class RbNaCl::Boxes::SealedBox

Sealed boxes are designed to anonymously send messages to a recipient given its public key.

Only the recipient can decrypt these messages, using its private key. While the recipient can verify the integrity of the message, it cannot verify the identity of the sender.

A message is encrypted using an ephemeral key pair, whose secret part is destroyed right after the encryption process.

Without knowing the secret key used for a given message, the sender cannot decrypt its own message later. And without additional data, a message cannot be correlated with the identity of its sender.

Public Class Methods

from_private_key(private_key) click to toggle source

Create a new Sealed Box for encrypting

Sets up the Box for encryoption of new messages.

@param private_key [String,RbNaCl::PrivateKey] The private key to decrypt with

@raise [RbNaCl::LengthError] on invalid keys

@return [RbNaCl::SealedBox] The new Box, ready to use

# File lib/rbnacl/boxes/sealed.rb, line 68
def self.from_private_key(private_key)
  new(nil, private_key)
end
from_public_key(public_key) click to toggle source

Create a new Sealed Box for decrypting

Sets up the Box for decrytoption of new messages.

@param public_key [String,RbNaCl::PublicKey] The public key to encrypt to

@raise [RbNaCl::LengthError] on invalid keys

@return [RbNaCl::SealedBox] The new Box, ready to use

# File lib/rbnacl/boxes/sealed.rb, line 81
def self.from_public_key(public_key)
  new(public_key, nil)
end
new(public_key, private_key = nil) click to toggle source

WARNING: you should strongly prefer the from_private_key/from_public_key class methods.

Create a new Sealed Box

Sets up the Box for deriving the shared key and encrypting and decrypting messages.

@param public_key [String,RbNaCl::PublicKey] The public key to encrypt to @param private_key [String,RbNaCl::PrivateKey] The private key to decrypt with

@raise [RbNaCl::LengthError] on invalid keys

@return [RbNaCl::SealedBox] The new Box, ready to use

# File lib/rbnacl/boxes/sealed.rb, line 47
def initialize(public_key, private_key = nil)
  unless private_key.nil?
    @private_key = private_key.is_a?(PrivateKey) ? private_key : PrivateKey.new(private_key)
    raise IncorrectPrimitiveError unless @private_key.primitive == primitive

    public_key = @private_key.public_key if public_key.nil?
  end

  @public_key = public_key.is_a?(PublicKey) ? public_key : PublicKey.new(public_key)
  raise IncorrectPrimitiveError unless @public_key.primitive == primitive
end

Public Instance Methods

box(message) click to toggle source

Encrypts a message

@param message [String] The message to be encrypted.

@raise [RbNaCl::CryptoError] If the encrytion fails.

@return [String] The ciphertext (BINARY encoded)

# File lib/rbnacl/boxes/sealed.rb, line 92
def box(message)
  # No padding needed.
  msg = message # variable name to match other RbNaCl code.
  # ensure enough space in result
  ct  = Util.zeros(msg.bytesize + SEALBYTES)

  success = self.class.box_seal(ct, msg, msg.bytesize, @public_key.to_s)
  raise CryptoError, "Encryption failed" unless success

  ct
end
Also aliased as: encrypt
decrypt(ciphertext)
Alias for: open
encrypt(message)
Alias for: box
open(ciphertext) click to toggle source

Decrypts a ciphertext

@param ciphertext [String] The message to be decrypted.

@raise [RbNaCl::CryptoError] If no private key is available. @raise [RbNaCl::CryptoError] If the ciphertext cannot be authenticated.

@return [String] The decrypted message (BINARY encoded)

# File lib/rbnacl/boxes/sealed.rb, line 113
def open(ciphertext)
  raise CryptoError, "Decryption failed. No private key." unless @private_key

  ct = ciphertext
  raise CryptoError, "Decryption failed. Ciphertext failed verification." if ct.bytesize < SEALBYTES

  message = Util.zeros(ct.bytesize - SEALBYTES)

  success = self.class.box_seal_open(message, ct, ct.bytesize, @public_key.to_s, @private_key.to_s)
  raise CryptoError, "Decryption failed. Ciphertext failed verification." unless success

  message
end
Also aliased as: decrypt
primitive() click to toggle source

The crypto primitive for the box class

@return [Symbol] The primitive used

# File lib/rbnacl/boxes/sealed.rb, line 131
def primitive
  self.class.primitive
end