Comments (7)
That's right, I was overly enthusiastic when I've seen the word: stream
in the library, turns out I need to keep digging.
To confirm all that, I've just received an official response from the maintainer which confirms that in fact streaming isn't supported.
jedisct1/libsodium#1255 (comment)
Since this issue isn't really related to: libsodium_dart_bindings
I think I am going to close that one.
Thank you for your help on this.
from libsodium_dart_bindings.
This example works: #11 (comment), so I am going to close this issue.
Sorry for spamming, soon after I've added this, I've managed to find this example.
from libsodium_dart_bindings.
It seems that example above authenticates every message, which seem to be: crypto_secretstream_xchacha20poly1305_TAG_PUSH
behavior as documented in https://libsodium.gitbook.io/doc/secret-key_cryptography/secretstream
I am looking for: crypto_secretstream_xchacha20poly1305_TAG_MESSAGE
behavior. I would like to process stream in chunks, but only process/generate authentication tag at the end.
I am going to play around, but I am definitely lacking the advanced Dart skills to understand the convenience layer around C version of libsodium
.
from libsodium_dart_bindings.
You are on the right path. You can use the SecretStreamPlainMessage to set the tag for every chunk as you please. So, if you want control over that part, use the pushEx
and pullEx
methods. The push
and pull
are simplified wrappers around that api that allow you to operate on simple byte arrays, they exist for convenience.
For examples, have a look at the integration tests, they might help: https://github.com/Skycoder42/libsodium_dart_bindings/blob/main/packages/sodium/test/integration/cases/secret_stream_test_case.dart
from libsodium_dart_bindings.
Thanks for the hint. I am specifically looking at: https://github.com/Skycoder42/libsodium_dart_bindings/blob/main/packages/sodium/test/integration/cases/secret_stream_test_case.dart#L69 as it presents different tag
parameter usage.
I need to say it still doesn't understand it.
There are 6 plainEvents
, that translates to 7 (1 {nonce} + 6) cipherEvents
, that's fine. However when you look closely at the corresponding sizes, every cipherEvent
is 17 bytes longer than the corresponding plainEvent
.
I would've thought that the first two events:
SecretStreamPlainMessage(Uint8List.fromList(const [1, 2, 3])),
SecretStreamPlainMessage(Uint8List.fromList(const [3, 2, 1])),
shouldn't have the authentication tag added at the end, since by default: SecretStreamMessageTag.message
shall be used.
I am going to try it in the underlying C library, as I am not 100% sure that's actually how the: SecretStreamMessageTag.message
is supposed to work.
from libsodium_dart_bindings.
Well, I haven't used C, but rather debugged how C is invoked and it seems that's really what libsodium
returns.
Given their documentation: https://libsodium.gitbook.io/doc/secret-key_cryptography/secretstream, it says: "An authentication tag is added to each encrypted message", it might actually be how it's designed.
I am actually not sure if there is any way to NOT add the authentication tag at the end of the cipher text, every time push is called.
... and if that's the case then the resulting ciphertext isn't a continuous stream really. It's just a concatenation of the individual pairs (ciphertext+tag), which would be compatible with the libsodium
only.
I am also failing to understand what's the difference between: TAG_MESSAGE
and TAG_PUSH
and I've learnt that TAG_FINAL
does nothing else than deletes the state. It's confusing to me, as other encryption libraries have that distinction, which is process
(encrypt/decrypt and not sign) and then doFinal
(encrypt/decrypt remaining bit and then sign/verify)
At this stage I am going to explore more libsodium
functions and perhaps reach out to maintainer for some help.
from libsodium_dart_bindings.
Okay, so it is indeed true that the secret stream is NOT simply a stream cipher - it is a high level protocol to exchange distinct encrypted messages over a reliable channel. The tags can be used to give some control over message separation on that protocol level. It is part of their protocol and cannot be removed.
If you want a classic "cipher stream", then you are out of luck - sodium
does not have such a thing. You can only use the secretBox
APIs, which require you to pass in all the data at once.
from libsodium_dart_bindings.
Related Issues (20)
- How to set SecureKey manually? HOT 1
- Full build for Android version HOT 1
- Cannot read properties of undefined (reading 'then') HOT 2
- please update ffi HOT 2
- sodium.js - Cannot read properties of undefined (reading 'then') HOT 5
- Speed of sodium.crypto.secretBox.easy() etc... HOT 4
- Implement crypto_stream_xchacha20 HOT 1
- FFI failure or SodiumInit timing problem? HOT 9
- Flutter_test Failed to lookup symbol 'sodium_init' HOT 9
- Create `Sodium.runIsolated` method to easily run computation heavy cryptographic operations in an isolate HOT 12
- How does one use AES-GCM? HOT 12
- Sodium.runIsolated breaking flutter run build HOT 2
- build failure: libsodium.so not found on latest update HOT 4
- Implement cryptoSignEd25519SkToSeed (crypto_sign_ed25519_sk_to_seed) HOT 8
- Use chacha20poly1305 instead of xchacha20poly1305_ietf HOT 2
- Secret stream state initialization; Continue interrupted upload of encrypted stream; HOT 3
- How update flutter_sodium 0.2.0 to sodium_libs? HOT 3
- How to create a shared secret using Scalarmult? HOT 6
- Fails to build on Fedora HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from libsodium_dart_bindings.