1. Advisor
  2. sodium-native
  3. functions
  4. sodium-native.crypto_secretbox_NONCEBYTES
View all sodium-native analysis

How to use the sodium-native.crypto_secretbox_NONCEBYTES function in sodium-native

To help you get started, we’ve selected a few sodium-native examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github openkfw / TruBudget / api / src / organization / vault.ts View on Github external
export function vaultToHexString(organizationVaultSecret: string, vault: Vault): string {
  const vaultString = JSON.stringify(vault);
  const plaintextBuffer = Buffer.from(vaultString);

  // The nonce/salt will be prepended to the ciphertext:
  const dataBuffer = Buffer.alloc(
    sodium.crypto_secretbox_NONCEBYTES + sodium.crypto_secretbox_MACBYTES + vaultString.length,
  );

  // A new nonce/salt is used every time the vault is updated:
  const nonceBuffer = dataBuffer.slice(0, sodium.crypto_secretbox_NONCEBYTES);
  sodium.randombytes_buf(nonceBuffer);

  const keyBuffer = toKeyBuffer(organizationVaultSecret);

  const cipherBuffer = dataBuffer.slice(sodium.crypto_secretbox_NONCEBYTES);
  sodium.crypto_secretbox_easy(cipherBuffer, plaintextBuffer, nonceBuffer, keyBuffer);

  return dataBuffer.toString("hex");
}
github openkfw / TruBudget / api / src / lib / symmetricCrypto.ts View on Github external
export function decrypt(
  organizationSecret: string,
  hexEncodedCiphertext: string,
): Result.Type {
  // The nonce/salt is prepended to the actual ciphertext:
  const dataBuffer = Buffer.from(hexEncodedCiphertext, "hex");
  const nonceBuffer = dataBuffer.slice(0, sodium.crypto_secretbox_NONCEBYTES);
  const cipherBuffer = dataBuffer.slice(sodium.crypto_secretbox_NONCEBYTES);

  const keyBuffer = toKeyBuffer(organizationSecret);

  const plaintextBuffer = Buffer.alloc(cipherBuffer.length - sodium.crypto_secretbox_MACBYTES);
  if (!sodium.crypto_secretbox_open_easy(plaintextBuffer, cipherBuffer, nonceBuffer, keyBuffer)) {
    return new DecryptionFailed();
  }

  return plaintextBuffer.toString();
}
github openkfw / TruBudget / api / src / organization / vault.ts View on Github external
export function vaultFromHexString(organizationVaultSecret: string, dataHexString: string): Vault {
  // The nonce/salt is prepended to the actual ciphertext:
  const dataBuffer = Buffer.from(dataHexString, "hex");
  const nonceBuffer = dataBuffer.slice(0, sodium.crypto_secretbox_NONCEBYTES);
  const cipherBuffer = dataBuffer.slice(sodium.crypto_secretbox_NONCEBYTES);

  const keyBuffer = toKeyBuffer(organizationVaultSecret);

  const plaintextBuffer = Buffer.alloc(cipherBuffer.length - sodium.crypto_secretbox_MACBYTES);
  if (!sodium.crypto_secretbox_open_easy(plaintextBuffer, cipherBuffer, nonceBuffer, keyBuffer)) {
    throw Error("Vault decryption failed!");
  }

  const vaultString = plaintextBuffer.toString();
  const vault: Vault = JSON.parse(vaultString);
  return vault;
}
github openkfw / TruBudget / api / src / organization / vault.ts View on Github external
export function vaultFromHexString(organizationVaultSecret: string, dataHexString: string): Vault {
  // The nonce/salt is prepended to the actual ciphertext:
  const dataBuffer = Buffer.from(dataHexString, "hex");
  const nonceBuffer = dataBuffer.slice(0, sodium.crypto_secretbox_NONCEBYTES);
  const cipherBuffer = dataBuffer.slice(sodium.crypto_secretbox_NONCEBYTES);

  const keyBuffer = toKeyBuffer(organizationVaultSecret);

  const plaintextBuffer = Buffer.alloc(cipherBuffer.length - sodium.crypto_secretbox_MACBYTES);
  if (!sodium.crypto_secretbox_open_easy(plaintextBuffer, cipherBuffer, nonceBuffer, keyBuffer)) {
    throw Error("Vault decryption failed!");
  }

  const vaultString = plaintextBuffer.toString();
  const vault: Vault = JSON.parse(vaultString);
  return vault;
}
github maxogden / copydat / index.js View on Github external
function onSocket (sock) {
    var nonce = crypto.randomBytes(sodium.crypto_secretbox_NONCEBYTES)
    sock.write(num2varint(nonce.length))
    sock.write(nonce)
    var rs = tar.pack(dir)

    var encrypt = through(function (obj, enc, next) {
      var mac = new Buffer(sodium.crypto_secretbox_MACBYTES)
      var lenint = num2varint(obj.length + mac.length)
      var newBuf = new Buffer(obj.length) // causes tar header corruption if not used???
      sodium.crypto_secretbox_detached(newBuf, mac, obj, nonce, key) // in place encryption
      increment(nonce) // security
      this.push(lenint)
      this.push(newBuf)
      this.push(mac)
      next()
    })
    pump(rs, encrypt, sock, function (err) {
github openkfw / TruBudget / api / src / lib / symmetricCrypto.ts View on Github external
export function decrypt(
  organizationSecret: string,
  hexEncodedCiphertext: string,
): Result.Type {
  // The nonce/salt is prepended to the actual ciphertext:
  const dataBuffer = Buffer.from(hexEncodedCiphertext, "hex");
  const nonceBuffer = dataBuffer.slice(0, sodium.crypto_secretbox_NONCEBYTES);
  const cipherBuffer = dataBuffer.slice(sodium.crypto_secretbox_NONCEBYTES);

  const keyBuffer = toKeyBuffer(organizationSecret);

  const plaintextBuffer = Buffer.alloc(cipherBuffer.length - sodium.crypto_secretbox_MACBYTES);
  if (!sodium.crypto_secretbox_open_easy(plaintextBuffer, cipherBuffer, nonceBuffer, keyBuffer)) {
    return new DecryptionFailed();
  }

  return plaintextBuffer.toString();
}
github mcollina / fastify-secure-session / index.js View on Github external
function genNonce () {
  var buf = Buffer.allocUnsafe(sodium.crypto_secretbox_NONCEBYTES)
  sodium.randombytes_buf(buf)
  return buf
}
github samuelmaddock / swarm-peer-server / lib / encryption.js View on Github external
exports.nonce = function () {
  return randomBytes(sodium.crypto_secretbox_NONCEBYTES)
}

sodium-native

Low level bindings for libsodium

GitHub
MIT
Latest version published 2 months ago

Package Health Score

89 / 100
Full package analysis

Popular sodium-native functions

Similar packages