Socket
Socket
Sign inDemoInstall

crypto-js

Package Overview
Dependencies
Maintainers
1
Versions
20
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

crypto-js - npm Package Compare versions

Comparing version 3.2.0 to 3.2.1

2

bower.json
{
"name": "crypto-js",
"version": "3.2.0",
"version": "3.2.1",
"description": "JavaScript library of crypto standards.",

@@ -5,0 +5,0 @@ "license": "MIT",

@@ -16,2 +16,4 @@ ;(function (root, factory) {

/*globals window, global, require*/
/**

@@ -22,2 +24,26 @@ * CryptoJS core components.

var crypto;
// Native crypto from window (Browser)
if (typeof window !== 'undefined' && window.crypto) {
crypto = window.crypto;
}
// Native (experimental IE 11) crypto from window (Browser)
if (!crypto && typeof window !== 'undefined' && window.msCrypto) {
crypto = window.msCrypto;
}
// Native crypto from global (NodeJS)
if (!crypto && typeof global !== 'undefined' && global.crypto) {
crypto = global.crypto;
}
// Native crypto import via require (NodeJS)
if (!crypto && typeof require === 'function') {
try {
crypto = require('crypto');
} catch (err) {}
}
/*

@@ -28,21 +54,19 @@ * Cryptographically secure pseudorandom number generator

*/
var secureRandom = function () {
// Native crypto module on NodeJS environment
try {
// Crypto from global object
var crypto = global.crypto;
var cryptoSecureRandomInt = function () {
if (crypto) {
// Use getRandomValues method (Browser)
if (typeof crypto.getRandomValues === 'function') {
try {
return crypto.getRandomValues(new Uint32Array(1))[0];
} catch (err) {}
}
// Create a random float number between 0 and 1
return Number('0.' + crypto.randomBytes(3).readUIntBE(0, 3));
} catch (err) {}
// Use randomBytes method (NodeJS)
if (typeof crypto.randomBytes === 'function') {
try {
return crypto.randomBytes(4).readInt32LE();
} catch (err) {}
}
}
// Native crypto module in Browser environment
try {
// Support experimental crypto module in IE 11
var crypto = window.crypto || window.msCrypto;
// Create a random float number between 0 and 1
return Number('0.' + window.crypto.getRandomValues(new Uint32Array(1))[0]);
} catch (err) {}
throw new Error('Native crypto module could not be used to get secure random number.');

@@ -340,3 +364,3 @@ };

for (var i = 0; i < nBytes; i += 4) {
words.push((secureRandom() * 0x100000000) | 0);
words.push(cryptoSecureRandomInt());
}

@@ -343,0 +367,0 @@

{
"name": "crypto-js",
"version": "3.2.0",
"version": "3.2.1",
"description": "JavaScript library of crypto standards.",

@@ -5,0 +5,0 @@ "license": "MIT",

@@ -211,1 +211,26 @@ # crypto-js [![Build Status](https://travis-ci.org/brix/crypto-js.svg?branch=develop)](https://travis-ci.org/brix/crypto-js)

- ```crypto-js/pad-nopadding```
## Release notes
### 3.2.1
The usage of the native crypto module has been fixed. The import and access of the native crypto module has been improved.
### 3.2.0
In this version `Math.random()` has been replaced by the random methods of the native crypto module.
For this reason CryptoJS might does not run in some JavaScript environments without native crypto module. Such as IE 10 or before.
If it's absolute required to run CryptoJS in such an environment, stay with `3.1.x` version. Encrypting and decrypting stays compatible. But keep in mind `3.1.x` versions still use `Math.random()` which is cryptographically not secure, as it's not random enough.
This version came along with `CRITICAL` `BUG`.
DO NOT USE THIS VERSION! Please, go for a newer version!
### 3.1.x
The `3.1.x` are based on the original CryptoJS, wrapped in CommonJS modules.

Sorry, the diff of this file is too big to display

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc