Portable, secure by default cryptography.
Important: This library is not a substitution for well seasoned TLS implementations and only exists as a supplementary means of offering cryptographic primitives. Make sure you understand the limitations of each function before you use them.
Project state: Unstable, we're still working on the API and used algorithms.
||Browsers with WebCrypto support|
|AES-GCM||Message and iv encryption (authenticated)|
|X25519+PBKDF2||Key exchange (KEX)|
Confidentiality will be released using semantic versioning. Releases on the a new major release may introduce algorithm changes that are not compatible with releases on previous major releases. New major versions may be compatible with older releases, unless there are security concerns for supporting older algorithms.
0 major release has no promise of backward compatibility and are used to
field test algorithm changes.
sign(message, key) -> signed message
verify(signed message, key) -> [error]
Using Elliptive Curve Diffie-Helman (ECDH) key exchange.
exchange(readable & writable stream) -> key
encrypt(message, key) -> encrypted message
decrypt(encypted message, key) -> message
Using AES-128-GCM for IV hand over and AES-128-CTR for stream encryption.
encrypter(writable stream, key) -> writable stream
decrypter(readable stream, key) -> readable stream
Secure a stream
Performs a key exchange and switches to encrypted/decrypted streams for writing/reading to/from the stream.
secure(readable & writable stream) -> readable & writable stream