Secure Key Readme Suggestion + Release #17
Description
Hi, I noticed that you have a new README in the works for addressing the changes in #12
https://github.com/tuupola/branca-js/tree/key-readme
I have a few suggested changes you might consider for the new Key section. A new release with the updated README would be great.
## Secret key
The token is encrypted using a 32 byte secret key. You can pass the secret key either as an instance of `Buffer` or a hex encoded string. The value of the key must be protected and should not be stored in your application code. In the examples that follow the key is generated on the fly only for demonstration purposes.
From hex string:
```javascript
const key = "7ed049e344f73f399ba1f7868cf9494f4b13347ecce02a8e463feb32507b73a5";
const branca = require("branca")(key);
```
From a hex string as a Buffer:
```javascript
const key = Buffer.from("7ed049e344f73f399ba1f7868cf9494f4b13347ecce02a8e463feb32507b73a5", "hex");
const branca = require("branca")(key);
```
You should not use human readable, or memorable, strings as the secret key. Instead always generate the key using cryptographically secure random bytes. You can do this, for example, from the command-line with Node.js itself or `openssl`.
```sh
$ node
Welcome to Node.js v16.2.0.
Type ".help" for more information.
> crypto.randomBytes(32).toString("hex")
'46cad3699da5766c45e80edfbf19dd2debc311e0c9046a80e791597442b2daf0'
```
```sh
$ openssl rand -hex 32
29f7d3a263bd6fcfe716865cbdb00b7a317d1993b8b7a3a5bae6192fbe0ace65
```