How to use the sodium-native.crypto_generichash function in sodium-native
To help you get started, we’ve selected a few sodium-native examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
chm-diederichs / minisign / minisignTool.js View on Github 
function signContent (content, comment, SKdetails, trustComment, sigAlgorithm = 'Ed') {
var contentToSign
var signatureAlgorithm
if (sigAlgorithm === 'ED') {
var hashedContent = Buffer.alloc(sodium.crypto_generichash_BYTES_MAX)
sodium.crypto_generichash(hashedContent, content)
contentToSign = hashedContent
signatureAlgorithm = Buffer.from(sigAlgorithm)
} else {
contentToSign = content
signatureAlgorithm = Buffer.from(SKdetails.signatureAlgorithm)
}
var signature = Buffer.alloc(sodium.crypto_sign_BYTES)
var globalSignature = Buffer.alloc(sodium.crypto_sign_BYTES)
sodium.crypto_sign_detached(signature, contentToSign, SKdetails.secretKey)
var signatureInfo = Buffer.concat([signatureAlgorithm, SKdetails.keyID, signature])
var untrustedComment = ('untrusted comment: ' + comment + '\n')
var trustedComment = ('trusted comment: ' + trustComment.toString('ascii') + '\n')function getDiscoveryKey(tree) {
var digest = Buffer.alloc(32)
sodium.crypto_generichash(digest, DISCOVERY_HASH, tree)
return digest
}function verifySignature (signature, originalContent, publicKeyInfo) {
var contentSigned
if (signature.signatureAlgorithm.equals(Buffer.from('ED'))) {
var hashedContent = Buffer.alloc(sodium.crypto_generichash_BYTES_MAX)
sodium.crypto_generichash(hashedContent, originalContent)
contentSigned = hashedContent
} else {
contentSigned = originalContent
}
if (!(signature.keyID.equals(publicKeyInfo.keyID))) {
throw new Error("keyID's do not match")
} else {
if (!(sodium.crypto_sign_verify_detached(signature.signature, contentSigned, publicKeyInfo.publicKey))) {
throw new Error('signature verification failed')
} else {
var forGlobalSig = Buffer.concat([signature.signature, Buffer.from(signature.trustedComment)])
if (!(sodium.crypto_sign_verify_detached(signature.globalSignature, forGlobalSig, publicKeyInfo.publicKey))) {
throw new Error('trusted comment cannot be verified')
}
}var publicKey = Buffer.alloc(sodium.crypto_sign_PUBLICKEYBYTES)
var secretKey = Buffer.alloc(sodium.crypto_sign_SECRETKEYBYTES)
var checkSum = Buffer.alloc(sodium.crypto_generichash_BYTES)
sodium.randombytes_buf(kdfSalt)
sodium.crypto_sign_keypair(publicKey, secretKey)
const kdfOpsLimit = sodium.crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_SENSITIVE
const kdfMemLimit = sodium.crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_SENSITIVE
var kdfLimits = Buffer.alloc(16)
kdfLimits.writeUInt32LE(kdfOpsLimit, 0)
kdfLimits.writeUInt32LE(kdfMemLimit, 8)
var checkSumData = Buffer.concat([sigAlgorithm, keyID, secretKey])
sodium.crypto_generichash(checkSum, checkSumData)
var keynumData = Buffer.concat([keyID, secretKey, checkSum])
sodium.sodium_mprotect_readwrite(pwd)
sodium.crypto_pwhash_scryptsalsa208sha256(kdfOutput, pwd, kdfSalt, kdfOpsLimit, kdfMemLimit)
sodium.sodium_memzero(pwd)
sodium.sodium_mprotect_noaccess(pwd)
var keynumSK = xor(kdfOutput, keynumData)
return {
publicKey,
sigAlgorithm,
keyID,
kdfAlgorithm,
cksumAlgorithm,
kdfSalt,
kdfLimits,function hashArray (list) {
var out = Buffer.alloc(32)
sodium.crypto_generichash(out, Buffer.from(list.join('\n')))
return out.toString('hex')
}function getDiscoveryKey(tree) {
var digest = new Buffer(32)
sodium.crypto_generichash(digest, DISCOVERY_HASH, tree)
return digest
}function discoveryKey (publicKey) {
const buf = Buffer.alloc(32)
const str = Buffer.from('noise-network')
sodium.crypto_generichash(buf, str, publicKey)
return buf
}var publicKey = Buffer.alloc(sodium.crypto_sign_PUBLICKEYBYTES)
var secretKey = Buffer.alloc(sodium.crypto_sign_SECRETKEYBYTES)
var checkSum = Buffer.alloc(sodium.crypto_generichash_BYTES)
var fullComment = Buffer.from('untrusted comment: ' + comment + '\n')
const kdfOpsLimit = sodium.crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_SENSITIVE
const kdfMemLimit = sodium.crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_SENSITIVE
sodium.randombytes_buf(keyID)
sodium.randombytes_buf(kdfSalt)
sodium.crypto_sign_keypair(publicKey, secretKey)
var checksumData = Buffer.concat([Buffer.from(sigAlgorithm), keyID, secretKey])
sodium.crypto_generichash(checkSum, checksumData)
var keynumData = Buffer.concat([keyID, secretKey, checkSum])
sodium.crypto_pwhash_scryptsalsa208sha256(kdfOutput, Buffer.from(pwd), kdfSalt, kdfOpsLimit, kdfMemLimit)
var keynumSK = xor(kdfOutput, keynumData)
var algorithmInfo = Buffer.from(sigAlgorithm + kdfAlgorithm + cksumAlgorithm)
var kdfLimits = Buffer.from(kdfOpsLimit.toString() + kdfMemLimit.toString())
var SKinfo = Buffer.from(Buffer.concat([algorithmInfo, kdfSalt, kdfLimits, keynumSK]).toString('base64'))
return {
publicKey,
keyID,
fullComment,
SKinfo
}
}
Popular sodium-native functions
- sodium-native.crypto_box_SEALBYTES
- sodium-native.crypto_generichash
- sodium-native.crypto_hash_sha256
- sodium-native.crypto_pwhash_async
- sodium-native.crypto_pwhash_SALTBYTES
- sodium-native.crypto_secretbox_easy
- sodium-native.crypto_secretbox_KEYBYTES
- sodium-native.crypto_secretbox_MACBYTES
- sodium-native.crypto_secretbox_NONCEBYTES
- sodium-native.crypto_secretbox_open_easy
- sodium-native.crypto_sign_BYTES
- sodium-native.crypto_sign_detached
- sodium-native.crypto_sign_keypair
- sodium-native.crypto_sign_PUBLICKEYBYTES
- sodium-native.crypto_sign_SECRETKEYBYTES
- sodium-native.crypto_sign_seed_keypair
- sodium-native.crypto_sign_verify_detached
- sodium-native.randombytes_buf
- sodium-native.sodium_malloc
- sodium-native.sodium_mprotect_noaccess