FastifySession SodiumCrypto

Features

Fast sodium-based crypto for @mgcrea/fastify-session

• Support both encrypted stateless sessions and signed stateful session with an external store.
• Relies on sodium-native (aka. libsodium) to perform crypto.
• Built with TypeScript for static type checking with exported types along the library.

Benefits: Libsodium vs. OpenSSL

Node.js uses OpenSSL as its default SSL/TLS implementation. Libsodium and OpenSSL are both popular libraries used for cryptographic operations, but they have different design philosophies and features. The pros of using Libsodium are:

• Easy-to-use API: Libsodium is designed to be simple and easy to use. Its API is more straightforward than OpenSSL's, which can help prevent implementation errors and improve code maintainability.
• Modern cryptography: Libsodium focuses on modern, secure, and high-performance cryptographic algorithms, such as ChaCha20, Poly1305, and Ed25519. These algorithms are considered more secure and efficient than some older algorithms supported by OpenSSL.
• Side-channel attack resistance: Libsodium emphasizes protection against side-channel attacks like timing attacks, which can reveal sensitive information through indirect means.
• Minimal configuration: Libsodium requires minimal configuration to use securely, which can help reduce the likelihood of security issues caused by misconfigurations.
• Constant-time implementations: Libsodium is designed with constant-time implementations to prevent timing attacks, a concern with some OpenSSL functions.

Usage

1npm install @mgcrea/fastify-session @mgcrea/fastify-session-sodium-crypto --save
2# or
3pnpm add @mgcrea/fastify-session @mgcrea/fastify-session-sodium-crypto

Generate keys

Copy a freshly generated secretKey from the bundled cli:

1npx fastify-session-sodium-crypto generate-keypair

Stateful signed session with an external store

Leveraging an external store, the session id (generated with nanoid) is signed using a secret-key with libsodium's crytpo_auth

1import createFastify, { FastifyInstance, FastifyServerOptions } from "fastify";
2import fastifyCookie from "fastify-cookie";
3import fastifySession from "@mgcrea/fastify-session";
4import { SODIUM_AUTH } from "@mgcrea/fastify-session-sodium-crypto";
5
6const SESSION_KEY = "Egb/g4RUumlD2YhWYfeDlm5MddajSjGEBhm0OW+yo9s="; // generated secretKey from the cli
7const SESSION_TTL = 864e3; // 1 day in seconds
8const REDIS_URI = process.env.REDIS_URI || "redis://localhost:6379/1";
9
10export const buildFastify = (options?: FastifyServerOptions): FastifyInstance => {
11  const fastify = createFastify(options);
12
13  fastify.register(fastifyCookie);
14  fastify.register(fastifySession, {
15    key: Buffer.from(SESSION_KEY, "base64"),
16    crypto: SODIUM_AUTH,
17    store: new RedisStore({ client: new Redis(REDIS_URI), ttl: SESSION_TTL }),
18    cookie: { maxAge: SESSION_TTL },
19  });
20
21  return fastify;
22};

Stateless encrypted session without a store

No external store required, the entire session data is encrypted using a secret-key with libsodium's crypto_secretbox_easy

Here we used a secret instead of providing a key, key derivation will happen automatically on startup.

1import createFastify, { FastifyInstance, FastifyServerOptions } from "fastify";
2import fastifyCookie from "fastify-cookie";
3import fastifySession from "@mgcrea/fastify-session";
4import { SODIUM_SECRETBOX } from "@mgcrea/fastify-session-sodium-crypto";
5
6const SESSION_TTL = 864e3; // 1 day in seconds
7
8export const buildFastify = (options?: FastifyServerOptions): FastifyInstance => {
9  const fastify = createFastify(options);
10
11  fastify.register(fastifyCookie);
12  fastify.register(fastifySession, {
13    secret: "a secret with minimum length of 32 characters",
14    crypto: SODIUM_SECRETBOX,
15    cookie: { maxAge: SESSION_TTL },
16  });
17
18  return fastify;
19};

Benchmarks

Session crypto sealing

1node --experimental-specifier-resolution=node --loader=ts-paths-esm-loader/transpile-only --no-warnings test/benchmark/cryptoSeal.ts

1SODIUM_SECRETBOX#sealJson x 333,747 ops/sec ±0.62% (91 runs sampled)
2SODIUM_AUTH#sealJson x 376,300 ops/sec ±0.50% (89 runs sampled)
3HMAC#sealJson x 264,292 ops/sec ±3.13% (85 runs sampled)
4Fastest is SODIUM_AUTH#sealJson

Session crypto unsealing

1node --experimental-specifier-resolution=node --loader=ts-paths-esm-loader/transpile-only --no-warnings test/benchmark/cryptoUnseal.ts

1SODIUM_SECRETBOX#unsealJson x 424,297 ops/sec ±0.69% (86 runs sampled)
2SODIUM_AUTH#unsealJson x 314,736 ops/sec ±0.96% (89 runs sampled)
3HMAC#unsealJson x 145,037 ops/sec ±5.67% (78 runs sampled)
4Fastest is SODIUM_SECRETBOX#unsealJson

Authors

• Olivier Louvignes <olivier@mgcrea.io>

Credits

Heavily inspired from

• fastify-secure-session by Matteo Collina
• fastify-session by Denis Fäcke
• express-session by Douglas Wilson

License

1The MIT License
2
3Copyright (c) 2023 Olivier Louvignes <olivier@mgcrea.io>
4
5Permission is hereby granted, free of charge, to any person obtaining a copy
6of this software and associated documentation files (the "Software"), to deal
7in the Software without restriction, including without limitation the rights
8to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9copies of the Software, and to permit persons to whom the Software is
10furnished to do so, subject to the following conditions:
11
12The above copyright notice and this permission notice shall be included in
13all copies or substantial portions of the Software.
14
15THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
21THE SOFTWARE.