Request for SecretStream encryption/decryption example about libsodium_dart_bindings HOT 7 CLOSED

That's right, I was overly enthusiastic when I've seen the word: stream in the library, turns out I need to keep digging.
To confirm all that, I've just received an official response from the maintainer which confirms that in fact streaming isn't supported.
jedisct1/libsodium#1255 (comment)

Since this issue isn't really related to: libsodium_dart_bindings I think I am going to close that one.

Thank you for your help on this.

from libsodium_dart_bindings.

This example works: #11 (comment), so I am going to close this issue.
Sorry for spamming, soon after I've added this, I've managed to find this example.

from libsodium_dart_bindings.

It seems that example above authenticates every message, which seem to be: crypto_secretstream_xchacha20poly1305_TAG_PUSH behavior as documented in https://libsodium.gitbook.io/doc/secret-key_cryptography/secretstream

I am looking for: crypto_secretstream_xchacha20poly1305_TAG_MESSAGE behavior. I would like to process stream in chunks, but only process/generate authentication tag at the end.

I am going to play around, but I am definitely lacking the advanced Dart skills to understand the convenience layer around C version of libsodium.

from libsodium_dart_bindings.

You are on the right path. You can use the SecretStreamPlainMessage to set the tag for every chunk as you please. So, if you want control over that part, use the pushEx and pullEx methods. The push and pull are simplified wrappers around that api that allow you to operate on simple byte arrays, they exist for convenience.

For examples, have a look at the integration tests, they might help: https://github.com/Skycoder42/libsodium_dart_bindings/blob/main/packages/sodium/test/integration/cases/secret_stream_test_case.dart

from libsodium_dart_bindings.

Thanks for the hint. I am specifically looking at: https://github.com/Skycoder42/libsodium_dart_bindings/blob/main/packages/sodium/test/integration/cases/secret_stream_test_case.dart#L69 as it presents different tag parameter usage.
I need to say it still doesn't understand it.

There are 6 plainEvents, that translates to 7 (1 {nonce} + 6) cipherEvents, that's fine. However when you look closely at the corresponding sizes, every cipherEvent is 17 bytes longer than the corresponding plainEvent.
I would've thought that the first two events:

SecretStreamPlainMessage(Uint8List.fromList(const [1, 2, 3])),
SecretStreamPlainMessage(Uint8List.fromList(const [3, 2, 1])),

shouldn't have the authentication tag added at the end, since by default: SecretStreamMessageTag.message shall be used.

I am going to try it in the underlying C library, as I am not 100% sure that's actually how the: SecretStreamMessageTag.message is supposed to work.

from libsodium_dart_bindings.

Well, I haven't used C, but rather debugged how C is invoked and it seems that's really what libsodium returns.
Given their documentation: https://libsodium.gitbook.io/doc/secret-key_cryptography/secretstream, it says: "An authentication tag is added to each encrypted message", it might actually be how it's designed.

I am actually not sure if there is any way to NOT add the authentication tag at the end of the cipher text, every time push is called.
... and if that's the case then the resulting ciphertext isn't a continuous stream really. It's just a concatenation of the individual pairs (ciphertext+tag), which would be compatible with the libsodium only.

I am also failing to understand what's the difference between: TAG_MESSAGE and TAG_PUSH and I've learnt that TAG_FINAL does nothing else than deletes the state. It's confusing to me, as other encryption libraries have that distinction, which is process (encrypt/decrypt and not sign) and then doFinal (encrypt/decrypt remaining bit and then sign/verify)

At this stage I am going to explore more libsodium functions and perhaps reach out to maintainer for some help.

from libsodium_dart_bindings.

Okay, so it is indeed true that the secret stream is NOT simply a stream cipher - it is a high level protocol to exchange distinct encrypted messages over a reliable channel. The tags can be used to give some control over message separation on that protocol level. It is part of their protocol and cannot be removed.

If you want a classic "cipher stream", then you are out of luck - sodium does not have such a thing. You can only use the secretBox APIs, which require you to pass in all the data at once.

from libsodium_dart_bindings.