Sign Up for Free

RunKit +

Try any Node.js package right in your browser

This is a playground to test code. It runs a full Node.js environment and already has all of npm’s 400,000 packages pre-installed, including chacha-js with all npm packages installed. Try it out:

var chachaJs = require("chacha-js")

This service is provided by RunKit and is not affiliated with npm, Inc or the package authors.

chacha-js v2.1.1

Fork of Calvin Metcalf's ChaCha20 Poly1305 auth cipher as pure Javascript only

ChaCha Build Status

ChaCha20 Poly1305 implementation based on this repo, test vectors are from this ietf draft and boringssl. Note there are 2 versions of the chacha20/poly1305 aead, an earlier draft and a modified version with a longer nonce, shorter counter and different tag generation. This is the more recent version, boringssl implemented the older version which is also included.

By default in node it attempts to use native bindings and falls back to using the pure js implimentation. In the browser it defaults to the pure js one. To use the pure js one in node require('/chacha/browser');.


var chacha = require('chacha');

ChaCha20 Poly1305

var cipher =  chacha.createCipher(key, nonce);
var decipher =  chacha.createDecipher(key, nonce);

Create a cipher object by passing it a 256 bit key and 96 bit nonce, API is identical to crypto.createCipheriv()/createDecipheriv in node >= 11 with a gcm mode, in other words, e.g.

cipher.setAAD(nonencrypteddata);// must be called before data
var tag = cipher.getAuthTag();// must be called after finish or end

decipher.setAAD(nonencrypteddata);// must be called before data
decipher.setAuthTag(tag);// must be called before data

decipher with throw if you don't set a tag or the tag doesn't match. See the node docs for more info (the iv length for gcm is also 96 bit fyi).


var cipher =  chacha.chacha(key, nonce);

The API is identical to a cipher/decipher object in node >= 10. Encryption and decryption are the same.


var hmac =  chacha.createHmac(key);

API is identical to an hmac in node, so it's a stream with update and digest methods.

Legacy Aead

A variant version of the aead that is compatible with boringssl.

var cipher =  new chacha.AeadLegacy(key, nonce);
var decipher =  new chacha.AeadLegacy(key, nonce, true);

The third parameter is whether it should decipher, otherwise identical to createCipher/createDecipher. Doesn't implement variable length tags.

RunKit is a free, in-browser JavaScript dev environment for prototyping Node.js code, with every npm package installed. Sign up to share your code.
Sign Up for Free