1. Advisor
  2. sodium-native
  3. functions
  4. sodium-native.crypto_secretbox_MACBYTES
View all sodium-native analysis

How to use the sodium-native.crypto_secretbox_MACBYTES function in sodium-native

To help you get started, we’ve selected a few sodium-native examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github mcollina / fastify-secure-session / index.js View on Github external
// do not use destructuring or it will deopt
      const split = cookie.split(';')
      const cyphertextB64 = split[0]
      const nonceB64 = split[1]

      if (split.length <= 1) {
        // the cookie is malformed
        request.session = new Session({})
        next()
        return
      }

      const cipher = Buffer.from(cyphertextB64, 'base64')
      const nonce = Buffer.from(nonceB64, 'base64')

      if (cipher.length < sodium.crypto_secretbox_MACBYTES) {
        // not long enough
        request.session = new Session({})
        next()
        return
      }

      const msg = Buffer.allocUnsafe(cipher.length - sodium.crypto_secretbox_MACBYTES)
      if (!sodium.crypto_secretbox_open_easy(msg, cipher, nonce, key)) {
        // unable to decrypt
        request.session = new Session({})
        next()
        return
      }

      request.session = new Session(JSON.parse(msg))
      next()
github openkfw / TruBudget / api / src / organization / vault.ts View on Github external
export function vaultFromHexString(organizationVaultSecret: string, dataHexString: string): Vault {
  // The nonce/salt is prepended to the actual ciphertext:
  const dataBuffer = Buffer.from(dataHexString, "hex");
  const nonceBuffer = dataBuffer.slice(0, sodium.crypto_secretbox_NONCEBYTES);
  const cipherBuffer = dataBuffer.slice(sodium.crypto_secretbox_NONCEBYTES);

  const keyBuffer = toKeyBuffer(organizationVaultSecret);

  const plaintextBuffer = Buffer.alloc(cipherBuffer.length - sodium.crypto_secretbox_MACBYTES);
  if (!sodium.crypto_secretbox_open_easy(plaintextBuffer, cipherBuffer, nonceBuffer, keyBuffer)) {
    throw Error("Vault decryption failed!");
  }

  const vaultString = plaintextBuffer.toString();
  const vault: Vault = JSON.parse(vaultString);
  return vault;
}
github openkfw / TruBudget / api / src / lib / symmetricCrypto.ts View on Github external
export function encrypt(organizationSecret: string, plaintext: string): string {
  const plaintextBuffer = Buffer.from(plaintext);

  // The nonce/salt will be prepended to the ciphertext:
  const dataBuffer = Buffer.alloc(
    sodium.crypto_secretbox_NONCEBYTES + sodium.crypto_secretbox_MACBYTES + plaintextBuffer.length,
  );

  // A new nonce/salt is used every time the vault is updated:
  const nonceBuffer = dataBuffer.slice(0, sodium.crypto_secretbox_NONCEBYTES);
  sodium.randombytes_buf(nonceBuffer);

  const keyBuffer = toKeyBuffer(organizationSecret);

  const cipherBuffer = dataBuffer.slice(sodium.crypto_secretbox_NONCEBYTES);
  sodium.crypto_secretbox_easy(cipherBuffer, plaintextBuffer, nonceBuffer, keyBuffer);

  return dataBuffer.toString("hex");
}
github mcollina / fastify-secure-session / index.js View on Github external
request.session = new Session({})
        next()
        return
      }

      const cipher = Buffer.from(cyphertextB64, 'base64')
      const nonce = Buffer.from(nonceB64, 'base64')

      if (cipher.length < sodium.crypto_secretbox_MACBYTES) {
        // not long enough
        request.session = new Session({})
        next()
        return
      }

      const msg = Buffer.allocUnsafe(cipher.length - sodium.crypto_secretbox_MACBYTES)
      if (!sodium.crypto_secretbox_open_easy(msg, cipher, nonce, key)) {
        // unable to decrypt
        request.session = new Session({})
        next()
        return
      }

      request.session = new Session(JSON.parse(msg))
      next()
    })
github maxogden / copydat / client.js View on Github external
var decrypt = through(function (obj, enc, next) {
        var macStart = obj.length - sodium.crypto_secretbox_MACBYTES
        var mac = obj.slice(macStart)
        var data = obj.slice(0, macStart)
        var result = sodium.crypto_secretbox_open_detached(data, data, mac, nonce, key) // in place decryption
        increment(nonce) // security
        if (!result) return next(new Error('the gibson was hacked'))
        next(null, data)
      })
github samuelmaddock / swarm-peer-server / lib / encryption.js View on Github external
exports.encrypt = function (msg, nonce, key) {
  var cipher = Buffer.alloc(msg.length + sodium.crypto_secretbox_MACBYTES)
  sodium.crypto_secretbox_easy(cipher, msg, nonce, key)
  return cipher
}
github mafintosh / sodium-encryption / sodium.js View on Github external
exports.encrypt = function (msg, nonce, key) {
  var cipher = new Buffer(msg.length + sodium.crypto_secretbox_MACBYTES)
  sodium.crypto_secretbox_easy(cipher, msg, nonce, key)
  return cipher
}
github mafintosh / sodium-encryption / sodium.js View on Github external
exports.decrypt = function (cipher, nonce, key) {
  if (cipher.length < sodium.crypto_secretbox_MACBYTES) return null
  var msg = new Buffer(cipher.length - sodium.crypto_secretbox_MACBYTES)
  if (!sodium.crypto_secretbox_open_easy(msg, cipher, nonce, key)) return null
  return msg
}
github samuelmaddock / swarm-peer-server / lib / encryption.js View on Github external
exports.decrypt = function (cipher, nonce, key) {
  if (cipher.length < sodium.crypto_secretbox_MACBYTES) return null
  var msg = Buffer.alloc(cipher.length - sodium.crypto_secretbox_MACBYTES)
  if (!sodium.crypto_secretbox_open_easy(msg, cipher, nonce, key)) return null
  return msg
}

sodium-native

Low level bindings for libsodium

GitHub
MIT
Latest version published 2 months ago

Package Health Score

89 / 100
Full package analysis

Popular sodium-native functions

Similar packages