Expand description
Functions for the core crypto.
Modules§
- curve25519xsalsa20poly1305
crypto_box_curve25519xsalsa20poly1305
, a particular combination of Curve25519, Salsa20, and Poly1305 specified in Cryptography inNaCl
.- pwhash
- Password Hashing
- secretbox
- Secret-key authenticated encryption
- sha256
SHA-256
.- sha512
SHA-512
.
Structs§
- Nonce
Nonce
for asymmetric authenticated encryption- Precomputed
Key - Applications that send several messages to the same receiver can gain speed by
splitting
seal()
into two steps,precompute()
andseal_precomputed()
. Similarly, applications that receive several messages from the same sender can gain speed by splittingopen()
into two steps,precompute()
andopen_precomputed()
. - Public
Key PublicKey
for asymmetric authenticated encryption- Secret
Key SecretKey
for asymmetric authenticated encryption- Seed
Seed
that can be used for keypair generation- Tag
- Authentication
Tag
for the detached encryption mode
Constants§
- MACBYTES
- Number of bytes in the authenticator tag of an encrypted message i.e. the number of bytes by which the ciphertext is larger than the plaintext.
- NONCEBYTES
- Number of bytes in a
Nonce
. - PRECOMPUTEDKEYBYTES
- Number of bytes in a
PrecomputedKey
. - PUBLICKEYBYTES
- Number of bytes in a
PublicKey
. - SECRETKEYBYTES
- Number of bytes in a
SecretKey
. - SEEDBYTES
- Number of bytes in a
Seed
.
Functions§
- crypto_
init - Run before using crypto.
- decrypt_
data_ symmetric - Returns plain data from
encrypted
, with length ofencrypted - 16
due to padding, or()
if data couldn’t be decrypted. - digest_
as_ pk - Convert sha256
Digest
toPublicKey
type. - encrypt_
data_ symmetric - Returns encrypted data from
plain
, with length ofplain + 16
due to padding. - encrypt_
precompute - Precomputes the shared key from
their_public_key
andour_secret_key
. - gen_
keypair gen_keypair()
randomly generates a secret key and a corresponding public key.- gen_
nonce gen_nonce()
randomly generates a nonce- increment_
nonce - Inrement given nonce by 1.
- increment_
nonce_ number - Inrement given nonce by number
num
. - keypair_
from_ seed key_pair_from_seed()
deterministically derives a key pair from a single key seed (crypto_box_SEEDBYTES bytes).- open
open()
verifies and decrypts a ciphertextc
using the receiver’s secret keysk
, the senders public keypk
, and a noncen
. It returns a plaintextOk(m)
. If the ciphertext fails verification,open()
returnsErr(())
.- open_
detached open_detached()
verifies and decrypts a ciphertextc
using the receiver’s secret keysk
, the senders public keypk
, and a noncen
.c
is decrypted in place, so if this function is successful it will contain the plaintext. If the ciphertext fails verification,open_detached()
returnsErr(())
, and the ciphertext is not modified.- open_
detached_ precomputed open_detached_precomputed()
verifies and decrypts a ciphertextc
using a precomputed keyk
and a noncen
.c
is decrypted in place, so if this function is successful it will contain the plaintext. If the ciphertext fails verification,open_detached()
returnsErr(())
, and the ciphertext is not modified.- open_
precomputed open_precomputed()
verifies and decrypts a ciphertextc
using a precomputed keyk
and a noncen
. It returns a plaintextOk(m)
. If the ciphertext fails verification,open_precomputed()
returnsErr(())
.- pk_
as_ digest - Convert
PublicKey
to sha256Digest
type. - precompute
precompute()
computes an intermediate key that can be used byseal_precomputed()
andopen_precomputed()
- public_
key_ valid - Check if Tox public key
PUBLICKEYBYTES
is valid. Should be used only for input validation. - random_
limit_ usize - Return unbiased random number from
[0, limit)
interval. - random_
u32 - Return a random number.
- random_
u64 - Return a random number.
- random_
usize - Return a random number.
- randombytes_
into randombytes_into()
fills a bufferbuf
with random data.- seal
seal()
encrypts and authenticates a messagem
using the senders secret keysk
, the receivers public keypk
and a noncen
. It returns a ciphertextc
.- seal_
detached seal_detached()
encrypts and authenticates a messagem
using the senders secret keysk
, the receivers public keypk
and a noncen
.m
is encrypted in place, so after this function returns it will contain the ciphertext. The detached authentication tag is returned by value.- seal_
detached_ precomputed seal_detached_precomputed()
encrypts and authenticates a messagem
using a precomputed keyk
and a noncen
.m
is encrypted in place, so after this function returns it will contain the ciphertext. The detached authentication tag is returned by value.- seal_
precomputed seal_precomputed()
encrypts and authenticates a messagem
using a precomputed keyk
, and a noncen
. It returns a ciphertextc
.