UNPKG

get-random-values-polypony

Version:

Synchronous randombytes function that works in node, the browser & react-native!

github.com/@consento/get-random-values-polypony

consento-org/get-random-values-polypony

62 lines (36 loc) 3 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
# get-random-values-polypony ![Standard & TypeScript definitions](https://github.com/consento-org/sync-randombytes/workflows/Linting%20the%20code/badge.svg) ![Device Tests](https://github.com/consento-org/sync-randombytes/workflows/Testing%20on%20devices/badge.svg) `get-random-values-polypony` is a **thorougly tested**, normalizing [ponyfill](https://github.com/sindresorhus/ponyfill) for [`crypto.getRandomValues`](https://developer.mozilla.org/en-US/docs/Web/API/Crypto/getRandomValues) with a [polyfill](https://en.wikipedia.org/wiki/Polyfill_(programming)) option. - It is tested to work with **react-native**(ios, android), **expo**, node 6+, IE 11, Metro, Firefox, Safari - No dependencies. `npm i get-random-values-polypony --save` ## Usage You can use it like an other randomBytes function by calling: ```javascript const getRandomValues = require('get-random-values-polypony') const randomUint8Array = getRandomValues(new Uint8Array(16)) ``` Or setup the polyfill like: ```javascript require('get-random-values-polypony').polyfill() crypto.getRandomValues(new Uint8Array(16)) ``` ## Why? ### Normalizing behavior both in ponyfill and polyfill The polyfill respects _(unlike other implementations)_ that the native `crypto.getRandomValues` do not support `Float32Array`, `Float64Array`, `DataView`, `BigInt64Array` or `BigUint64Array` and behaves likewise on node/react-native. Similarly the `crypto.getRandomValues` polyfill does not accept a `ArrayBuffer` that has more than `65536` bytes. The `ponyfill` on the other hand will accept all native `ArrayBufferView` implementations at any size, on all platforms. ### Expo support This library works out-of-the-box with [`expo`](https://expo.io) - no additional setup needed. ### No dependencies Other react-native implementations use `base64` to process the native data in JavaScript, this implementation works around this by using `hex` encoded data which can be easily processed without a library (also: it uses less data). Some other implementations use like this a random-seed implementations. Those dependencies are often part of a bigger crypto suite that comes with dependencies and dependencies of dependencies, bloating the package tree while not necessarily improving the safety. ### Chrome logic for react-native To implement it for react-native, this library ported google chrome's random implementation to javascript. The advantage of google's implementation is the small initial random value (64bit) which is easy to supply - even in expo. It should also come with the same level of security as chrome does. ### Non-blocking Other implementations such as [react-native-get-random-values](https://github.com/LinusU/react-native-get-random-values) use blocking native calls in react-native that may create locks between the native and JS thread. `get-random-values-polypony` only requires a secure initial seed, like browsers and the rest is executed on the javascript thread. ## License [MIT](./LICENSE)