class Sodium::CryptoBox::SecretKey

Overview

You may either send encrypted signed messages using "Authenticated encryption" or encrypt unsigned messages using "Sealed Boxes".

For signing without encryption see Sodium::Sign::SecretKey.

Authenticated encryption

https://libsodium.gitbook.io/doc/public-key_cryptography/authenticated_encryption

Usage:

bob = Sodium::CryptoBox::SecretKey.new
alice = Sodium::CryptoBox::SecretKey.new
message = "hi"

# Encrypt and sign a message from bob to alice's public_key
bob.box alice.public_key do |box|
  ciphertext = box.encrypt message
end

Sealed Boxes

https://libsodium.gitbook.io/doc/public-key_cryptography/sealed_boxes

Usage:

secret_key = Sodium::CryptoBox::SecretKey.new
public_key = secret_key.public_key

ciphertext = public_key.encrypt message
secret_key.decrypt ciphertext

Defined in:

sodium/crypto_box/secret_key.cr

Constant Summary

KEY_SIZE = LibSodium.crypto_box_secretkeybytes.to_i
SEAL_SIZE = LibSodium.crypto_box_sealbytes.to_i
SEED_SIZE = LibSodium.crypto_box_seedbytes.to_i

Constructors

Instance Method Summary

Instance methods inherited from class Sodium::Key

to_slice : Bytes to_slice

Instance methods inherited from module Sodium::Wipe

close close, finalize finalize

Constructor Detail

def self.new(sbuf : SecureBuffer, pkey : Bytes? = nil) #

Use existing secret and public keys.

Takes ownership of an existing key in a SecureBuffer. Recomputes the public key from a secret key if missing.


[View source]
def self.new(bytes : Bytes, pkey : Bytes? = nil) #

Use existing secret and public keys.

Copies secret key to a SecureBuffer. Recomputes the public key from a secret key if missing.


[View source]
def self.new #

Generate a new random secret/public key pair.


[View source]
def self.new(*, seed : Bytes, erase = false) #

Derive a new secret/public key pair based on a consistent seed.

Copies seed to a SecureBuffer.


[View source]
def self.new(*, seed : SecureBuffer) #

Derive a new secret/public key pair based on a consistent seed.


[View source]

Instance Method Detail

def box(public_key) : CryptoBox #

Return a Box containing a precomputed shared secret for use with authenticated encryption/decryption.


[View source]
def box(public_key, &) #

Create a new box and automatically close when the block exits.


[View source]
def decrypt(src, dst : Bytes? = nil) : Bytes #

Anonymously receive messages without a signature.

For authenticated messages use secret_key.box(recipient_public_key).decrypt.

Optionally supply a destination buffer.


[View source]
def decrypt_string(src, dst : Bytes? = nil) : String #

Anonymously receive messages without a signature.

For authenticated messages use secret_key.box(recipient_public_key).decrypt.

Optionally supply a destination buffer.


[View source]
def public_key : PublicKey #

[View source]
def seed #

[View source]
def to_slice : Bytes #

Returns key


[View source]