crypto-browserify - npm Package Compare versions

Comparing version 3.6.0 to 3.7.0

index.js

 'use strict';
-var rng = require('./rng')
+var rng = exports.rng = require('./rng')
+var prng = exports.prng = require('./prng');
 
@@ -20,8 +21,17 @@ function error () {
     try {
-      callback.call(this, undefined, new Buffer(rng(size)))
+      callback.call(this, undefined, rng(size))
     } catch (err) { callback(err) }
   } else {
-    return new Buffer(rng(size))
+    return rng(size)
   }
 }
+exports.pseudoRandomBytes = function(size, callback) {
+  if (callback && callback.call) {
+    try {
+      callback.call(this, undefined, prng(size))
+    } catch (err) { callback(err) }
+  } else {
+    return prng(size)
+  }
+}
 
@@ -44,6 +54,7 @@ function each(a, f) {
 require('create-ecdh/inject')(module.exports, exports);
+require('public-encrypt/inject')(module.exports, exports);
 
 // the least I can do is make error messages for the rest of the node.js/crypto api.
 each([
-  'createCredentials', 'publicEncrypt', 'privateDecrypt'
+  'createCredentials'
 ], function (name) {
@@ -50,0 +61,0 @@ exports[name] = function () {

package.json

@@ -5,3 +5,3 @@ {
   "description": "partial implementation of crypto for the browser",
-  "version": "3.6.0",
+  "version": "3.7.0",
   "homepage": "https://github.com/dominictarr/crypto-browserify",
@@ -20,7 +20,8 @@ "repository": {
   "dependencies": {
-    "browserify-aes": "0.6.0",
-    "browserify-sign": "2.4.0",
+    "browserify-aes": "0.6.1",
     "create-ecdh": "1.0.0",
     "diffie-hellman": "2.2.0",
+    "browserify-sign": "2.6.0",
     "pbkdf2-compat": "2.0.1",
+    "public-encrypt": "1.0.1",
     "ripemd160": "0.2.0",
@@ -27,0 +28,0 @@ "sha.js": "2.3.0"

test/random-bytes.js

 var test = require('tape')
 var crypto = require('../')
 
-test('get error message', function (t) {
-
-  try {
-    var b = crypto.randomBytes(10)
-    t.ok(Buffer.isBuffer(b))
+var randomBytesFunctions = ['randomBytes', 'pseudoRandomBytes'];
+for (var idx in randomBytesFunctions) {
+  // Both randomBytes and pseudoRandomBytes should provide the same interface
+  var randomBytesName = randomBytesFunctions[idx];
+  var randomBytes = crypto[randomBytesName]
+  test('get error message', function (t) {
+  
+    try {
+      var b = randomBytes(10)
+      t.ok(Buffer.isBuffer(b))
+      t.end()
+    } catch (err) {
+      t.ok(/not supported/.test(err.message), '"not supported"  is in error message')
+      t.end()
+    }
+  
+  })
+  
+  test(randomBytesName, function (t) {
+      t.plan(5);
+      t.equal(randomBytes(10).length, 10);
+      t.ok(Buffer.isBuffer(randomBytes(10)))
+      randomBytes(10, function(ex, bytes) {
+          t.error(ex);
+          t.equal(bytes.length, 10);
+          t.ok(Buffer.isBuffer(bytes))
+          t.end();
+    });
+  });
+  
+  test(randomBytesName + ' seem random', function (t) {
+  
+    var L = 1000
+    var b = randomBytes(L)
+  
+    var mean = [].reduce.call(b, function (a, b) { return a + b}, 0) / L
+  
+    // test that the random numbers are plausably random.
+    // Math.random() will pass this, but this will catch
+    // terrible mistakes such as this blunder:
+    // https://github.com/dominictarr/crypto-browserify/commit/3267955e1df7edd1680e52aeede9a89506ed2464#commitcomment-7916835
+  
+    // this doesn't check that the bytes are in a random *order*
+    // but it's better than nothing.
+  
+    var expected = 256/2
+    var smean = Math.sqrt(mean)
+    //console.log doesn't work right on testling, *grumble grumble*
+    console.log(JSON.stringify([expected - smean, mean, expected + smean]))
+    t.ok(mean < expected + smean)
+    t.ok(mean > expected - smean)
+  
     t.end()
-  } catch (err) {
-    t.ok(/not supported/.test(err.message), '"not supported"  is in error message')
-    t.end()
-  }
+  
+  })
+}
 
-})
-
-test('randomBytes', function (t) {
-    t.plan(5);
-    t.equal(crypto.randomBytes(10).length, 10);
-    t.ok(Buffer.isBuffer(crypto.randomBytes(10)))
-    crypto.randomBytes(10, function(ex, bytes) {
-        t.error(ex);
-        t.equal(bytes.length, 10);
-        t.ok(Buffer.isBuffer(bytes))
-        t.end();
-  });
-});
-
-test('randomBytes seem random', function (t) {
-
-  var L = 1000
-  var b = crypto.randomBytes(L)
-
-  var mean = [].reduce.call(b, function (a, b) { return a + b}, 0) / L
-
-  // test that the random numbers are plausably random.
-  // Math.random() will pass this, but this will catch
-  // terrible mistakes such as this blunder:
-  // https://github.com/dominictarr/crypto-browserify/commit/3267955e1df7edd1680e52aeede9a89506ed2464#commitcomment-7916835
-
-  // this doesn't check that the bytes are in a random *order*
-  // but it's better than nothing.
-
-  var expected = 256/2
-  var smean = Math.sqrt(mean)
-  //console.log doesn't work right on testling, *grumble grumble*
-  console.log(JSON.stringify([expected - smean, mean, expected + smean]))
-  t.ok(mean < expected + smean)
-  t.ok(mean > expected - smean)
-
-  t.end()
-
-})
-
-

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

57113

increased by14.06%

Number of package files

26

increased by8.33%

Lines of code

1337

increased by6.45%

Worsened metrics

Dependency count

8

increased by14.29%

Number of low supply chain risk alerts

11

increased by10%

Dependency changes

• + Addedpublic-encrypt@1.0.1

• + Addedbrowserify-aes@0.6.1(transitive)

• + Addedbrowserify-sign@2.6.0(transitive)

• + Addedparse-asn1@1.2.0(transitive)

• + Addedpublic-encrypt@1.0.1(transitive)

• - Removedbrowserify-aes@0.6.0(transitive)

• - Removedbrowserify-sign@2.4.0(transitive)

• Updatedbrowserify-aes@0.6.1

• Updatedbrowserify-sign@2.6.0