N

NaOH

Strongly-opinionated Swift bindings for libsodium

Name Last Update
ManuallyCreated.xctest/Contents Loading commit data...
NaOH Loading commit data...
NaOH-iOS Loading commit data...
NaOH.xcodeproj Loading commit data...
NaOHTests Loading commit data...
NaOHiOSTestHostApp Loading commit data...
NaOHiOSTestHostAppTests Loading commit data...
libsodium Loading commit data...
.gitignore Loading commit data...
.gitlab-ci.yml Loading commit data...
CHANGELOG.md Loading commit data...
CONTRIBUTING Loading commit data...
Dockerfile Loading commit data...
LICENSE Loading commit data...
README.md Loading commit data...
build.atlock Loading commit data...
build.atpkg Loading commit data...
secrets.fisa Loading commit data...

NaOH (pronounced "sodium hydroxide") is a strongly opinionated Swift binding for the security library libsodium, a fork of DJB's NaCl.

For more information about NaCl, the cryptographic technology inside NaOH, read this whitepaper or djb's paper.

NaOH is the sodium flavor trusted by Nitrogen, FISA, caffeine, and various other projects Drew works on.

What opinions?

  1. No return value checks required. All functions will (preferably) throw or (where that isn't possible) crash the program, rather than allow you to continue on your merry way when e.g. a key is invalid
  2. Actively thwarts buffer overflow exploits.
    1. Keys are protected by guard pages, increasing the chance your program will crash instead of giving up a key
    2. Keys are locked down entirely when not in critical sections, increasing the complexity of an exploitable attack
    3. Critical memory is zeroed-on-free, even with optimizations enabled. Although this currently isn't possible for the library's inputs.

Install

Anarchy Tools compatible Carthage compatible

You can also download an official binary release

Versioning

We don't follow semver. Here's why.

Mailing list

We use discuss.sa