dart_sodium 1.1.2

  • Readme
  • Changelog
  • Installing
  • 16

This is an easy to use wrapper for libsodium (version 1.0.18). It resembles the original interface (while being in compliance with Dart's naming conventions) and uses object-orientation where it makes sense.

As for now dart_sodium offers the following features:

  • password hashing
  • message authentication and signing
  • symmetric authenticated encryption
  • asymmetric authenticated encryption

Please notice that this is work in progress and has been done to the best of my abilities. This has not been reviewed by external security professionals. If you are one please feel free to review and test this library in any way you see fit. I am new to open source and I see forward to any feedback.

How to Use #

Unfortunately pub doesn't have any solution for dealing with native dependencies yet. Dart resolves all paths to dynamic libraries relative to the main executable. Therefore you have to download a pre-build library for your system and use its path to initialize dart_sodium: https://libsodium.gitbook.io/doc/installation

For example when libsodium is in the root directory of your application:

init("./libsodium");

Omit the platform specific extension which will be determined by the runtime.

1.0.0 #

  • Stable API for the most common functions
  • Different functionalities (like password hashing or authentication) are in their own mini-library
  • OO interface to hide pointers
  • Updated examples and tests

1.1.1 #

  • unite similar features into more compact libraries
  • implement public-key-cryptography for authenticated encryption and signing

1.1.2 #

  • clear out some pontential memory leaks
  • add bindings for secure memory
  • use memory locks to secure secret keys

Use this package as a library

1. Depend on it

Add this to your package's pubspec.yaml file:


dependencies:
  dart_sodium: ^1.1.2

2. Install it

You can install packages from the command line:

with pub:


$ pub get

Alternatively, your editor might support pub get. Check the docs for your editor to learn more.

3. Import it

Now in your Dart code, you can use:


import 'package:dart_sodium/dart_sodium.dart';
  
Popularity:
Describes how popular the package is relative to other packages. [more]
0
Health:
Code health derived from static analysis. [more]
0
Maintenance:
Reflects how tidy and up-to-date the package is. [more]
80
Overall:
Weighted score of the above. [more]
16
Learn more about scoring.

We analyzed this package on Dec 9, 2019, and provided a score, details, and suggestions below. Analysis was completed with status completed using:

  • Dart: 2.6.1
  • pana: 0.12.21

Health issues and suggestions

Fix lib/src/box.dart. (-100 points)

Analysis of lib/src/box.dart failed with 51 errors, including:

line 33 col 9: The method 'allocate' isn't defined for the class 'Box'.

line 35 col 9: The method 'allocate' isn't defined for the class 'Box'.

line 45 col 20: The method 'free' isn't defined for the class 'Pointer'.

line 46 col 20: The method 'free' isn't defined for the class 'Pointer'.

line 71 col 33: The method 'allocate' isn't defined for the class 'Box'.

Fix lib/src/secretstream.dart. (-99.76 points)

Analysis of lib/src/secretstream.dart failed with 21 errors, including:

line 13 col 35: The method 'allocate' isn't defined for the class 'StreamEncryptor'.

line 18 col 14: The method 'free' isn't defined for the class 'Pointer'.

line 32 col 19: The method 'allocate' isn't defined for the class 'StreamEncryptor'.

line 33 col 18: The method 'allocate' isn't defined for the class 'StreamEncryptor'.

line 46 col 14: The method 'free' isn't defined for the class 'Pointer'.

Fix lib/src/sign.dart. (-99.76 points)

Analysis of lib/src/sign.dart failed with 21 errors, including:

line 18 col 9: The method 'allocate' isn't defined for the class 'Signer'.

line 20 col 9: The method 'allocate' isn't defined for the class 'Signer'.

line 30 col 20: The method 'free' isn't defined for the class 'Pointer'.

line 31 col 20: The method 'free' isn't defined for the class 'Pointer'.

line 42 col 35: The method 'allocate' isn't defined for the class 'Signer'.

Fix additional 8 files with analysis or formatting issues. (-481.90 points)

Additional issues in the following files:

  • lib/src/secretbox.dart (10 errors)
  • lib/src/auth.dart (7 errors)
  • lib/src/ffi_helper.dart (5 errors)
  • lib/src/pwhash.dart (4 errors)
  • lib/src/bindings/secretstream.dart (2 errors)
  • lib/src/bindings/sign.dart (2 errors)
  • lib/src/helpers.dart (2 errors)
  • lib/src/random.dart (1 error)

Maintenance issues and suggestions

Fix platform conflicts. (-20 points)

Low code quality prevents platform classification.

Dependencies

Package Constraint Resolved Available
Direct dependencies
Dart SDK >=2.2.0 <3.0.0
Dev dependencies
pedantic ^1.0.0
test ^1.0.0