I'd like crypto_stream_xchacha20 and Point*scalar multiplication to be available

[timshadel]

I'm interested in non-authenticated XChaCha20, for use with SIV. I'm also interested in something a bit lower-level than the kx API. I know both of these fall under the advanced tab, and that those items aren't yet implemented. I don't mind putting together a couple PRs, but I'd like some guidance on how you'd like to have the Advanced items organized (under which objects do they go, etc.) or if you'd rather not offer them at all yet.

[Skycoder42]

Hi. First, if you want to try things out before actually implementing them here, you can use the native bindings to the C-API/JS directly. For example, to use the C-API, you could do:

import 'sodium/sodium.ffi.dart';

final dylib = DynamicLibrary.open('...');
final bindings = LibSodiumFFI(dylib);

final keyBytes = bindings.crypto_stream_chacha20_keybytes()
// ...

This is not really documented yet, but always a good fallback to get to those APIs quickly. See https://github.com/Skycoder42/libsodium_dart_bindings/blob/main/packages/sodium/lib/src/ffi/bindings/libsodium.ffi.dart for the full file - but warning, it's a very big, generated file.

---

Regarding the PRs - I am not sure yet, how I would want to implement them. The crypto_scalarmult would propably just get it's own class below sodium.crypto, simply to keep it where you would expect it coming from the native libsodium. Maybe a "this is an advanced API" comment in the docs? Another option would be to create a CryptoAdvanced class on Sodium that provides these advanced APIs.

Thecrypto_stream_xchacha20 however is a different story, as it would be the first API with an explicit algorithm. My original idea was to have a "generic" crypto_stream_XXX interface that can be implemented by all 4 algorithmic variants and can be accessed via advancedCrypto.streamCiphers.xchacha20 or something like that.

What do you think?

[Skycoder42]

Hi,

I spent another thought at this and came up with the following idea for integrating the advanced APIs. Here is a small draft. All "advanced" interfaces should be placed in lib/src/api/advanced:

class AdvancedStreamCipher {
  // implementation of crypto_stream_XXX
}

class AdvancedSecretStream extends SecretStream {
  AdvancedStreamCipher get chacha20;
  AdvancedStreamCipher get xchacha20;
  // ...
}

class AdvancedScalarMult {
  // implementation of crypto_scalarmult
}

class AdvancedCrypto extends Crypto {
  @override
  AdvancedSecretStream get secretStream;

  AdvancedScalarMult get scalarMult;
}

class AdvancedSodium extends Sodium {
  @override
  AdvancedCrypto get crypto;
}

SodiumInit could then provide an Future<AdvancedSodium> Sodium.initAdvanced (or maybe initSumo, as in the web?) that returns the advanced instance. We could even implement a check in the JS implementation that asserts that the sumo variant is actually beeing used.

[timshadel]

So, if I understand the second draft correctly, you'd go through a whole separate "init" cycle to access the advanced APIs. If that's so I think I really like it. I'd rather have it be really hard to accidentally stray from the safer high level APIs. Am I following your idea correctly?

[Skycoder42]

Yes, exactly

[timshadel]

I'll be working on this on my advanced branch. Feel free to comment along the way.

[Skycoder42]

As the general Advanced APIs have now been implemented in 2.0.0, together with the scalarmult APIs, the crypto_stream_xchacha20 part has been moved to #21 and this issue is closed in favor of the new one