sodium-native

What is sodium-native?

The sodium-native package provides native bindings to the libsodium library, which is a modern, easy-to-use software library for encryption, decryption, signatures, password hashing, and more.

What are sodium-native's main functionalities?

Encryption and Decryption

This feature allows you to encrypt and decrypt messages using secret-key cryptography. The code sample demonstrates how to encrypt a message and then decrypt it back to its original form.

const sodium = require('sodium-native');

const message = Buffer.from('Hello, World!');
const cipher = Buffer.alloc(message.length + sodium.crypto_secretbox_MACBYTES);
const nonce = Buffer.alloc(sodium.crypto_secretbox_NONCEBYTES);
const key = Buffer.alloc(sodium.crypto_secretbox_KEYBYTES);
sodium.randombytes_buf(nonce);
sodium.randombytes_buf(key);
sodium.crypto_secretbox_easy(cipher, message, nonce, key);

const decrypted = Buffer.alloc(message.length);
if (!sodium.crypto_secretbox_open_easy(decrypted, cipher, nonce, key)) {
  throw new Error('Decryption failed');
}
console.log(decrypted.toString());

Hashing

This feature allows you to hash data using a cryptographic hash function. The code sample demonstrates how to hash a message and output the hash in hexadecimal format.

const sodium = require('sodium-native');

const input = Buffer.from('Hello, World!');
const output = Buffer.alloc(sodium.crypto_generichash_BYTES);
sodium.crypto_generichash(output, input);
console.log(output.toString('hex'));

Key Derivation

This feature allows you to derive subkeys from a master key using a key derivation function. The code sample demonstrates how to derive a subkey from a master key.

const sodium = require('sodium-native');

const masterKey = Buffer.alloc(sodium.crypto_kdf_KEYBYTES);
sodium.randombytes_buf(masterKey);
const subKey = Buffer.alloc(sodium.crypto_kdf_BYTES_MIN);
sodium.crypto_kdf_derive_from_key(subKey, 1, 'context', masterKey);
console.log(subKey.toString('hex'));

Digital Signatures

This feature allows you to create and verify digital signatures. The code sample demonstrates how to generate a key pair, sign a message, and verify the signature.

const sodium = require('sodium-native');

const message = Buffer.from('Hello, World!');
const publicKey = Buffer.alloc(sodium.crypto_sign_PUBLICKEYBYTES);
const secretKey = Buffer.alloc(sodium.crypto_sign_SECRETKEYBYTES);
sodium.crypto_sign_keypair(publicKey, secretKey);
const signature = Buffer.alloc(sodium.crypto_sign_BYTES);
sodium.crypto_sign_detached(signature, message, secretKey);

if (sodium.crypto_sign_verify_detached(signature, message, publicKey)) {
  console.log('Signature is valid');
} else {
  console.log('Signature is invalid');
}

Other packages similar to sodium-native

libsodium-wrappers

libsodium-wrappers is a JavaScript wrapper for the libsodium library, providing similar functionalities to sodium-native but with a focus on ease of use and compatibility with web environments. It is built on top of the WebAssembly version of libsodium, making it suitable for both Node.js and browser environments.

tweetnacl

tweetnacl is a cryptographic library that provides a subset of the functionalities offered by sodium-native. It is a smaller, self-contained library that is easy to use and suitable for environments where a smaller footprint is required. However, it does not offer the same breadth of features as sodium-native.

crypto

The built-in crypto module in Node.js provides various cryptographic functionalities, including hashing, encryption, and digital signatures. While it is not as comprehensive as sodium-native, it is a good alternative for basic cryptographic needs and does not require any additional dependencies.

README

sodium-native

Low level bindings for libsodium (WIP, THERE BE DRAGONS).

npm install sodium-native

Usage

var sodium = require('sodium-native')
console.log(sodium)

License

MIT