npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

node-salsa20

v0.2.2

Published

pure javascript implemented salsa20 cipher

Downloads

643

Readme

Salsa20 in pure JS for Node and Browser

Designed by Daniel J. Bernstein, Salsa20 is a stream cipher constructed with a hashing-alike function. This file provides a pure JavaScript implemented Salsa20 encrypt/decryptor.

Despite its name, the package currently works both within browser and node.js thanks browserify.

This library currently provides a seek function for setting counter values. It's possible to start stream encryption at any given counter state.

WARNING: This module is written by someone who have no rich experiences in programming with JavaScript. The algorithm is partially verified against the specification, but other security vulnerabilities will possibly exists. The code is NOT reviewed by any cryptographer! Use this at your own risk, you have been warned!

And also note, that this module is licensed under GPLv3.

Usage

node-salsa20 is initialized with a parameter on desired double-rounds, default is 10. If denoted as Salsa20/20, there will be 20 rounds, or 10 double-rounds used internally. This paramter is given during initialization:

const Salsa20 = require("node-salsa20");

const encryptor1 = new Salsa20({ doubleRounds: 10 }); // or
const encryptor2 = new Salsa20({ rounds: 20 });

// there are other reduced versions, for example:
//   new Salsa20({ rounds: 12 }), effectively the same as 
//   new Salsa20({ doubleRounds: 6 })

Due to a limitation by using the Salsa20 core function published on website, which has 2 rounds in each loop, node-salsa20 will not attempt to implement/accept rounds of odd number, e.g. Salsa20/5. This can be achieved if interests exist.

To set up an instance, first call the key method and then nonce:

encryptor1
    .key(/* Uint8Array of length 16 or 32 bytes */)
    .nonce(/* Uint8Array of length 8 or 16 bytes */)
;

A standard nonce should be 8 bytes. If 16 bytes are provided, the latter 8 bytes will be used for the internal 64-bit counter. It's therefore possible to specify a starting counter value in this way.

It MUST be avoided to use the same (key, nonce) combination for any different messages!

After key and nonce is set, one may use encryptor.encrypt or encryptor.decrypt to encrypt/decrypt data. Both methods are in fact the same, since Salsa20 uses XOR on data and pseudorandom byte stream.

There's a method encryptor.seek(u32_0, u32_1) for setting/resetting the internal counter, which can be called anytime after set-up.

You may also want to view the example.js for examples, and test.salsa20.js for a test under NodeJS against several test vectors.

Known Issues

  1. Sorry for that, but version 0.0.1 has got some errors rendering it incompatible with later versions. This may be a big bad news for you if you've encrypted something with this library :(

References

[1] Another implementation in Javascript at: https://gist.github.com/dchest/4582374

[2] Daniel. J. Bernstein, Salsa20 specification, retrived 2014/05/18 from: http://cr.yp.to/snuffle/spec.pdf