Sealed Box Encryption
Bindings for the crypto_box_seal API. See the libsodium crypto_box_seal docs for more information.
Constants
Buffer lengths (integer)
crypto_box_SEALBYTES
crypto_box_seal
Keypairs can be generated with crypto_box_keypair()
or crypto_box_seed_keypair()
.
sodium.crypto_box_seal(c, m, pk)
Encrypts a message in a sealed box using a throwaway keypair. The c cannot be associated with the sender due to the sender's key being a single use keypair that is overwritten during encryption.
c
should be abuffer
of length at leastm.length + crypto_box_SEALBYTES
m
should be abuffer
of any lengthpk
should be the recipient's public key
crypto_box_seal_open
var bool = sodium.crypto_box_seal_open(m, c, pk, sk)
Decrypts a message encoded with the sealed box method.
m
should be abuffer
of length at leastc.length - crypto_box_SEALBYTES
c
should be abuffer
of length at leastcrypto_box_SEALBYTES
pk
should be the recipient's public keysk
should be the recipient's secret key
Note: The keypair of the recipient is required here, both the public and the secret key. The reason is that, during encryption, the recipient's public key is used to generate the nonce. The throwaway public key generated by the sender is stored in the first crypto_box_PUBLICKEYBYTE
's of the c.