## tweetnacl

### Author

### Description

This egg is a CHICKEN wrapper around TweetNaCl. The C source code for TweetNaCl is included in the egg.

### Usage

(require-extension tweetnacl)

#### Asymmetric Algorithms

`asymmetric-box-primitive`constantA string that briefly describes the algorithm combination used to implement asymmetric cryptographic boxes.

`asymmetric-box-publickeybytes`constantThe size of public keys for asymmetric cryptographic boxes in bytes.

`asymmetric-box-secretkeybytes`constantThe size of private keys for asymmetric cryptographic boxes in bytes.

`asymmetric-box-noncebytes`constantThe size of nonces for asymmetric cryptographic boxes in bytes.

`make-asymmetric-box-keypair``#!optional``entropy-port``current-entropy-port`procedureGenerate a new keypair for asymmetric boxing. Reads data from

`entropy-port`. Returns two blobs representing the new public and secret key.

pksk `m``n`procedureEncrypt and authenticate a message

`m`from secret key`sk`to public key`pk`using nonce`n`for algorithm randomization. The plaintext`m`and the returned ciphertext are represented as strings, the nonce`n`is represented as a`u8vector`.

pksk `c``n`procedureDecrypt and verify a message

`c`from the public key`pk`to the secret key`sk`using nonce`n`for algorithm randomization. The ciphertext`c`and the returned plaintext are represented as strings, the nonce`n`is represented as a`u8vector`. If the authenticity of the message cannot be verified the procedure returns`#f`instead of a string.

`asymmetric-sign-primitive`constantA string that briefly describes the algorithm combination used to implement asymmetric cryptographic signatures.

`asymmetric-sign-publickeybytes`constantThe size of public keys for asymmetric cryptographic signatures in bytes.

`asymmetric-sign-secretkeybytes`constantThe size of private keys for asymmetric cryptographic signatures in bytes.

`make-asymmetric-sign-keypair``#!optional``entropy-port``current-entropy-port`procedureGenerate a new keypair for asymmetric signing. Reads data from

`entropy-port`. Returns two blobs representing the new public and secret key.

sk `m`procedureSign a message

`m`from secret key`sk`to the general public. The plaintext`m`and the returned signature message combination are represented as strings.

pk `sm`procedureDecrypt and verify a message

`sm`from the public key`pk`to the general public. The signature message combination`sm`and the returned plaintext are represented as strings. If the authenticity of the message cannot be verified the procedure returns`#f`instead of a string.

#### Symmetric Algorithms

`symmetric-box-primitive`constantA string that briefly describes the algorithm combination used to implement symmetric cryptographic boxes.

`symmetric-box-keybytes`constantThe size of shared keys for symmetric cryptographic boxes in bytes.

`symmetric-box-noncebytes`constantThe size of nonces for symmetric cryptographic boxes in bytes.

`make-symmetric-box-key``#!optional``entropy-port``current-entropy-port`procedureGenerate a new key for symmetric boxing. Reads data from

`entropy-port`. Returns a blobs representing the new shared key.

k `m``n`procedureEncrypt and authenticate a message

`m`using the shared key`k`and nonce`n`for algorithm randomization. The plaintext`m`and the returned ciphertext are represented as strings, the nonce`n`is represented as a`u8vector`.

k `c``n`procedureDecrypt and verify a message

`c`using the shared key`k`and nonce`n`for algorithm randomization. The ciphertext`c`and the returned plaintext are represented as strings, the nonce`n`is represented as a`u8vector`. If the authenticity of the message cannot be verified the procedure returns`#f`instead of a string.

`symmetric-sign-primitive`constantA string that briefly describes the algorithm combination used to implement symmetric cryptographic one-time signatures.

`symmetric-sign-keybytes`constantThe size of shared keys for symmetric cryptographic one-time signatures in bytes.

`make-symmetric-sign-key``#!optional``entropy-port``current-entropy-port`procedureGenerate a new key for symmetric signing. Reads data from

`entropy-port`. Returns a blob representing the new shared key.

k `m``#!key``tag-only?`procedureSign a message

`m`using the shared key`k`. The plaintext`m`and the returned signature message combination are represented as strings. If`tag-only?`is given and not`#f`, the procedure returns only the message authentication tag as a string rather than a combination of authentication tag and message.

k `sm``#!optional``m`procedureDecrypt and verify a message

`sm`using the shared key`k`. The signature message combination`sm`and the returned plaintext are represented as strings. If the authenticity of the message cannot be verified the procedure returns`#f`instead of a string. If`m`is given and not`#f`it must be a string containing the plaintext of the message and`sm`is expected to only contain the message authentication tag in that case.

#### Miscellaneous

`hash-primitive`constantA string that briefly describes the message digest algorithm.

`hash-bytes`constantThe size of message digests in bytes.

`hash``m`procedureHashes the string

`m`into a message digest. Returns the binary digest as a string.

`current-entropy-port`parameterAn input port connected to an entropy source for key generation. When compiled on a unix system, this parameter is by default bound to the result of

`(open-input-file "/dev/random")`. When compiled on a windows system, the default value of the parameter is a custom input port that returns bytes produced by RtlGenRandom. On other systems the default value of the parameter will be`#f`and you will have to set it explicitly before key generation functions can be used.