1 | # chloride
|
2 |
|
3 | Chloride is a Cryptography Library (Cl) for javascript enviroments.
|
4 |
|
5 | ## about
|
6 |
|
7 | Chloride decends from Dan J. Bernstein's [NaCl](http://nacl.cr.yp.to/) library ("Networking And Cryptography Library",
|
8 | not to be confused with the other NaCl, google's Native Client)
|
9 | djb wrote nacl, but did not maintain it, some ideas in the library (in particular the networking part)
|
10 | wasn't really fully baked, and the best parts where taken and maintained as [libsodium](http://libsodium.org)
|
11 | (although "Na" represents the element sodium, so they took the wrong part of the acronym)
|
12 |
|
13 | chloride is a compatibility layer that gives you bindings to [libsodium](https://npm.im/sodium) when used in node.js,
|
14 | and either the [libsodium-wrappers](https://npm.im/libsodium-wrappers) which is libsodium compiled to javascript via [emscripten](http://kripken.github.io/emscripten-site/)
|
15 | if performance is important but code size isn't.
|
16 | Or, if you are not doing many crypto operations, it uses
|
17 | [tweetnacl](https://www.npmjs.com/package/tweetnacl), which is a handwritten
|
18 | port, and 1/10 the size of libsodium-wrappers.
|
19 |
|
20 | ## support
|
21 |
|
22 | I have wrapped and tested enough functions for my crypto modules to work.
|
23 |
|
24 | * [private-box](https://github.com/auditdrivencrypto/private-box) write a shortish message to multiple recipients.
|
25 | * [pull-box-stream](https://github.com/dominictarr/pull-box-stream) encrypt (every byte in) a one-way stream.
|
26 | * [secret-handshake](https://github.com/dominictarr/secret-handshake) create an authenticated private channel to a public key.
|
27 |
|
28 | This is probably everything you need, nacl doesn't have a very large api, so this is probably everything.
|
29 |
|
30 | ## do i need performance or code size?
|
31 |
|
32 | nacl was written with performance in mind, unfortunately a lot of that is lost when you compile it to javascript.
|
33 | However, chloride still has the fastest _javascript_ elliptic curve signature that I am aware of.
|
34 | (and asymmetric crypto is much slower than symmetric, so this is always the weak point)
|
35 |
|
36 | If you are only doing a symmetric ciphers (crypto_box) or a signature or two,
|
37 | then performance is probably not a problem. If you are veryify _many_ signatures,
|
38 | performance _may_ be a problem. Bear in mind that an asymetric operation
|
39 | (sign, verify, scalarmult, keygen) are usually 50 times slower than a symmetric operation,
|
40 | say a hash.
|
41 |
|
42 | See [sodiumperf](https://github.com/dominictarr/sodiumperf) performance comparisons.
|
43 |
|
44 | to run chloride in performance mode, load via
|
45 |
|
46 | ``` js
|
47 | var chloride = require('chloride')
|
48 | ```
|
49 | to run in low size mode
|
50 |
|
51 | ``` js
|
52 | var chloride = require('chloride/small')
|
53 | ```
|
54 |
|
55 | This only applies to enviroments that only support javascript.
|
56 | If you are running this on the server and could compile sodium,
|
57 | then you have the same fast crypto either way.
|
58 |
|
59 | ## License
|
60 |
|
61 | MIT
|