secure-random-string - npm Package Compare versions

Comparing version 0.1.0 to 1.0.0

CHANGELOG.md

lib/secure-random-string.js

		@@ -10,23 +10,24 @@ var crypto = require('crypto');
		}

		var length = options['length'] \|\| 32;

		// async path
		if (cb) {
		crypto.randomBytes(length, function(ex, buf) {
		if (ex) throw ex;
		return cb(_finish(buf));
		});
		}
		// sync path
		else {
		return _finish(crypto.randomBytes(length));
		}
		// async path
		if (cb) {
		crypto.randomBytes(length, function(err, buf) {
		if (err) {
		return cb(err);
		}
		return cb(null,_finish(buf));
		});
		}
		// sync path
		else {
		return _finish(crypto.randomBytes(length));
		}

		function _finish (buf) {
		function _finish (buf) {
		var string = buf.toString('base64');
		if (options.urlsafe) {
		string = string.replace(/\//g,'_').replace(/\+/g,'-');
		}
		return string.substr(0, length);
		}
		string = string.replace(/\//g,'_').replace(/\+/g,'-');
		return string.substr(0, length);
		}

		@@ -33,0 +34,0 @@ };

package.json

		{
		"name": "secure-random-string",
		"version": "0.1.0",
		"version": "1.0.0",
		"description": "Generates a secure random string with a given length",
		@@ -14,5 +14,8 @@ "main": "lib/secure-random-string.js",
		"keywords": [
		"crypto",
		"cryptography",
		"secure",
		"random",
		"string"
		"string",
		"token"
		],
		@@ -19,0 +22,0 @@ "author": "Simon Santoro",

README.md

		@@ -18,3 +18,3 @@ # secure-random-string
		// Async
		srs(function(sr) {
		srs(function(err, sr) {
		console.log(sr);
		@@ -25,15 +25,12 @@ });

		### Options: length, urlsafe
		### Options: length

		Optionally, you can specify a 'length' option to specify a length.

		The 'urlsafe' option replaces a potential `+` character with `-` and the `/` character
		with `_`, created a valid [base64url](https://en.wikipedia.org/wiki/Base64) format string.

		```javascript
		// sync
		var result = srs({length: 256, urlsafe:true});
		var result = srs({length: 256});

		// async
		srs({length: 256, urlsafe:true}, function(sr) {
		srs({length: 256}, function(err, sr) {
		console.log(sr);
		@@ -45,4 +42,6 @@ });

		Will throw error if there is not enough accumulated entropy to generate cryptographically strong data. In other words, this without callback will not block even if all entropy sources are drained.

		An error is possible if there is not enough accumulated entropy to generate cryptographically strong data. In other words, this will not block even if all entropy sources are drained. Note that the sync API throws an exception, while
		the async API returns the error to the callback.

		## Author
		@@ -49,0 +48,0 @@

tests.js

		@@ -32,3 +32,3 @@ var srs = require('./lib/secure-random-string.js');
		// async tests
		srs(function(sr) {
		srs(function(err, sr) {
		test('generate a random string 32 chars long',
		@@ -40,3 +40,3 @@ sr.length,

		srs({length: 1}, function(sr) {
		srs({length: 1}, function(err, sr) {
		test('generate a random string 1 char long',
		@@ -48,3 +48,3 @@ sr.length,

		srs({length: 256}, function(sr) {
		srs({length: 256}, function(err, sr) {
		test('generate a random string 256 chars long',
		@@ -56,10 +56,3 @@ sr.length,

		srs({length: 256, urlsafe: true}, function(sr) {
		test('generate a urlsafe random string 256 chars long',
		sr.length,
		256
		);
		});


		// sync tests
		@@ -69,2 +62,8 @@ test('generate a random string 32 chars long (sync)', srs().length, 32);
		test('generate a random string 256 chars long (sync)', srs({length:256}).length, 256);
		test('generate a urlsafe random string 256 chars long (sync)', srs({length:256, urlsafe:true}).length, 256);


		//in 2000 chars there should be at least one substitution
		test('check that the random string is urlsafe', (function() {
		var s = srs({length: 2000});
		return s.indexOf('+') + s.indexOf('/') === -2;
		})(), true);

New alerts