sodium-native

What is sodium-native?

The sodium-native package provides native bindings to the libsodium library, which is a modern, easy-to-use software library for encryption, decryption, signatures, password hashing, and more.

What are sodium-native's main functionalities?

Encryption and Decryption

This feature allows you to encrypt and decrypt messages using secret-key cryptography. The code sample demonstrates how to encrypt a message and then decrypt it back to its original form.

const sodium = require('sodium-native');

const message = Buffer.from('Hello, World!');
const cipher = Buffer.alloc(message.length + sodium.crypto_secretbox_MACBYTES);
const nonce = Buffer.alloc(sodium.crypto_secretbox_NONCEBYTES);
const key = Buffer.alloc(sodium.crypto_secretbox_KEYBYTES);
sodium.randombytes_buf(nonce);
sodium.randombytes_buf(key);
sodium.crypto_secretbox_easy(cipher, message, nonce, key);

const decrypted = Buffer.alloc(message.length);
if (!sodium.crypto_secretbox_open_easy(decrypted, cipher, nonce, key)) {
  throw new Error('Decryption failed');
}
console.log(decrypted.toString());

Hashing

This feature allows you to hash data using a cryptographic hash function. The code sample demonstrates how to hash a message and output the hash in hexadecimal format.

const sodium = require('sodium-native');

const input = Buffer.from('Hello, World!');
const output = Buffer.alloc(sodium.crypto_generichash_BYTES);
sodium.crypto_generichash(output, input);
console.log(output.toString('hex'));

Key Derivation

This feature allows you to derive subkeys from a master key using a key derivation function. The code sample demonstrates how to derive a subkey from a master key.

const sodium = require('sodium-native');

const masterKey = Buffer.alloc(sodium.crypto_kdf_KEYBYTES);
sodium.randombytes_buf(masterKey);
const subKey = Buffer.alloc(sodium.crypto_kdf_BYTES_MIN);
sodium.crypto_kdf_derive_from_key(subKey, 1, 'context', masterKey);
console.log(subKey.toString('hex'));

Digital Signatures

This feature allows you to create and verify digital signatures. The code sample demonstrates how to generate a key pair, sign a message, and verify the signature.

const sodium = require('sodium-native');

const message = Buffer.from('Hello, World!');
const publicKey = Buffer.alloc(sodium.crypto_sign_PUBLICKEYBYTES);
const secretKey = Buffer.alloc(sodium.crypto_sign_SECRETKEYBYTES);
sodium.crypto_sign_keypair(publicKey, secretKey);
const signature = Buffer.alloc(sodium.crypto_sign_BYTES);
sodium.crypto_sign_detached(signature, message, secretKey);

if (sodium.crypto_sign_verify_detached(signature, message, publicKey)) {
  console.log('Signature is valid');
} else {
  console.log('Signature is invalid');
}

Other packages similar to sodium-native

libsodium-wrappers

libsodium-wrappers is a JavaScript wrapper for the libsodium library, providing similar functionalities to sodium-native but with a focus on ease of use and compatibility with web environments. It is built on top of the WebAssembly version of libsodium, making it suitable for both Node.js and browser environments.

tweetnacl

tweetnacl is a cryptographic library that provides a subset of the functionalities offered by sodium-native. It is a smaller, self-contained library that is easy to use and suitable for environments where a smaller footprint is required. However, it does not offer the same breadth of features as sodium-native.

crypto

The built-in crypto module in Node.js provides various cryptographic functionalities, including hashing, encryption, and digital signatures. While it is not as comprehensive as sodium-native, it is a good alternative for basic cryptographic needs and does not require any additional dependencies.

README

sodium-native

Low level bindings for libsodium.

npm install sodium-native

The goal of this project is to be thin, stable, unopionated wrapper around libsodium.

All methods exposed are more or less a direct translation of the libsodium c-api. This means that most data types are buffers and you have to manage allocating return values and passing them in as arguments intead of receiving them as return values.

This makes this API harder to use than other libsodium wrappers out there, but also means that you'll be able to get a lot of perf / memory improvements as you can do stuff like inline encryption / decryption, re-use buffers etc.

This also makes this library useful as a foundation for more high level crypto abstractions that you want to make.

Usage

var sodium = require('sodium-native')

var nonce = Buffer.alloc(sodium.crypto_secretbox_NONCEBYTES)
var key = sodium.sodium_malloc(sodium.crypto_secretbox_KEYBYTES) // secure buffer
var message = Buffer.from('Hello, World!')
var ciphertext = Buffer.alloc(message.length + sodium.crypto_secretbox_MACBYTES)

sodium.randombytes_buf(nonce) // insert random data into nonce
sodium.randombytes_buf(key)  // insert random data into key

// encrypted message is stored in ciphertext.
sodium.crypto_secretbox_easy(ciphertext, message, nonce, key)

console.log('Encrypted message:', ciphertext)

var plainText = Buffer.alloc(ciphertext.length - sodium.crypto_secretbox_MACBYTES)

if (!sodium.crypto_secretbox_open_easy(plainText, ciphertext, nonce, key)) {
  console.log('Decryption failed!')
} else {
  console.log('Decrypted message:', plainText, '(' + plainText.toString() + ')')
}

Documentation

Complete documentation may be found on the sodium-friends website

License

MIT