fix: remove Buffer from decrypt (#298)

* fix: remove Buffer from decrypt * PubNub SDK v7.2.1 release. * fix: fix signature in the test Co-authored-by: Client Engineering Bot <60980775+client-engineering-bot@users.noreply.github.com>
pubnub · Nov 14, 2022 · 0f15940 · 0f15940
1 parent be27b37
commit 0f15940
Show file tree

Hide file tree

Showing 11 changed files with 75 additions and 68 deletions.
diff --git a/.pubnub.yml b/.pubnub.yml
@@ -1,5 +1,10 @@
 ---
 changelog:
+  - date: 2022-11-10
+    version: v7.2.1
+    changes:
+      - type: bug
+        text: "Removes remains of Buffer from the crypto module."
   - date: 2022-07-01
     version: v7.2.0
     changes:
@@ -874,7 +879,7 @@ sdks:
           - distribution-type: source
             distribution-repository: GitHub release
             package-name: pubnub.js
-            location: https://github.com/pubnub/javascript/archive/refs/tags/v7.2.0.zip
+            location: https://github.com/pubnub/javascript/archive/refs/tags/v7.2.1.zip
             requires:
               - name: 'agentkeepalive'
                 min-version: '3.5.2'
@@ -1545,7 +1550,7 @@ sdks:
           - distribution-type: library
             distribution-repository: GitHub release
             package-name: pubnub.js
-            location: https://github.com/pubnub/javascript/releases/download/v7.2.0/pubnub.7.2.0.js
+            location: https://github.com/pubnub/javascript/releases/download/v7.2.1/pubnub.7.2.1.js
             requires:
               - name: 'agentkeepalive'
                 min-version: '3.5.2'

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,9 @@
+## v7.2.1
+November 10 2022
+
+#### Fixed
+- Removes remains of Buffer from the crypto module.
+
 ## v7.2.0
 July 01 2022
 

diff --git a/README.md b/README.md
@@ -22,8 +22,8 @@ You will need the publish and subscribe keys to authenticate your app. Get your
      npm install pubnub
      ```
    * or download one of our builds from our CDN: 
-     * https://cdn.pubnub.com/sdk/javascript/pubnub.7.2.0.js
-     * https://cdn.pubnub.com/sdk/javascript/pubnub.7.2.0.min.js
+     * https://cdn.pubnub.com/sdk/javascript/pubnub.7.2.1.js
+     * https://cdn.pubnub.com/sdk/javascript/pubnub.7.2.1.min.js
 
 2. Configure your keys:
 

diff --git a/dist/web/pubnub.js b/dist/web/pubnub.js
@@ -768,7 +768,7 @@
             return this;
         };
         default_1.prototype.getVersion = function () {
-            return '7.2.0';
+            return '7.2.1';
         };
         default_1.prototype._addPnsdkSuffix = function (name, suffix) {
             this._PNSDKSuffix[name] = suffix;
@@ -780,6 +780,53 @@
         return default_1;
     }());
 
+    var BASE64_CHARMAP = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';
+    /**
+     * Decode a Base64 encoded string.
+     *
+     * @param paddedInput Base64 string with padding
+     * @returns ArrayBuffer with decoded data
+     */
+    function decode$1(paddedInput) {
+        // Remove up to last two equal signs.
+        var input = paddedInput.replace(/==?$/, '');
+        var outputLength = Math.floor((input.length / 4) * 3);
+        // Prepare output buffer.
+        var data = new ArrayBuffer(outputLength);
+        var view = new Uint8Array(data);
+        var cursor = 0;
+        /**
+         * Returns the next integer representation of a sixtet of bytes from the input
+         * @returns sixtet of bytes
+         */
+        function nextSixtet() {
+            var char = input.charAt(cursor++);
+            var index = BASE64_CHARMAP.indexOf(char);
+            if (index === -1) {
+                throw new Error("Illegal character at ".concat(cursor, ": ").concat(input.charAt(cursor - 1)));
+            }
+            return index;
+        }
+        for (var i = 0; i < outputLength; i += 3) {
+            // Obtain four sixtets
+            var sx1 = nextSixtet();
+            var sx2 = nextSixtet();
+            var sx3 = nextSixtet();
+            var sx4 = nextSixtet();
+            // Encode them as three octets
+            var oc1 = ((sx1 & 63) << 2) | (sx2 >> 4);
+            var oc2 = ((sx2 & 15) << 4) | (sx3 >> 2);
+            var oc3 = ((sx3 & 3) << 6) | (sx4 >> 0);
+            view[i] = oc1;
+            // Skip padding bytes.
+            if (sx3 != 64)
+                view[i + 1] = oc2;
+            if (sx4 != 64)
+                view[i + 2] = oc3;
+        }
+        return data;
+    }
+
     /*eslint-disable */
     /*
      CryptoJS v3.1.2
@@ -1467,12 +1514,10 @@
     })();
     var hmacSha256 = CryptoJS;
 
-    /*       */
     function bufferToWordArray(b) {
         var wa = [];
         var i;
         for (i = 0; i < b.length; i += 1) {
-            // eslint-disable-next-line no-bitwise
             wa[(i / 4) | 0] |= b[i] << (24 - 8 * i);
         }
         return hmacSha256.lib.WordArray.create(wa, b.length);
@@ -1585,7 +1630,7 @@
             var mode = this._getMode(options);
             var cipherKey = this._getPaddedKey(customCipherKey || this._config.cipherKey, options);
             if (this._config.useRandomIVs) {
-                var ciphertext = Buffer.from(data, 'base64');
+                var ciphertext = new Uint8ClampedArray(decode$1(data));
                 var iv = bufferToWordArray(ciphertext.slice(0, 16));
                 var payload = bufferToWordArray(ciphertext.slice(16));
                 try {
@@ -7794,53 +7839,6 @@
         return default_1;
     }());
 
-    var BASE64_CHARMAP = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';
-    /**
-     * Decode a Base64 encoded string.
-     *
-     * @param paddedInput Base64 string with padding
-     * @returns ArrayBuffer with decoded data
-     */
-    function decode$1(paddedInput) {
-        // Remove up to last two equal signs.
-        var input = paddedInput.replace(/==?$/, '');
-        var outputLength = Math.floor((input.length / 4) * 3);
-        // Prepare output buffer.
-        var data = new ArrayBuffer(outputLength);
-        var view = new Uint8Array(data);
-        var cursor = 0;
-        /**
-         * Returns the next integer representation of a sixtet of bytes from the input
-         * @returns sixtet of bytes
-         */
-        function nextSixtet() {
-            var char = input.charAt(cursor++);
-            var index = BASE64_CHARMAP.indexOf(char);
-            if (index === -1) {
-                throw new Error("Illegal character at ".concat(cursor, ": ").concat(input.charAt(cursor - 1)));
-            }
-            return index;
-        }
-        for (var i = 0; i < outputLength; i += 3) {
-            // Obtain four sixtets
-            var sx1 = nextSixtet();
-            var sx2 = nextSixtet();
-            var sx3 = nextSixtet();
-            var sx4 = nextSixtet();
-            // Encode them as three octets
-            var oc1 = ((sx1 & 63) << 2) | (sx2 >> 4);
-            var oc2 = ((sx2 & 15) << 4) | (sx3 >> 2);
-            var oc3 = ((sx3 & 3) << 6) | (sx4 >> 0);
-            view[i] = oc1;
-            // Skip padding bytes.
-            if (sx3 != 64)
-                view[i + 1] = oc2;
-            if (sx4 != 64)
-                view[i + 2] = oc3;
-        }
-        return data;
-    }
-
     function stringifyBufferKeys(obj) {
         var isObject = function (value) { return value && typeof value === 'object' && value.constructor === Object; };
         var isString = function (value) { return typeof value === 'string' || value instanceof String; };

diff --git a/dist/web/pubnub.min.js b/dist/web/pubnub.min.js
diff --git a/lib/core/components/config.js b/lib/core/components/config.js
@@ -169,7 +169,7 @@ var default_1 = /** @class */ (function () {
         return this;
     };
     default_1.prototype.getVersion = function () {
-        return '7.2.0';
+        return '7.2.1';
     };
     default_1.prototype._addPnsdkSuffix = function (name, suffix) {
         this._PNSDKSuffix[name] = suffix;

diff --git a/lib/core/components/cryptography/index.js b/lib/core/components/cryptography/index.js
@@ -1,15 +1,14 @@
 "use strict";
-/*       */
 var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
+var base64_codec_1 = require("../base64_codec");
 var hmac_sha256_1 = __importDefault(require("./hmac-sha256"));
 function bufferToWordArray(b) {
     var wa = [];
     var i;
     for (i = 0; i < b.length; i += 1) {
-        // eslint-disable-next-line no-bitwise
         wa[(i / 4) | 0] |= b[i] << (24 - 8 * i);
     }
     return hmac_sha256_1.default.lib.WordArray.create(wa, b.length);
@@ -122,7 +121,7 @@ var default_1 = /** @class */ (function () {
         var mode = this._getMode(options);
         var cipherKey = this._getPaddedKey(customCipherKey || this._config.cipherKey, options);
         if (this._config.useRandomIVs) {
-            var ciphertext = Buffer.from(data, 'base64');
+            var ciphertext = new Uint8ClampedArray((0, base64_codec_1.decode)(data));
             var iv = bufferToWordArray(ciphertext.slice(0, 16));
             var payload = bufferToWordArray(ciphertext.slice(16));
             try {

diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "pubnub",
-  "version": "7.2.0",
+  "version": "7.2.1",
   "author": "PubNub <support@pubnub.com>",
   "description": "Publish & Subscribe Real-time Messaging with PubNub",
   "scripts": {

diff --git a/src/core/components/config.js b/src/core/components/config.js
@@ -339,7 +339,7 @@ export default class {
   }
 
   getVersion() {
-    return '7.2.0';
+    return '7.2.1';
   }
 
   _addPnsdkSuffix(name, suffix) {

diff --git a/src/core/components/cryptography/index.js b/src/core/components/cryptography/index.js
@@ -1,13 +1,10 @@
-/*       */
-
-import Config from '../config';
+import { decode } from '../base64_codec';
 import CryptoJS from './hmac-sha256';
 
 function bufferToWordArray(b) {
   const wa = [];
   let i;
   for (i = 0; i < b.length; i += 1) {
-    // eslint-disable-next-line no-bitwise
     wa[(i / 4) | 0] |= b[i] << (24 - 8 * i);
   }
 
@@ -148,7 +145,7 @@ export default class {
     const mode = this._getMode(options);
     const cipherKey = this._getPaddedKey(customCipherKey || this._config.cipherKey, options);
     if (this._config.useRandomIVs) {
-      const ciphertext = Buffer.from(data, 'base64');
+      const ciphertext = new Uint8ClampedArray(decode(data));
 
       const iv = bufferToWordArray(ciphertext.slice(0, 16));
       const payload = bufferToWordArray(ciphertext.slice(16));

diff --git a/test/integration/endpoints/grant_token.test.js b/test/integration/endpoints/grant_token.test.js
@@ -30,6 +30,8 @@ describe('grant token endpoint', () => {
       autoNetworkDetection: false,
     });
 
+    pubnub._config.getVersion = () => 'testVersion';
+
     if (originalVersionFunction === null) {
       originalVersionFunction = pubnub._config.getVersion;
       pubnub._config.getVersion = () => 'testVersion';
@@ -164,7 +166,7 @@ describe('grant token endpoint', () => {
             uuid: 'myUUID',
             pnsdk: `PubNub-JS-Nodejs/${pubnub.getVersion()}`,
             timestamp: 1571360790,
-            signature: 'v2.IN5r_r8FO6LMAIOYQnk6Y13Tqfa9BsPC8QWDmqaR16w',
+            signature: 'v2.A1ldFjcfAiD0rw7-kFKKwY5j0Mpq1R5u8JDeej7P3jo',
           })
           .reply(200, {
             message: 'Success',