Repository files navigation

Please check the develop branch for node 0.11 and 0.12 support, detached signatures and system architecture detection

Port of thelib sodium Encryption Library to Node.js.

This a work in progress but most of Lib Sodium as been ported already.Missing are thegenerichash functions, and the alternative primitives, likecrypto_box_curve25519xsalsa20poly1305, orcrypto_stream_aes128ctr

There's a "low level" native module that gives you access directly to Lib Sodium, and a friendlier high level API that makes the use of the library a bit easier.

Checkdocs/ported-functions.md for a list of all lib sodium functions included in node-sodium.

Just a quick example that uses the same public/secret key pair to encrypt and then decrypt the message.

var sodium = require('sodium');        var box = new sodium.Box();     // random key pair, and nonce generated automaticallyvar cipherText = box.encrypt("This is a secret message", "utf8");var plainText = box.decrypt(cipherText);

A low level API is provided for advanced users. The functions available through the low level API have the exact same names as in lib sodium, and are available via thesodium.api object. Here is one example of how to use some of the low level API functions to encrypt/decrypt a message:

var sodium = require('sodium').api;// Generate keysvar sender = sodium.crypto_box_keypair();var receiver = sodium.crypto_box_keypair();// Generate random noncevar nonce = new Buffer(sodium.crypto_box_NONCEBYTES);sodium.randombytes_buf(nonce);// Encryptvar plainText = new Buffer('this is a message');var cipherMsg = sodium.crypto_box(plainText, nonce, receiver.publicKey, sender.secretKey);// Decryptvar plainBuffer = sodium.crypto_box_open(cipherMsg,nonce,sender.publicKey, receiver.secretKey);// We should get the same plainText!// We should get the same plainText!if( plainBuffer.toString() == plainText) {    console.log("Message decrypted correctly");}

As you can see the high level API implementation is easier to use, but the low level API will fill just right for those with experience with the C version of lib sodium. It also allows you to bypass any bugs in the high level APIs.

You can find this code sample inexamples\low-level-api.js.

Please read the work in progress documentation found underdocs/.

You shoudld also review the unit tests as most of the high level API is "documented" there.Don't forget to check out the examples as well.

The low levellibsodium API documentation is now complete. All ported functions have been documented inlow-level-api.md with code examples.

Please be patient as I document the rest of the APIs, or better still help out :)

Lib Sodium is documentedhere. Node-Sodium follows the same structure and I will keep documenting it as fast as possible.

Tested on Mac, Linux and IllumOS Systems

npm install sodium

node-sodium depends on lib sodium, so if lib sodium does not compile on your platform chances arenpm install sodium will fail.

node-gyp build

Please check the fully documented code samples intest/test_sodium.js.

To run the unit tests you need Mocha. If you'd like to run coverage reports you need mocha-istanbul. You can install both globally by doing

npm install -g mocha mocha-istanbul

You may need to run it withsudo is only root user has access to Node.js global directories

sudo npm install -g mocha mocha-istanbul

You need to have mocha test suite installed globally then you can run the node-sodium unit tests by

make test

You need to have mocha test suite installed globally then you can run the node-sodium unit tests by

make test-cov

This software is licensed thorugh MIT License. Please read the LICENSE file for more details.