cordova-plugin-minisodium v1.0.0
A minimal sodium plugin for Cordova - for iOS and Android
A minimal build of the libsodium library, as a plugin for Cordova applications on iOS and Android.
Bound methods and constants
Secretbox construction
crypto_secretbox_easycrypto_secretbox_open_easycrypto_secretbox_KEYBYTEScrypto_secretbox_MACBYTEScrypto_secretbox_NONCEBYTES
Public key signatures (Ed25519)
crypto_signcrypto_sign_opencrypto_sign_detachedcrypto_sign_verify_detachedcrypto_sign_keypaircrypto_sign_seed_keypaircrypto_sign_ed25519_sk_to_pkcrypto_sign_ed25519_sk_to_seedcrypto_sign_BYTEScrypto_sign_PUBLICKEYBYTEScrypto_sign_SECRETKEYBYTEScrypto_sign_SEEDBYTES
Key exchange (Curve25519)
crypto_scalarmultcrypto_scalarmult_basecrypto_scalarmult_BYTEScrypto_scalarmult_SCALARBYTES
X25519 (Ed25519 -> Curve25519 conversion)
crypto_sign_ed25519_pk_to_curve25519crypto_sign_ed25519_sk_to_curve25519
Memory-hard password derivation (Scrypt)
crypto_pwhash_scryptsalsa208sha256crypto_pwhash_scryptsalsa208sha256_llcrypto_pwhash_scryptsalsa208sha256_SALTBYTEScrypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVEcrypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE
NOTE: the constants crypto_pwhash_scryptsalsa208sha256_*_SENSITIVE have not been bound. Not that they were forgotten, but it's a design choice. A standard smartphone will most likely be too slow if these constants are used in scrypt. These values are not forbidden though...
Box construction
crypto_box_keypaircrypto_box_easycrypto_box_open_easycrypto_box_PUBLICKEYBYTEScrypto_box_SECRETKEYBYTEScrypto_box_NONCEBYTEScrypto_box_SEEDBYTEScrypto_box_MACBYTES
Sealed box construction
crypto_box_sealcrypto_box_seal_opencrypto_box_SEALBYTES
Generic hashing
crypto_generichashcrypto_generichash_BYTEScrypto_generichash_BYTES_MINcrypto_generichash_BYTES_MAXcrypto_generichash_KEYBYTEScrypto_generichash_KEYBYTES_MINcrypto_generichash_KEYBYTES_MAX
Helper methods
HexString <-> Uint8Array conversion
to_hexfrom_hex
UTF8String <-> Uint8Array conversion
to_stringfrom_string
Base64String <-> Uint8Array conversion
to_base64from_base64
Installation
cordova plugin add cordova-plugin-minisodiumNote: This plugin is not built for Android API levels below 16. To set the minSdkVersion property in your Cordova app (if needed), add the following line in config.xml:
<preference name="android-minSdkVersion" value="16"/>Usage
Once the plugin is installed, all the methods of this plugin are available in window.plugins.MiniSodium.
Results of these methods are not returned, but rather passed to a callback function. The callback function will receive 2 parameters : (err, result), where:
erris an error (either a string or anErrorinstance), defined if an error occurred in the methodresultis the result of the method call (such as a ciphertext, a plaintext, a derived key, a key pair,...). Results are alwaysUint8Arrayinstances, except forkeypairgeneration methods, whereresultis a{pk, sk}object (pkandskare Uint8Array containing the public and private/secret keys respectively)
Raw data parameters (e.g: message, ciphertext, keys, nonces, hashes,...) must provided either as Uint8Array instances or as hexadecimal strings.
The order of parameters in the bound methods is nearly respected (compared to the original libsodium library)
If you have questions about the parameters of the methods, we advise you to read the documentation of the original library
Anyway, here is this plugin's API:
MiniSodium.crypto_secretbox_easy(message, nonce, key, callback)MiniSodium.crypto_secretbox_open_easy(ciphertext, nonce, key, callback)
MiniSodium.crypto_sign_keypair(callback)MiniSodium.crypto_sign_seed_keypair(seed, callback)MiniSodium.crypto_sign(message, secretKey, callback)MiniSodium.crypto_sign_open(signedMessage, publicKey, callback)NOTE: This method passes the message (without the signature) to the callback if the signature is valid. If the signature is invalid it passes0orfalseinsteadMiniSodium.crypto_sign_detached(message, secretKey, callback)MiniSodium.crypto_sign_verify_detached(signature, message, publicKey, callback)NOTE: The result of this method is a boolean. The callback receivestrueor1if the signature is validfalseor0otherwiseMiniSodium.crypto_sign_ed25519_sk_to_seed(secretKey, callback)MiniSodium.crypto_sign_ed25519_sk_to_pk(secretKey, callback)
Ed25519 -> Curve25519 conversion
MiniSodium.crypto_sign_ed25519_pk_to_curve25519(ed25519Pk, callback)MiniSodium.crypto_sign_ed25519_sk_to_curve25519(ed25519Sk, callback)
MiniSodium.crypto_scalarmult_base(n, callback)MiniSodium.crypto_scalarmult(n, p, callback)
MiniSodium.crypto_pwhash_scryptsalsa208sha256(keyLength, password, salt, opsLimit, memLimit, callback)MiniSodium.crypto_pwhash_scryptsalsa208sha256_ll(password, salt, opsLimit, r, p, keyLength, callback)
MiniSodium.crypto_box_keypair(callback)MiniSodium.crypto_box_easy(message, nonce, receiverPk, senderSk, callback)MiniSodium.crypto_box_open_easy(cipher, nonce, senderPk, receiverSk, callback)
MiniSodium.crypto_box_seal(message, receiverPk, callback)MiniSodium.crypto_box_seal_open(message, receiverPk, receiverSk, callback)
MiniSodium.crypto_generichash(hashLength, message, [key], callback)Please note thatkeyis an optional parameter. If omitted, you should putundefinedornullin its place when calling this method
Testing
- Create a Cordova/Phonegap application
- Add the iOS and/or the Android platforms
- Add the testing framework and bind its page as the main page of the app
- Add the following preference in
config.xml
<preference name="android-minSdkVersion" value="16"/>- Add this plugin
- Add this plugin's test cases, by adding the plugin located in the
testsfolder
phonegap plugin add https://github.com/LockateMe/cordova-plugin-minisodium.git#:/testsLicense
MIT license
9 years ago