refactor: remove util/random

BREAKING CHANGE: The undocumented `jose/util/random` was removed.
panva · Oct 14, 2021 · 914e47f · 914e47f
1 parent 5afb713
commit 914e47f
Show file tree

Hide file tree

Showing 20 changed files with 109 additions and 131 deletions.
diff --git a/docs/functions/util_random.random.md b/docs/functions/util_random.random.md
diff --git a/docs/modules/util_random.md b/docs/modules/util_random.md
diff --git a/package.json b/package.json
@@ -194,11 +194,6 @@
  "browser": "./dist/browser/util/generate_secret.js",
  "import": "./dist/node/esm/util/generate_secret.js",
  "require": "./dist/node/cjs/util/generate_secret.js"
- },
- "./util/random": {
- "browser": "./dist/browser/util/random.js",
- "import": "./dist/node/esm/util/random.js",
- "require": "./dist/node/cjs/util/random.js"
  }
  },
  "typesVersions": {

diff --git a/src/util/random.ts b/src/util/random.ts
diff --git a/test-browser/jwe_asymmetric.js b/test-browser/jwe_asymmetric.js
@@ -1,7 +1,6 @@
 import * as Bowser from 'bowser';
 
 import generateKeyPair from '../dist/browser/util/generate_key_pair';
-import random from '../dist/browser/util/random';
 import FlattenedEncrypt from '../dist/browser/jwe/flattened/encrypt';
 import decryptFlattened from '../dist/browser/jwe/flattened/decrypt';
 import decodeProtectedHeader from '../dist/browser/util/decode_protected_header';
@@ -13,9 +12,9 @@ const p521 = browser.engine.name !== 'WebKit';
 async function test(generate, alg, assert) {
  const { publicKey, privateKey } = await generate();
 
- const jwe = await new FlattenedEncrypt(random(new Uint8Array(32)))
+ const jwe = await new FlattenedEncrypt(crypto.getRandomValues(new Uint8Array(32)))
  .setProtectedHeader({ alg, enc: 'A256GCM' })
- .setAdditionalAuthenticatedData(random(new Uint8Array(32)))
+ .setAdditionalAuthenticatedData(crypto.getRandomValues(new Uint8Array(32)))
  .encrypt(publicKey);
 
  assert.ok(decodeProtectedHeader(jwe));

diff --git a/test-browser/jwe_symmetric.js b/test-browser/jwe_symmetric.js
@@ -1,7 +1,6 @@
 import * as Bowser from 'bowser';
 
 import generateSecret from '../dist/browser/util/generate_secret';
-import random from '../dist/browser/util/random';
 import FlattenedEncrypt from '../dist/browser/jwe/flattened/encrypt';
 import decryptFlattened from '../dist/browser/jwe/flattened/decrypt';
 import decodeProtectedHeader from '../dist/browser/util/decode_protected_header';
@@ -13,9 +12,9 @@ const aes192 = browser.engine.name !== 'Blink';
 async function test(generate, { alg, enc }, assert) {
  const secretKey = await generate();
 
- const jwe = await new FlattenedEncrypt(random(new Uint8Array(32)))
+ const jwe = await new FlattenedEncrypt(crypto.getRandomValues(new Uint8Array(32)))
  .setProtectedHeader({ alg, enc })
- .setAdditionalAuthenticatedData(random(new Uint8Array(32)))
+ .setAdditionalAuthenticatedData(crypto.getRandomValues(new Uint8Array(32)))
  .encrypt(secretKey);
 
  assert.ok(decodeProtectedHeader(jwe));
@@ -155,23 +154,23 @@ QUnit.test(
 
 QUnit.test(
  'PBES2-HS256+A128KW',
- test.bind(undefined, () => random(new Uint8Array(10)), {
+ test.bind(undefined, () => crypto.getRandomValues(new Uint8Array(10)), {
  alg: 'PBES2-HS256+A128KW',
  enc: 'A256GCM',
  }),
 );
 if (aes192) {
  QUnit.test(
  'PBES2-HS384+A192KW',
- test.bind(undefined, () => random(new Uint8Array(10)), {
+ test.bind(undefined, () => crypto.getRandomValues(new Uint8Array(10)), {
  alg: 'PBES2-HS384+A192KW',
  enc: 'A256GCM',
  }),
  );
 } else {
  QUnit.test('PBES2-HS384+A192KW', async (assert) => {
  await assert.rejects(
- test.bind(undefined, () => random(new Uint8Array(10)), {
+ test.bind(undefined, () => crypto.getRandomValues(new Uint8Array(10)), {
  alg: 'PBES2-HS384+A192KW',
  enc: 'A256GCM',
  })(assert),
@@ -180,7 +179,7 @@ if (aes192) {
 }
 QUnit.test(
  'PBES2-HS512+A256KW',
- test.bind(undefined, () => random(new Uint8Array(10)), {
+ test.bind(undefined, () => crypto.getRandomValues(new Uint8Array(10)), {
  alg: 'PBES2-HS512+A256KW',
  enc: 'A256GCM',
  }),

diff --git a/test-browser/jws.js b/test-browser/jws.js
@@ -2,7 +2,6 @@ import * as Bowser from 'bowser';
 
 import generateKeyPair from '../dist/browser/util/generate_key_pair';
 import generateSecret from '../dist/browser/util/generate_secret';
-import random from '../dist/browser/util/random';
 import FlattenedSign from '../dist/browser/jws/flattened/sign';
 import verifyFlattened from '../dist/browser/jws/flattened/verify';
 import decodeProtectedHeader from '../dist/browser/util/decode_protected_header';
@@ -21,7 +20,7 @@ async function test(generate, alg, assert) {
  ({ publicKey, privateKey } = generated);
  }
 
- const jws = await new FlattenedSign(random(new Uint8Array(32)))
+ const jws = await new FlattenedSign(crypto.getRandomValues(new Uint8Array(32)))
  .setProtectedHeader({ alg })
  .sign(privateKey);
 

diff --git a/test-cloudflare-workers/cloudflare.test.mjs b/test-cloudflare-workers/cloudflare.test.mjs
@@ -465,16 +465,16 @@ test('A256KW', macro, async () => {
 });
 
 test('PBES2-HS256+A128KW', macro, async () => {
- const secretKey = utilRandom(new Uint8Array(10));
+ const secretKey = crypto.getRandomValues(new Uint8Array(10));
  await jweSymmetricTest(secretKey, { alg: 'PBES2-HS256+A128KW', enc: 'A256GCM' });
 });
 
 test('PBES2-HS384+A192KW', macro, async () => {
- const secretKey = utilRandom(new Uint8Array(10));
+ const secretKey = crypto.getRandomValues(new Uint8Array(10));
  await jweSymmetricTest(secretKey, { alg: 'PBES2-HS384+A192KW', enc: 'A256GCM' });
 });
 
 test('PBES2-HS512+A256KW', macro, async () => {
- const secretKey = utilRandom(new Uint8Array(10));
+ const secretKey = crypto.getRandomValues(new Uint8Array(10));
  await jweSymmetricTest(secretKey, { alg: 'PBES2-HS512+A256KW', enc: 'A256GCM' });
 });
diff --git a/test-cloudflare-workers/template.js b/test-cloudflare-workers/template.js
@@ -20,7 +20,6 @@ import jwtVerify from '../dist/browser/jwt/verify.js';
 import utilDecodeProtectedHeader from '../dist/browser/util/decode_protected_header.js';
 import utilGenerateKeyPair from '../dist/browser/util/generate_key_pair.js';
 import utilGenerateSecret from '../dist/browser/util/generate_secret.js';
-import utilRandom from '../dist/browser/util/random.js';
 import * as keyImport from '../dist/browser/key/import.js';
 import * as keyExport from '../dist/browser/key/export.js';
 
@@ -112,17 +111,17 @@ addEventListener('fetch', (event) => {
 });
 
 async function jweAsymmetricTest({ publicKey, privateKey }, alg) {
- const jwe = await new jweFlattenedEncrypt(utilRandom(new Uint8Array(32)))
+ const jwe = await new jweFlattenedEncrypt(crypto.getRandomValues(new Uint8Array(32)))
  .setProtectedHeader({ alg, enc: 'A256GCM' })
- .setAdditionalAuthenticatedData(utilRandom(new Uint8Array(32)))
+ .setAdditionalAuthenticatedData(crypto.getRandomValues(new Uint8Array(32)))
  .encrypt(publicKey);
 
  utilDecodeProtectedHeader(jwe);
  await jweFlattenedDecrypt(jwe, privateKey);
 }
 
 async function jwsAsymmetricTest({ publicKey, privateKey }, alg) {
- const jws = await new jwsFlattenedSign(utilRandom(new Uint8Array(32)))
+ const jws = await new jwsFlattenedSign(crypto.getRandomValues(new Uint8Array(32)))
  .setProtectedHeader({ alg })
  .sign(privateKey);
 
@@ -131,7 +130,7 @@ async function jwsAsymmetricTest({ publicKey, privateKey }, alg) {
 }
 
 async function jwsSymmetricTest(secretKey, alg) {
- const jws = await new jwsFlattenedSign(utilRandom(new Uint8Array(32)))
+ const jws = await new jwsFlattenedSign(crypto.getRandomValues(new Uint8Array(32)))
  .setProtectedHeader({ alg })
  .sign(secretKey);
 
@@ -140,9 +139,9 @@ async function jwsSymmetricTest(secretKey, alg) {
 }
 
 async function jweSymmetricTest(secretKey, { alg, enc }) {
- const jwe = await new jweFlattenedEncrypt(utilRandom(new Uint8Array(32)))
+ const jwe = await new jweFlattenedEncrypt(crypto.getRandomValues(new Uint8Array(32)))
  .setProtectedHeader({ alg, enc })
- .setAdditionalAuthenticatedData(utilRandom(new Uint8Array(32)))
+ .setAdditionalAuthenticatedData(crypto.getRandomValues(new Uint8Array(32)))
  .encrypt(secretKey);
 
  utilDecodeProtectedHeader(jwe);

diff --git a/test-deno/jwe_asymmetric.test.ts b/test-deno/jwe_asymmetric.test.ts
@@ -1,17 +1,16 @@
 import { assert, assertThrowsAsync } from 'https://deno.land/[email protected]/testing/asserts.ts';
 
 import generateKeyPair from '../dist/deno/util/generate_key_pair.ts';
-import random from '../dist/deno/util/random.ts';
 import FlattenedEncrypt from '../dist/deno/jwe/flattened/encrypt.ts';
 import decryptFlattened from '../dist/deno/jwe/flattened/decrypt.ts';
 import decodeProtectedHeader from '../dist/deno/util/decode_protected_header.ts';
 
 async function test(generate: () => ReturnType<typeof generateKeyPair>, alg: string) {
  const { publicKey, privateKey } = await generate();
 
- const jwe = await new FlattenedEncrypt(random(new Uint8Array(32)))
+ const jwe = await new FlattenedEncrypt(crypto.getRandomValues(new Uint8Array(32)))
  .setProtectedHeader({ alg, enc: 'A192CBC-HS384' })
- .setAdditionalAuthenticatedData(random(new Uint8Array(32)))
+ .setAdditionalAuthenticatedData(crypto.getRandomValues(new Uint8Array(32)))
  .encrypt(publicKey);
 
  assert(decodeProtectedHeader(jwe));

diff --git a/test-deno/jwe_symmetric.test.ts b/test-deno/jwe_symmetric.test.ts
@@ -1,7 +1,6 @@
 import { assert } from 'https://deno.land/[email protected]/testing/asserts.ts';
 
 import generateSecret from '../dist/deno/util/generate_secret.ts';
-import random from '../dist/deno/util/random.ts';
 import FlattenedEncrypt from '../dist/deno/jwe/flattened/encrypt.ts';
 import decryptFlattened from '../dist/deno/jwe/flattened/decrypt.ts';
 import decodeProtectedHeader from '../dist/deno/util/decode_protected_header.ts';
@@ -12,9 +11,9 @@ async function test(
 ) {
  const secretKey = await generate();
 
- const jwe = await new FlattenedEncrypt(random(new Uint8Array(32)))
+ const jwe = await new FlattenedEncrypt(crypto.getRandomValues(new Uint8Array(32)))
  .setProtectedHeader({ alg, enc })
- .setAdditionalAuthenticatedData(random(new Uint8Array(32)))
+ .setAdditionalAuthenticatedData(crypto.getRandomValues(new Uint8Array(32)))
  .encrypt(secretKey);
 
  assert(decodeProtectedHeader(jwe));
@@ -119,23 +118,23 @@ Deno.test(
 
 Deno.test(
  'Encrypt/Decrypt PBES2-HS256+A128KW',
- test.bind(undefined, async () => random(new Uint8Array(10)), {
+ test.bind(undefined, async () => crypto.getRandomValues(new Uint8Array(10)), {
  alg: 'PBES2-HS256+A128KW',
  enc: 'A192CBC-HS384',
  }),
 );
 
 Deno.test(
  'Encrypt/Decrypt PBES2-HS384+A192KW',
- test.bind(undefined, async () => random(new Uint8Array(10)), {
+ test.bind(undefined, async () => crypto.getRandomValues(new Uint8Array(10)), {
  alg: 'PBES2-HS384+A192KW',
  enc: 'A192CBC-HS384',
  }),
 );
 
 Deno.test(
  'Encrypt/Decrypt PBES2-HS512+A256KW',
- test.bind(undefined, async () => random(new Uint8Array(10)), {
+ test.bind(undefined, async () => crypto.getRandomValues(new Uint8Array(10)), {
  alg: 'PBES2-HS512+A256KW',
  enc: 'A192CBC-HS384',
  }),

diff --git a/test-deno/jws.test.ts b/test-deno/jws.test.ts
@@ -6,7 +6,6 @@ import {
 
 import generateKeyPair from '../dist/deno/util/generate_key_pair.ts';
 import generateSecret from '../dist/deno/util/generate_secret.ts';
-import random from '../dist/deno/util/random.ts';
 import FlattenedSign from '../dist/deno/jws/flattened/sign.ts';
 import verifyFlattened from '../dist/deno/jws/flattened/verify.ts';
 import decodeProtectedHeader from '../dist/deno/util/decode_protected_header.ts';
@@ -26,7 +25,7 @@ async function test(
  ({ publicKey, privateKey } = generated);
  }
 
- const jws = await new FlattenedSign(random(new Uint8Array(32)))
+ const jws = await new FlattenedSign(crypto.getRandomValues(new Uint8Array(32)))
  .setProtectedHeader({ alg })
  .sign(privateKey);
 

diff --git a/test/jwe/flattened.decrypt.test.mjs b/test/jwe/flattened.decrypt.test.mjs
@@ -1,12 +1,12 @@
 import test from 'ava';
+import * as crypto from 'crypto';
 
 const root = !('WEBCRYPTO' in process.env) ? '#dist' : '#dist/webcrypto';
 Promise.all([
  import(`${root}/jwe/flattened/encrypt`),
  import(`${root}/jwe/flattened/decrypt`),
- import(`${root}/util/random`),
 ]).then(
- ([{ default: FlattenedEncrypt }, { default: flattenedDecrypt }, { default: random }]) => {
+ ([{ default: FlattenedEncrypt }, { default: flattenedDecrypt }]) => {
  test.before(async (t) => {
  const encode = TextEncoder.prototype.encode.bind(new TextEncoder());
  t.context.plaintext = encode('It’s a dangerous business, Frodo, going out your door.');
@@ -187,7 +187,7 @@ Promise.all([
  });
 
  test('AES CBC + HMAC', async (t) => {
- const secret = random(new Uint8Array(32));
+ const secret = crypto.randomFillSync(new Uint8Array(32));
  const jwe = await new FlattenedEncrypt(t.context.plaintext)
  .setProtectedHeader({ alg: 'dir', enc: 'A128CBC-HS256' })
  .encrypt(secret);

diff --git a/test/jwe/general.decrypt.test.mjs b/test/jwe/general.decrypt.test.mjs
@@ -1,18 +1,15 @@
 import test from 'ava';
+import * as crypto from 'crypto';
 
 const root = !('WEBCRYPTO' in process.env) ? '#dist' : '#dist/webcrypto';
-Promise.all([
- import(`${root}/jwe/flattened/encrypt`),
- import(`${root}/jwe/general/decrypt`),
- import(`${root}/util/random`),
-]).then(
- ([{ default: FlattenedEncrypt }, { default: generalDecrypt }, { default: random }]) => {
+Promise.all([import(`${root}/jwe/flattened/encrypt`), import(`${root}/jwe/general/decrypt`)]).then(
+ ([{ default: FlattenedEncrypt }, { default: generalDecrypt }]) => {
  test.before(async (t) => {
  const encode = TextEncoder.prototype.encode.bind(new TextEncoder());
  t.context.plaintext = encode('It’s a dangerous business, Frodo, going out your door.');
  t.context.additionalAuthenticatedData = encode('The Fellowship of the Ring');
- t.context.initializationVector = random(new Uint8Array(12));
- t.context.secret = random(new Uint8Array(16));
+ t.context.initializationVector = crypto.randomFillSync(new Uint8Array(12));
+ t.context.secret = crypto.randomFillSync(new Uint8Array(16));
  });
 
  test('JWS format validation', async (t) => {