crypto-ld - npm Package Compare versions

Comparing version 3.1.0 to 3.2.0

CHANGELOG.md

 # crypto-ld ChangeLog
 
+## 3.2.0 - 2019-02-19
+
+### Changed
+- Remove `sodium-universal` dependency to reduce the size of the browser bundle.
+- Ed25519 operations in Node.js use `sodium-native` APIs.
+- Ed25519 operations in the browser use `forge` APIs.
+- Use `base64url-universal` which eliminates the need for a `Buffer` polyfill
+  when this module is used in the browser.
+
 ## 3.1.0 - 2019-02-18
@@ -4,0 +13,0 @@

lib/Ed25519KeyPair.js

@@ -8,4 +8,4 @@ /*!
 const forge = require('node-forge');
-const base64url = require('base64url');
-const {util: {binary: {base58}}} = forge;
+const base64url = require('base64url-universal');
+const {pki: {ed25519}, util: {binary: {base58}}} = forge;
 const LDKeyPair = require('./LDKeyPair');
@@ -41,6 +41,5 @@
   static async generate(options = {}) {
-    // TODO: use native node crypto api once it's available
-    const sodium = require('sodium-universal');
-
     if(env.nodejs) {
+      // TODO: use native node crypto api once it's available
+      const sodium = require('sodium-native');
       const bs58 = require('bs58');
@@ -57,5 +56,3 @@ const publicKey = new Buffer.alloc(sodium.crypto_sign_PUBLICKEYBYTES);
 
-    const publicKey = new Uint8Array(sodium.crypto_sign_PUBLICKEYBYTES);
-    const privateKey = new Uint8Array(sodium.crypto_sign_SECRETKEYBYTES);
-    sodium.crypto_sign_keypair(publicKey, privateKey);
+    const {publicKey, privateKey} = ed25519.generateKeyPair();
     return new Ed25519KeyPair({
@@ -248,3 +245,3 @@ publicKeyBase58: base58.encode(publicKey),
   if(env.nodejs) {
-    const sodium = require('sodium-universal');
+    const sodium = require('sodium-native');
     const bs58 = require('bs58');
@@ -266,3 +263,3 @@ const privateKey = bs58.decode(key.privateKeyBase58);
     async sign({data}) {
-      return forge.ed25519.sign({message: data, privateKey});
+      return ed25519.sign({message: data, privateKey});
     }
@@ -279,3 +276,3 @@ };
   if(env.nodejs) {
-    const sodium = require('sodium-universal');
+    const sodium = require('sodium-native');
     const bs58 = require('bs58');
@@ -295,3 +292,3 @@ const publicKey = bs58.decode(key.publicKeyBase58);
     async verify({data, signature}) {
-      return forge.ed25519.verify({message: data, signature, publicKey});
+      return ed25519.verify({message: data, signature, publicKey});
     }
@@ -298,0 +295,0 @@ };

package.json

 {
   "name": "crypto-ld",
-  "version": "3.1.0",
+  "version": "3.2.0",
   "description": "A library for managing cryptographic keys using Linked Data.",
@@ -25,6 +25,6 @@ "homepage": "https://github.com/digitalbazaar/crypto-ld",
   "dependencies": {
-    "base64url": "^3.0.0",
+    "base64url-universal": "^1.0.0",
     "bs58": "^4.0.1",
     "node-forge": "^0.8.0",
-    "sodium-universal": "^2.0.0"
+    "sodium-native": "^2.3.0"
   },
@@ -77,2 +77,3 @@ "devDependencies": {
     "crypto": false,
+    "sodium-native": false,
     "util": false
@@ -79,0 +80,0 @@ },

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

29534

increased by0.87%

Worsened metrics

Lines of code

671

decreased by-0.3%

Dependency changes

• + Addedbase64url-universal@^1.0.0

• + Addedsodium-native@^2.3.0

• + Addedbase64url-universal@1.1.0(transitive)

• - Removedbase64url@^3.0.0

• - Removedsodium-universal@^2.0.0

• - Removedb4a@1.6.7(transitive)

• - Removedblake2b@2.1.4(transitive)

• - Removedblake2b-wasm@2.4.0(transitive)

• - Removednanoassert@1.1.02.0.0(transitive)

• - Removedsiphash24@1.3.1(transitive)

• - Removedsodium-javascript@0.5.6(transitive)

• - Removedsodium-universal@2.0.0(transitive)

• - Removedxsalsa20@1.2.0(transitive)