isomorphic-webcrypto - npm Package Compare versions

Comparing version 1.2.0 to 1.2.1

package.json

 {
   "name": "isomorphic-webcrypto",
-  "version": "1.2.0",
-  "description": "isomorphic webcrypto for IE11+ in 3kB",
+  "version": "1.2.1",
+  "description": "webcrypto library for Node, React Native and IE11+",
   "main": "main.js",
@@ -6,0 +6,0 @@ "module": "index.mjs",

README.md

 # isomorphic-webcrypto [![NPM](https://img.shields.io/npm/v/isomorphic-webcrypto.svg)](https://npmjs.com/package/isomorphic-webcrypto)
-isomorphic webcrypto library for IE11+ in 3kB
+webcrypto library for Node, React Native and IE11+
 
@@ -10,2 +10,4 @@ ## What?
 
+There's currently no native crypto support in React Native, so [the Microsoft Research library](https://github.com/kevlened/msrCrypto) is exposed.
+
 ## Install
@@ -35,8 +37,17 @@
 
-See [webcrypto-shim's supported browsers](https://github.com/vibornoff/webcrypto-shim#supported-browsers) for standard browser support.
+* IE11+
+* Safari 8+
+* Edge 12+
+* Chrome 43+
+* Opera 24+
+* Firefox 34+
+* Node 4+
+* React Native
 
-If you need a js-only implementation for older browsers or environments that don't have any crypto support, the [Microsoft Research library](https://www.microsoft.com/en-us/download/details.aspx?id=52439) is exposed as the `extended` version.
+### Other Environments
 
+If you need to support other environments (like older browsers), use the [Microsoft Research library](https://github.com/kevlened/msrCrypto).
+
 ```javascript
-const crypto = require('isomorphic-crypto/extended')
+const crypto = require('msrcrypto')
 
@@ -54,7 +65,25 @@ /**
 
-> 
+### React Native
 
+React Native support is implemented using [the Microsoft Research library](https://github.com/kevlened/msrCrypto). The React Native environment only supports `Math.random()`, so [react-native-securerandom](https://github.com/rh389/react-native-securerandom) is used to provide proper entropy. This is handled automatically, except for `crypto.getRandomValues()`, which requires you wait:
+
+```javascript
+const crypto = require('isomorphic-webcrypto')
+
+crypto.generateKey() // safe (all other methods are safe)
+crypto.getRandomValues() // insecure!!!
+
+// Only needed for crypto.getRandomValues
+crypto.ensureSecure(err => {
+  if (err) throw err
+  crypto.getRandomValues() // safe
+
+  // Only wait once, future calls are secure
+  // No need to wrap every getRandomValues call
+})
+```
+
 ## I just want to drop in a script tag
 
-You should use the webcrypto-shim library directly:
+You should use [the webcrypto-shim](https://github.com/vibornoff/webcrypto-shim) library directly:
 
@@ -61,0 +90,0 @@ ```html

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

30262

increased by2.96%

Number of lines in readme file

95

increased by43.94%

No dependency changes