-
Notifications
You must be signed in to change notification settings - Fork 85
Home
- Frequently Asked Questions about RbNaCl
- Projects Using RbNaCl
Secret-key encryption works like a safe: you can put information inside of a "SecretBox", and anyone with the combination can open it.
NaCl's public-key encryption works similarly to GPG: anyone can publish a public key, and if you have someone's public key, you can put messages into a "Box", but once closed, only the holder of the private key can open it.
In the real world, signatures help uniquely identify people because everyone's signature is unique. Digital signatures work similarly in that they are unique to holders of a private key, but unlike real world signatures, digital signatures are unforgeable.
HMAC provides hash-based [message authentication codes]((http://en.wikipedia.org/wiki/Message_authentication_code), the symmetric equivalent to digital signatures. Anyone who knows a particular secret value can use that value to generate MACs or verify the authenticity of a MAC for a given message.
Cryptographic hash functions compute a secure, fixed-length output from an arbitrarily long input. These functions are designed to keep the actual data being hashed confidential.
Direct access to the Curve25519 elliptic curve Diffie-Hellman function that underlies NaCl's public-key cryptography
Direct access to the Poly1305 one-time MAC function used by RbNaCl::Box and RbNaCl::SecretBox to authenticate messages
Miscellaneous features which can be used in conjunction with the cryptographic features:
- Random number generation
- Constant-time string comparison
Learn how to test your RbNaCl projects under Travis CI
- RbNaCl::Box: Authenticated public-key encryption
- RbNaCl::PrivateKey: Private keys for RbNaCl::Box
- RbNaCl::PublicKey: Public keys for RbNaCl::Box
- RbNaCl::SigningKey: Create digital signatures
- RbNaCl::VerifyKey: Verify digital signatures
- RbNaCl::HMAC::SHA256: Create 256-bit MACs with SHA256
- RbNaCl::HMAC::SHA512256: Create 256-bit MACs with SHA512
- RbNaCl::Hash: Compute SHA256/512 and Blake2b digests
- RbNaCl::GroupElement: Raw access to NaCl's Curve25519 elliptic curve cryptography
*NOTE: crypto is really, really, really, really, really hard