flutter_sodium 0.0.6 flutter_sodium: ^0.0.6 copied to clipboard
Flutter bindings for libsodium, a modern, easy-to-use crypto library.
flutter_sodium #
With flutter_sodium you get access to the modern, easy-to-use libsodium crypto library in your Flutter apps. One set of crypto APIs supporting both Android and iOS.
API coverage #
At this point in time flutter_sodium implements the following high-level libsodium APIs:
- crypto_aead
- crypto_auth
- crypto_box
- crypto_generichash
- crypto_kdf
- crypto_kx
- crypto_onetimeauth
- crypto_pwhash
- crypto_scalarmult
- crypto_secretbox
- crypto_shorthash
- crypto_sign
- randombytes
- sodium_version
Dart APIs #
The plugin includes a core API that maps native libsodium functions 1:1 to Dart equivalents. The core API is available in the class Sodium
. Dart naming conventions are used for core API function names. A native libsodium function such as crypto_pwhash_str
, is available in flutter as Sodium.cryptoPwhashStr
.
Also included in flutter_sodium is a high-level, opinionated API providing access to libsodium in a Dart friendly manner. The various functions are available in separate Dart classes. Password hashing for example is available in the PasswordHash
class.
The high-level API depends on the core API to get things done.
Getting Started #
In your flutter project add the dependency:
dependencies:
...
flutter_sodium: any
Important: For iOS you'll need to manually update the Podfile in your ios project.
Usage example #
import 'package:flutter_sodium/flutter_sodium.dart';
// Password hashing (using Argon)
final password = 'my password';
final str = await PasswordHash.hashStorage(password);
print(str);
// verify hash str
final valid = await PasswordHash.verifyStorage(str, password);
assert(valid);
Example app #
This project includes an extensive example app with runnable code samples. Be sure to check it out!
Current issues #
- The following APIs are not available on Android:
- detached mode of both original and ietf variants of crypto_aead_chacha20poly1305
- crypto_aead_xchacha20poly1305
- crypto_kdf
- crypto_pwhash_str_needs_rehash
- crypto_sign streaming APIs
- randombytes_buf_deterministic
- Using flutter_sodium in iOS doesn't work right out of the box. Manual installation steps are required.
- Since Flutter does not support native binaries, a platform channel is established to enable native function invocation. One side effect of this approach is that the entire flutter_sodium API is asynchronous. This is great for potential long-running operations such as Argon password hashing, but does not make much sense for other short-running functions.