sodium-plus
Advanced tools
Readme
Sodium-Plus delivers a positive cryptography experience for JavaScript developers.
Sodium-Plus brings you all the benefits of using libsodium in your application without any of the headaches introduced by the incumbent APIs.
Sodium-Plus is permissively licensed (ISC) and free to use.
async/await ready (aside from object constructors).Buffer objects and hoping you got your
argument order correct, sodium-plus will throw an Error if you provide
the wrong key type. This prevents you from accidentally introducing a severe
security risk into your application.With NPM:
npm install sodium-plus
You can optionally install sodium-native alongside sodium-plus if you
want better performance.
The default configuration is a bit slower, but has a wider reach (e.g. web browsers).
See this section of the documentation for getting started with Sodium-Plus in a web browser.
SodiumPlus is meant to be used asynchronously, like so:
const { SodiumPlus } = require('sodium-plus');
(async function() {
// Select a backend automatically
let sodium = await SodiumPlus.auto();
let key = await sodium.crypto_secretbox_keygen();
let nonce = await sodium.randombytes_buf(24);
let message = 'This is just a test message';
// Message can be a string, buffer, array, etc.
let ciphertext = await sodium.crypto_secretbox(message, nonce, key);
console.log(ciphertext);
let decrypted = await sodium.crypto_secretbox_open(ciphertext, nonce, key);
console.log(decrypted.toString('utf-8'));
})();
This should produce output similar to below (but with different random-looking bytes):
<Buffer 00 b7 66 89 3d b4 4d e9 7e 0f 66 91 fd d1 ca fd be bb 7f 00 89 76 5b 48 ec ed 80 cc 87 76 54 1b b5 ea 87 9b e5 19 ee 4c 31 c5 63>
This is just a test message
The documentation is available online on Github!
If your company uses this library in their products or services, you may be interested in purchasing a support contract from Paragon Initiative Enterprises.
FAQs
The Sodium Cryptography Library
The npm package sodium-plus receives a total of 3,797 weekly downloads. As such, sodium-plus popularity was classified as popular.
We found that sodium-plus demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Streamline your login process and enhance security by enabling Single Sign-On (SSO) on the Socket platform, now available for all customers on the Enterprise plan, supporting 20+ identity providers.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.