Home (original) (raw)
- Frequently Asked Questions about RbNaCl
- Projects Using RbNaCl
- Installing libsodium - how to install the library RbNaCl provides FFI bindings to
Easier-to-Use Cryptography*
SimpleBox
Confused about cryptography? Don't know which primitive to choose? Do you have no idea what a nonce is? No worries!
SimpleBox puts cryptography on Rails. Think of it as omakase cryptography: all of the hard decisions have been made for you, providing the simplest API available while still providing the best cryptographic guarantees you are going to get out of a Ruby library, period.
Secret-key Encryption
Secret-key encryption works like a safe: you can put information inside of a "SecretBox", and anyone with the combination can open it.
Public-key Encryption
NaCl's public-key encryption works similarly to GPG: anyone can publish a public key, and if you have someone's public key, you can put messages into a "Box", but once closed, only the holder of the private key can open it.
Digital Signatures
In the real world, signatures help uniquely identify people because everyone's signature is unique. Digital signatures work similarly in that they are unique to holders of a private key, but unlike real world signatures, digital signatures are unforgeable.
HMAC
HMAC provides hash-based message authentication codes, the symmetric equivalent to digital signatures. Anyone who knows a particular secret value can use that value to generate MACs or verify the authenticity of a MAC for a given message.
Hash Functions
Cryptographic hash functions compute a secure, fixed-length output from an arbitrarily long input. These functions are designed to keep the actual data being hashed confidential.
Password Hashing
Hash functions specifically designed for the purposes of deriving cryptographic keys or password storage that is resistant to brute force.
Power-User Cryptography
Scalar Multiplication
Direct access to the Curve25519 elliptic curve Diffie-Hellman function that underlies NaCl's public-key cryptography
One-time Authentication
Direct access to the Poly1305 one-time MAC function used by RbNaCl::Box and RbNaCl::SecretBox to authenticate messages
Additional Features
Random Number Generation
Create secure random numbers without screwing it up!
Utilities
Miscellaneous features which can be used in conjunction with the cryptographic features:
- Constant-time string comparison
YARD API Documentation
Secret-Key Encryption
- RbNaCl::SecretBox (alias to RbNaCl::SecretBoxes::XSalsa20Poly1305)
- RbNaCl::AEAD::ChaCha20Poly1305IETF: ChaCha20Poly1305 AEAD stream cipher (preferred IETF variant)
- RbNaCl::AEAD::ChaCha20Poly1305Legacy: ChaCha20Poly1305 AEAD stream cipher (obsolete pre-IETF variant)
Public-Key Encryption
- RbNaCl::Box: Authenticated public-key encryption
- RbNaCl::PrivateKey: Private keys for RbNaCl::Box
- RbNaCl::PublicKey: Public keys for RbNaCl::Box
Digital Signatures
- RbNaCl::SigningKey: Create digital signatures
- RbNaCl::VerifyKey: Verify digital signatures
HMAC
- RbNaCl::HMAC::SHA256: Create 256-bit MACs with SHA256
- RbNaCl::HMAC::SHA512256: Create 256-bit MACs with SHA512
Hash Functions
- RbNaCl::Hash: Compute SHA256/512 and Blake2b digests
Password Hashing Functions
- RbNaCl::PasswordHash: Compute hashes for passwords that are designed to be resistant to brute force attacks
Scalar Multiplication
- RbNaCl::GroupElement: Raw access to NaCl's Curve25519 elliptic curve cryptography
*NOTE: crypto is really, really, really, really, really hard