Module crypto_secretbox

Authenticated encryption functions

Implements libsodium’s secret-key authenticated crypto boxes.

For details, refer to libsodium docs.

Classic API example

use dryoc::classic::crypto_secretbox::{
    Key, Nonce, crypto_secretbox_easy, crypto_secretbox_keygen, crypto_secretbox_open_easy,
};
use dryoc::constants::{CRYPTO_SECRETBOX_MACBYTES, CRYPTO_SECRETBOX_NONCEBYTES};
use dryoc::rng::randombytes_buf;
use dryoc::types::*;

let key: Key = crypto_secretbox_keygen();
let nonce = Nonce::gen();

let message = "I Love Doge!";

// Encrypt
let mut ciphertext = vec![0u8; message.len() + CRYPTO_SECRETBOX_MACBYTES];
crypto_secretbox_easy(&mut ciphertext, message.as_bytes(), &nonce, &key)
    .expect("encrypt failed");

// Decrypt
let mut decrypted = vec![0u8; ciphertext.len() - CRYPTO_SECRETBOX_MACBYTES];
crypto_secretbox_open_easy(&mut decrypted, &ciphertext, &nonce, &key).expect("decrypt failed");

assert_eq!(decrypted, message.as_bytes());

Functions

crypto_secretbox_detached

Detached version of crypto_secretbox_easy.

crypto_secretbox_easy

Encrypts message with nonce and key.

crypto_secretbox_easy_inplace

Encrypts message with nonce and key in-place, without allocating additional memory for the ciphertext.

crypto_secretbox_keygen

Generates a random key using copy_randombytes.

crypto_secretbox_keygen_inplace

In-place variant of crypto_secretbox_keygen

crypto_secretbox_open_detached

Detached version of crypto_secretbox_open_easy.

crypto_secretbox_open_easy

Decrypts ciphertext with nonce and key.

crypto_secretbox_open_easy_inplace

Decrypts ciphertext with nonce and key in-place, without allocating additional memory for the message.

Type Aliases

Key

Key (or secret) for secret key authenticated boxes.

Mac

Secret box message authentication code.

Nonce

Nonce for secret key authenticated boxes.