Lazysodium is a complete Android implementation of the Libsodium library that provides developers with a smooth and effortless cryptography experience.
NOTE: This version removes all the non-free blobs from the original lazysodium-android by Terl.
We created Lazysodium because we really wanted a solid Libsodium compatible Java/Android library that would just work without fuss. We were exasperated and annoyed with current Libsodium implementations as some of them were just poorly maintained and poorly architected.
You can find more info here.
| Name | Short description |
|---|---|
| WordPress | WordPress, one of the largest website builders, has Lazysodium powering their encryption in their Android app. |
| Threema (SaltyRTC) | Threema is a global end-to-end encrypted chatting app and SaltyRTC is their protocol for encryption. |
| OpenHAB | OpenHAB allows you to automate and superpower your home. |
| PayPay | CardPaymentSDK is a card payments library to make payments through several payment methods painless. It uses PayPay as an endpoint to establish a payment security channel. |
| UXBOX | UXBox, the open-source solution for design and prototyping |
| E3DB | An encrypted NoSQL database designed from the ground-up for user privacy and security. |
| ADAMANT | The most private messenger possible. Your device does not store any info. It directly interacts with the blockchain, where every byte is fully-encrypted. |
| Kepler | A small TCP server written in Java powered by Netty, an asynchronous networking library. |
| Regen Ledger | A global marketplace & contracting platform for Earth's ecosystem assets, services, and data. |
| Tezos | The TezosJ SDK library enables plain Java developers to create applications that communicates with Tezos blockchain. |
| Exonum | Exonum Java Binding is a framework for building blockchain applications in Java, powered by Exonum. |
| Paseto | Java Implementation of Platform-Agnostic Security Tokens. |
| Recordo | A super secure diary/journal that provides end to end encryption. |
You can find an up-to-date feature list here.
This is by no means a comprehensive introduction to Lazysodium. Please view the official documentation for a more comprehensive guide.
Lazysodium for Android is available via JitPack.
// Top level build file
repositories {
maven { url "https://jitpack.io" }
}
// Add to dependencies section
dependencies {
implementation "com.github.MuntashirAkon:lazysodium-android:4.3.0@aar"
implementation 'net.java.dev.jna:jna:5.6.0@aar'
}You can now initialise and start encrypting! Please note that this library follows the official libsodium docs closely. You need to use those docs to help you find the functions you need.
// Let's initialise LazySodium, perhaps in an Application class somewhere
LazySodiumAndroid lazySodium = new LazySodiumAndroid(new SodiumAndroid());Let's encrypt! Again, most of them are available on the official libsodium documentation.
// Cast our lazySodium object so we're only using "lazy" methods,
// i.e methods that do the heavy work of encryption.
SecretBox.Lazy secretBoxLazy = (SecretBox.Lazy) lazySodium;
String message = "This is a super secret message.";
// Generate a symmetric key to encrypt the message.
Key key = secretBoxLazy.cryptoSecretBoxKeygen();
// Generate a random nonce.
byte[] nonce = lazySodium.nonce(SecretBox.NONCEBYTES);
// Encrypt now! Now you have a super secure encrypted message
// available in the variable cipher.
String cipher = secretBoxLazy.cryptoSecretBoxEasy(message, nonce, key);Every project is different, you may need to use lower-level APIs to achieve the control you need so you use the Native interface. Or alternatively you just don't want to deal with the details so you stick to the Lazy interface.
Every interface you can cast to is helpfully all in one directory so you can easily pick the functions you need. This isolates your code and prevents you from making mistakes.
Important: If possible, please stick to using either the Native or the Lazy interface. The reason for this is that the Lazy interface defaults to converting everything to hexadecimal whereas the Native interface assumes everything is non-hexadecimal. If you don't know what you're doing, you could end up making mistakes.
You can provide your own encoder as follows:
// Base64MessageEncoder has to implement our MessageEncoder interface
Base64MessageEncoder encoder = new Base64MessageEncoder();
// ... then from now on all Lazy methods will be encoded in Base64.
LazySodiumAndroid lazySodium = new LazySodiumAndroid(new SodiumAndroid(), encoder); See our official documentation to get started.
We also have a Java implementation available at Lazysodium for Java. It has the same API as this library so you can share code easily!