aws-amplify · hkjpotato · Jul 20, 2021 · Jul 20, 2021 · Jul 21, 2021 · aws-eddy
@@ -1,7 +1,7 @@
 import AuthenticationHelper from '../src/AuthenticationHelper';
 
 import BigInteger from '../src/BigInteger';
-import { SHA256 } from 'crypto-js';
+import { SHA256 }  from '../src/utils/CryptoJSHelper';
 import { promisifyCallback } from './util';
 import { bigIntError } from './constants';
 const instance = new AuthenticationHelper('TestPoolName');

@@ -637,7 +637,10 @@ describe('getDeviceResponse()', () => {
 			jest
 				.spyOn(AuthenticationHelper.prototype, 'getPasswordAuthenticationKey')
 				.mockImplementation((...args) => {
-					args[4](null, 'hkdf value');
+					// hkdf return from "computehkdf" wont be a string, it should be an array
+					// if it is a primitive string, it will fail CryptoJS in strict mode!
+					// because CryptoJS will treat the input as array to assign properties (index) to it
+					args[4](null, ['hkdf value']);
 				});
 
 			const spyon2 = jest.spyOn(user, 'getUserContextData');

@@ -16,7 +16,7 @@ describe('import * keys', () => {
 		  "CookieStorage",
 		  "DateHelper",
 		  "appendToCognitoUserAgent",
-		  "WordArray",
+		  "CryptoJSHelper",
 		]
 	`);
 	});

@@ -6,6 +6,9 @@ module.exports = {
 		'__tests__/constants.js',
 		'__tests__/__mocks__/*',
 	],
+	coveragePathIgnorePatterns: [
+		'src/utils/CryptoJSHelper.js',
+	],
 	collectCoverage: true,
 	collectCoverageFrom: ['src/*.js'],
 

@@ -68,7 +68,6 @@
   "types": "./index.d.ts",
   "dependencies": {
     "buffer": "4.9.2",
-    "crypto-js": "^4.0.0",
     "fast-base64-decode": "^1.0.0",
     "isomorphic-unfetch": "^3.0.0",
     "js-cookie": "^2.2.1"

@@ -16,11 +16,7 @@
  */
 
 import { Buffer } from 'buffer';
-import CryptoJS from 'crypto-js/core';
-import 'crypto-js/lib-typedarrays'; // necessary for crypto js
-import SHA256 from 'crypto-js/sha256';
-import HmacSHA256 from 'crypto-js/hmac-sha256';
-import WordArray from './utils/WordArray';
+import { WordArray, SHA256, HmacSHA256 } from './utils/CryptoJSHelper';
 
 /**
  * Returns a Buffer with a sequence of random nBytes
@@ -30,7 +26,7 @@ import WordArray from './utils/WordArray';
  */
 
 function randomBytes(nBytes) {
-	return Buffer.from(new WordArray().random(nBytes).toString(), 'hex');
+	return Buffer.from(WordArray.random(nBytes).toString(), 'hex');
 }
 
 import BigInteger from './BigInteger';
@@ -229,7 +225,7 @@ export default class AuthenticationHelper {
 	 */
 	hash(buf) {
 		const str =
-			buf instanceof Buffer ? CryptoJS.lib.WordArray.create(buf) : buf;
+			buf instanceof Buffer ? WordArray.create(buf) : buf;
 		const hashHex = SHA256(str).toString();
 
 		return new Array(64 - hashHex.length).join('0') + hashHex;
@@ -253,16 +249,16 @@ export default class AuthenticationHelper {
 	 * @private
 	 */
 	computehkdf(ikm, salt) {
-		const infoBitsWordArray = CryptoJS.lib.WordArray.create(
+		const infoBitsWordArray = WordArray.create(
 			Buffer.concat([
 				this.infoBits,
 				Buffer.from(String.fromCharCode(1), 'utf8'),
 			])
 		);
 		const ikmWordArray =
-			ikm instanceof Buffer ? CryptoJS.lib.WordArray.create(ikm) : ikm;
+			ikm instanceof Buffer ? WordArray.create(ikm) : ikm;
 		const saltWordArray =
-			salt instanceof Buffer ? CryptoJS.lib.WordArray.create(salt) : salt;
+			salt instanceof Buffer ? WordArray.create(salt) : salt;
 
 		const prk = HmacSHA256(ikmWordArray, saltWordArray);
 		const hmac = HmacSHA256(infoBitsWordArray, prk);

@@ -16,10 +16,7 @@
  */
 
 import { Buffer } from 'buffer';
-import CryptoJS from 'crypto-js/core';
-import TypedArrays from 'crypto-js/lib-typedarrays'; // necessary for crypto js
-import Base64 from 'crypto-js/enc-base64';
-import HmacSHA256 from 'crypto-js/hmac-sha256';
+import {  WordArray, Base64, HmacSHA256 } from './utils/CryptoJSHelper';
 
 import BigInteger from './BigInteger';
 import AuthenticationHelper from './AuthenticationHelper';
@@ -305,15 +302,15 @@ export default class CognitoUser {
 
 						const dateNow = dateHelper.getNowString();
 
-						const message = CryptoJS.lib.WordArray.create(
+						const message = WordArray.create(
 							Buffer.concat([
 								Buffer.from(this.pool.getUserPoolId().split('_')[1], 'utf8'),
 								Buffer.from(this.username, 'utf8'),
 								Buffer.from(challengeParameters.SECRET_BLOCK, 'base64'),
 								Buffer.from(dateNow, 'utf8'),
 							])
 						);
-						const key = CryptoJS.lib.WordArray.create(hkdf);
+						const key = WordArray.create(hkdf);
 						const signatureString = Base64.stringify(HmacSHA256(message, key));
 
 						const challengeResponses = {};
@@ -660,6 +657,7 @@ export default class CognitoUser {
 		authParameters.USERNAME = this.username;
 		authParameters.DEVICE_KEY = this.deviceKey;
 		authenticationHelper.getLargeAValue((errAValue, aValue) => {
+			console.log('get aValue', aValue);
 			// getLargeAValue callback start
 			if (errAValue) {
 				callback.onFailure(errAValue);
@@ -699,15 +697,15 @@ export default class CognitoUser {
 
 						const dateNow = dateHelper.getNowString();
 
-						const message = CryptoJS.lib.WordArray.create(
+						const message = WordArray.create(
 							Buffer.concat([
 								Buffer.from(this.deviceGroupKey, 'utf8'),
 								Buffer.from(this.deviceKey, 'utf8'),
 								Buffer.from(challengeParameters.SECRET_BLOCK, 'base64'),
 								Buffer.from(dateNow, 'utf8'),
 							])
 						);
-						const key = CryptoJS.lib.WordArray.create(hkdf);
+						const key = WordArray.create(hkdf);
 						const signatureString = Base64.stringify(HmacSHA256(message, key));
 
 						const challengeResponses = {};

@@ -27,4 +27,4 @@ export { default as CognitoUserSession } from './CognitoUserSession';
 export { default as CookieStorage } from './CookieStorage';
 export { default as DateHelper } from './DateHelper';
 export { appendToCognitoUserAgent } from './UserAgent';
-export { default as WordArray } from './utils/WordArray';
+export { default as CryptoJSHelper } from './utils/CryptoJSHelper';