Module dryoc::classic::crypto_box [−][src]
Expand description
Authenticated public-key cryptography functions
Implements libsodium’s public-key authenticated crypto boxes.
For details, refer to libsodium docs.
Classic API example
use dryoc::classic::crypto_box::*;
use dryoc::constants::CRYPTO_BOX_MACBYTES;
use dryoc::types::*;
// Create a random sender keypair
let (sender_pk, sender_sk) = crypto_box_keypair();
// Create a random recipient keypair
let (recipient_pk, recipient_sk) = crypto_box_keypair();
// Generate a random nonce
let nonce = Nonce::gen();
let message = "hello".as_bytes();
// Encrypt message
let mut ciphertext = vec![0u8; message.len() + CRYPTO_BOX_MACBYTES];
crypto_box_easy(&mut ciphertext, message, &nonce, &recipient_pk, &sender_sk)
.expect("encrypt failed");
// Decrypt message
let mut decrypted_message = vec![0u8; ciphertext.len() - CRYPTO_BOX_MACBYTES];
crypto_box_open_easy(
&mut decrypted_message,
&ciphertext,
&nonce,
&sender_pk,
&recipient_sk,
)
.expect("decrypt failed");
assert_eq!(message, decrypted_message);Functions
Computes a shared secret for the given public_key and private_key.
Resulting shared secret can be used with the precalculation interface.
Detached variant of crypto_box_easy.
Precalculation variant of
crypto_box_easy.
In-place variant of crypto_box_detached_afternm.
In-place variant of crypto_box_detached.
Encrypts message with recipient’s public key recipient_public_key,
sender’s secret key sender_secret_key, and nonce. The result is placed
into ciphertext which must be the length of the message plus
CRYPTO_BOX_MACBYTES bytes, for the message tag.
Encrypts message with recipient’s public key recipient_public_key and
sender’s secret key sender_secret_key using nonce in-place in data,
without allocated additional memory for the message.
Generates a public/secret key pair using OS provided data using
rand_core::OsRng.
In-place variant of crypto_box_keypair
Detached variant of crypto_box_open_easy.
Precalculation variant of crypto_box_open_easy.
In-place variant of crypto_box_open_detached_afternm.
In-place variant of crypto_box_open_detached.
Decrypts ciphertext with recipient’s secret key recipient_secret_key and
sender’s public key sender_public_key using nonce.
Decrypts ciphertext with recipient’s secret key recipient_secret_key and
sender’s public key sender_public_key with nonce in-place in data,
without allocated additional memory for the message.
Encrypts message with recipient’s public key recipient_public_key, using
an ephemeral keypair and nonce. The length of ciphertext must be the
length of the message plus CRYPTO_BOX_SEALBYTES bytes for the message
tag and ephemeral public key.
Decrypts a sealed box from ciphertext with recipient’s secret key
recipient_secret_key, placing the result into message. The nonce and
public are derived from ciphertext. message length should be equal to
the length of ciphertext minus CRYPTO_BOX_SEALBYTES bytes for the
message tag and ephemeral public key.
Deterministically derives a keypair from seed, which can be of arbitrary
length.
In-place variant of crypto_box_seed_keypair