64url(crypto.randomFillSync(new Uint8Array(256 >> 3))), + }, algs: ['A256GCM', 'A256GCMKW'], }, oct256c: { - secret: { kty: 'oct', k: base64url(random(new Uint8Array(256 >> 3))) }, + secret: { kty: 'oct', k: base64url(crypto.randomFillSync(new Uint8Array(256 >> 3))) }, algs: ['A128CBC-HS256'], }, oct384c: { - secret: { kty: 'oct', k: base64url(random(new Uint8Array(384 >> 3))) }, + secret: { kty: 'oct', k: base64url(crypto.randomFillSync(new Uint8Array(384 >> 3))) }, algs: ['A192CBC-HS384'], }, oct512c: { - secret: { kty: 'oct', k: base64url(random(new Uint8Array(512 >> 3))) }, + secret: { kty: 'oct', k: base64url(crypto.randomFillSync(new Uint8Array(512 >> 3))) }, algs: ['A256CBC-HS512'], }, }; @@ -227,7 +254,7 @@ Promise.all([ ]); } - const jwe = await new FlattenedEncrypt(random(new Uint8Array(256 >> 3))) + const jwe = await new FlattenedEncrypt(crypto.randomFillSync(new Uint8Array(256 >> 3))) .setProtectedHeader({ 'urn:example:protected': true }) .setUnprotectedHeader( alg.startsWith('A') && !alg.endsWith('KW') @@ -239,7 +266,7 @@ Promise.all([ ? { alg: 'dir' } : { alg, 'urn:example:unprotected': true }, ) - .setAdditionalAuthenticatedData(random(new Uint8Array(128 >> 3))) + .setAdditionalAuthenticatedData(crypto.randomFillSync(new Uint8Array(128 >> 3))) .encrypt(pub); await decryptFlattened(jwe, priv); }), @@ -255,7 +282,7 @@ Promise.all([ ({ privateKey: priv, publicKey: pub } = await generateKeyPair(alg, fixtures.generate)); } - const jwe = await new FlattenedEncrypt(random(new Uint8Array(256 >> 3))) + const jwe = await new FlattenedEncrypt(crypto.randomFillSync(new Uint8Array(256 >> 3))) .setProtectedHeader({ 'urn:example:protected': true }) .setUnprotectedHeader( alg.startsWith('A') && !alg.endsWith('KW') @@ -267,7 +294,7 @@ Promise.all([ ? { alg: 'dir' } : { alg, 'urn:example:unprotected': true }, ) - .setAdditionalAuthenticatedData(random(new Uint8Array(128 >> 3))) + .setAdditionalAuthenticatedData(crypto.randomFillSync(new Uint8Array(128 >> 3))) .encrypt(pub); await decryptFlattened(jwe, priv); }), diff --git a/test/jws/flattened.verify.test.mjs b/test/jws/flattened.verify.test.mjs index 7622eaf6a2..4aa190d7da 100644 --- a/test/jws/flattened.verify.test.mjs +++ b/test/jws/flattened.verify.test.mjs @@ -1,16 +1,13 @@ import test from 'ava'; +import * as crypto from 'crypto'; const root = !('WEBCRYPTO' in process.env) ? '#dist' : '#dist/webcrypto'; -Promise.all([ - import(`${root}/jws/flattened/sign`), - import(`${root}/jws/flattened/verify`), - import(`${root}/util/random`), -]).then( - ([{ default: FlattenedSign }, { default: flattenedVerify }, { default: random }]) => { +Promise.all([import(`${root}/jws/flattened/sign`), import(`${root}/jws/flattened/verify`)]).then( + ([{ default: FlattenedSign }, { default: flattenedVerify }]) => { test.before(async (t) => { const encode = TextEncoder.prototype.encode.bind(new TextEncoder()); t.context.plaintext = encode('It’s a dangerous business, Frodo, going out your door.'); - t.context.secret = random(new Uint8Array(32)); + t.context.secret = crypto.randomFillSync(new Uint8Array(32)); }); test('JWS format validation', async (t) => { @@ -127,7 +124,10 @@ Promise.all([ message: 'signature verification failed', code: 'ERR_JWS_SIGNATURE_VERIFICATION_FAILED', }; - await t.throwsAsync(flattenedVerify(jws, random(new Uint8Array(32))), assertion); + await t.throwsAsync( + flattenedVerify(jws, crypto.randomFillSync(new Uint8Array(32))), + assertion, + ); } }); }, diff --git a/test/jws/general.test.mjs b/test/jws/general.test.mjs index 88eead9956..8750125907 100644 --- a/test/jws/general.test.mjs +++ b/test/jws/general.test.mjs @@ -1,16 +1,13 @@ import test from 'ava'; +import * as crypto from 'crypto'; const root = !('WEBCRYPTO' in process.env) ? '#dist' : '#dist/webcrypto'; -Promise.all([ - import(`${root}/jws/general/sign`), - import(`${root}/jws/general/verify`), - import(`${root}/util/random`), -]).then( - ([{ default: GeneralSign }, { default: generalVerify }, { default: random }]) => { +Promise.all([import(`${root}/jws/general/sign`), import(`${root}/jws/general/verify`)]).then( + ([{ default: GeneralSign }, { default: generalVerify }]) => { test.before(async (t) => { const encode = TextEncoder.prototype.encode.bind(new TextEncoder()); t.context.plaintext = encode('It’s a dangerous business, Frodo, going out your door.'); - t.context.secret = random(new Uint8Array(48)); + t.context.secret = crypto.randomFillSync(new Uint8Array(48)); }); test('General JWS signing', async (t) => { diff --git a/test/jws/restrictions.test.mjs b/test/jws/restrictions.test.mjs index b32e31aba4..4f39f21e74 100644 --- a/test/jws/restrictions.test.mjs +++ b/test/jws/restrictions.test.mjs @@ -18,7 +18,6 @@ Promise.all([ import(`${root}/jws/flattened/verify`), import(`${root}/jwe/flattened/encrypt`), import(`${root}/jwe/flattened/decrypt`), - import(`${root}/util/random`), import(`${root}/util/base64url`), import(`${keyRoot}/util/generate_key_pair`), import(`${keyRoot}/key/import`), @@ -28,7 +27,6 @@ Promise.all([ { default: flattenedVerify }, { default: FlattenedEncrypt }, { default: flattenedDecrypt }, - { default: random }, base64url, { default: generateKeyPair }, { importJWK }, @@ -68,7 +66,7 @@ Promise.all([ async function testHMAC(t, alg) { const size = parseInt(alg.substr(-3), 10); const message = `${alg} requires symmetric keys to be ${size} bits or larger`; - const secret = random(new Uint8Array((size >> 3) - 1)); + const secret = crypto.randomFillSync(new Uint8Array((size >> 3) - 1)); await t.throwsAsync( new FlattenedSign(t.context.payload).setProtectedHeader({ alg }).sign(secret), { instanceOf: TypeError, message }, @@ -76,7 +74,7 @@ Promise.all([ const jws = await new FlattenedSign(t.context.payload) .setProtectedHeader({ alg }) - .sign(random(new Uint8Array(size >> 3))); + .sign(crypto.randomFillSync(new Uint8Array(size >> 3))); await t.throwsAsync(flattenedVerify(jws, secret), { instanceOf: TypeError, message }); } diff --git a/test/jws/smoke.test.mjs b/test/jws/smoke.test.mjs index a913dc7d4f..3c5ef23af9 100644 --- a/test/jws/smoke.test.mjs +++ b/test/jws/smoke.test.mjs @@ -1,4 +1,5 @@ import test from 'ava'; +import * as crypto from 'crypto'; let root; let keyRoot; @@ -15,7 +16,6 @@ if ('WEBCRYPTO' in process.env) { Promise.all([ import(`${root}/jws/flattened/sign`), import(`${root}/jws/flattened/verify`), - import(`${root}/util/random`), import(`${root}/util/base64url`), import(`${keyRoot}/key/import`), import(`${keyRoot}/util/generate_key_pair`), @@ -24,7 +24,6 @@ Promise.all([ ([ { default: FlattenedSign }, { default: verifyFlattened }, - { default: random }, { encode: base64url }, { importJWK }, { default: generateKeyPair }, @@ -133,15 +132,27 @@ Promise.all([ algs: ['ES512'], }, oct256: { - secret: { ext: false, kty: 'oct', k: base64url(random(new Uint8Array(256 >> 3))) }, + secret: { + ext: false, + kty: 'oct', + k: base64url(crypto.randomFillSync(new Uint8Array(256 >> 3))), + }, algs: ['HS256'], }, oct384: { - secret: { ext: false, kty: 'oct', k: base64url(random(new Uint8Array(384 >> 3))) }, + secret: { + ext: false, + kty: 'oct', + k: base64url(crypto.randomFillSync(new Uint8Array(384 >> 3))), + }, algs: ['HS256', 'HS384'], }, oct512: { - secret: { ext: false, kty: 'oct', k: base64url(random(new Uint8Array(512 >> 3))) }, + secret: { + ext: false, + kty: 'oct', + k: base64url(crypto.randomFillSync(new Uint8Array(512 >> 3))), + }, algs: ['HS256', 'HS384', 'HS512'], }, }; @@ -169,7 +180,7 @@ Promise.all([ ]); } - const jws = await new FlattenedSign(random(new Uint8Array(256 >> 3))) + const jws = await new FlattenedSign(crypto.randomFillSync(new Uint8Array(256 >> 3))) .setProtectedHeader({ alg }) .sign(priv); await verifyFlattened(jws, pub); @@ -185,7 +196,7 @@ Promise.all([ ({ privateKey: priv, publicKey: pub } = await generateKeyPair(alg, fixtures.generate)); } - const jws = await new FlattenedSign(random(new Uint8Array(256 >> 3))) + const jws = await new FlattenedSign(crypto.randomFillSync(new Uint8Array(256 >> 3))) .setProtectedHeader({ alg }) .sign(priv); await verifyFlattened(jws, pub); diff --git a/tsconfig/base.json b/tsconfig/base.json index 05125a60ec..5dd8434a6b 100644 --- a/tsconfig/base.json +++ b/tsconfig/base.json @@ -32,7 +32,6 @@ "../src/util/generate_key_pair.ts", "../src/util/generate_secret.ts", "../src/util/decode_protected_header.ts", - "../src/util/random.ts" ], "compilerOptions": { "lib": ["ES6", "DOM"],