## tweetnacl

### Author

### Description

This egg is a CHICKEN wrapper around TweetNaCl. The C source code for TweetNaCl is included in the egg.

### Usage

(require-extension tweetnacl)

#### Asymmetric Algorithms

`asymmetric-box-primitive`constantA string that briefly describes the algorithm combination used to implement asymmetric cryptographic boxes.

`asymmetric-box-publickeybytes`constantThe size of public keys for asymmetric cryptographic boxes in bytes.

`asymmetric-box-secretkeybytes`constantThe size of private keys for asymmetric cryptographic boxes in bytes.

`asymmetric-box-noncebytes`constantThe size of nonces for asymmetric cryptographic boxes in bytes.

`(make-asymmetric-box-keypair [entropy-port (current-entropy-port)])`procedureGenerate a new keypair for asymmetric boxing. Reads data from

`entropy-port`. Returns two blobs representing the new public and secret key.

`((asymmetric-box pk sk) m n)`procedureEncrypt and authenticate a message

`m`from secret key`sk`to public key`pk`using nonce`n`for algorithm randomization. The plaintext`m`and the returned ciphertext are represented as strings, the nonce`n`is represented as a`u8vector`.

`((asymmetric-unbox pk sk) c n)`procedureDecrypt and verify a message

`c`from the public key`pk`to the secret key`sk`using nonce`n`for algorithm randomization. The ciphertext`c`and the returned plaintext are represented as strings, the nonce`n`is represented as a`u8vector`. If the authenticity of the message cannot be verified the procedure returns`#f`instead of a string.

`asymmetric-sign-primitive`constantA string that briefly describes the algorithm combination used to implement asymmetric cryptographic signatures.

`asymmetric-sign-publickeybytes`constantThe size of public keys for asymmetric cryptographic signatures in bytes.

`asymmetric-sign-secretkeybytes`constantThe size of private keys for asymmetric cryptographic signatures in bytes.

`(make-asymmetric-sign-keypair [entropy-port (current-entropy-port)])`procedureGenerate a new keypair for asymmetric signing. Reads data from

`entropy-port`. Returns two blobs representing the new public and secret key.

`((asymmetric-sign sk) m)`procedureSign a message

`m`from secret key`sk`to the general public. The plaintext`m`and the returned signature message combination are represented as strings.

`((asymmetric-verify pk) sm)`procedureDecrypt and verify a message

`sm`from the public key`pk`to the general public. The signature message combination`sm`and the returned plaintext are represented as strings. If the authenticity of the message cannot be verified the procedure returns`#f`instead of a string.

#### Symmetric Algorithms

`symmetric-box-primitive`constantA string that briefly describes the algorithm combination used to implement symmetric cryptographic boxes.

`symmetric-box-keybytes`constantThe size of shared keys for symmetric cryptographic boxes in bytes.

`symmetric-box-noncebytes`constantThe size of nonces for symmetric cryptographic boxes in bytes.

`(make-symmetric-box-key [entropy-port (current-entropy-port)])`procedureGenerate a new key for symmetric boxing. Reads data from

`entropy-port`. Returns a blobs representing the new shared key.

`((symmetric-box k) m n)`procedureEncrypt and authenticate a message

`m`using the shared key`k`and nonce`n`for algorithm randomization. The plaintext`m`and the returned ciphertext are represented as strings, the nonce`n`is represented as a`u8vector`.

`((symmetric-unbox k) c n)`procedureDecrypt and verify a message

`c`using the shared key`k`and nonce`n`for algorithm randomization. The ciphertext`c`and the returned plaintext are represented as strings, the nonce`n`is represented as a`u8vector`. If the authenticity of the message cannot be verified the procedure returns`#f`instead of a string.

`symmetric-sign-primitive`constantA string that briefly describes the algorithm combination used to implement symmetric cryptographic one-time signatures.

`symmetric-sign-keybytes`constantThe size of shared keys for symmetric cryptographic one-time signatures in bytes.

`(make-symmetric-sign-key [entropy-port (current-entropy-port)])`procedureGenerate a new key for symmetric signing. Reads data from

`entropy-port`. Returns a blob representing the new shared key.

`((symmetric-sign k) m #!key tag-only?)`procedureSign a message

`m`using the shared key`k`. The plaintext`m`and the returned signature message combination are represented as strings. If`tag-only?`is given and not`#f`, the procedure returns only the message authentication tag as a string rather than a combination of authentication tag and message.

`((symmetric-verify k) sm #!optional m)`procedureDecrypt and verify a message

`sm`using the shared key`k`. The signature message combination`sm`and the returned plaintext are represented as strings. If the authenticity of the message cannot be verified the procedure returns`#f`instead of a string. If`m`is given and not`#f`it must be a string containing the plaintext of the message and`sm`is expected to only contain the message authentication tag in that case.

#### Miscellaneous

`hash-primitive`constantA string that briefly describes the message digest algorithm.

`hash-bytes`constantThe size of message digests in bytes.

`(hash m)`procedureHashes the string

`m`into a message digest. Returns the binary digest as a string.

`current-entropy-port`parameterAn input port connected to an entropy source for key generation. When compiled on a unix system, this parameter is by default bound to the result of

`(open-input-file "/dev/random")`. When compiled on a windows system, the default value of the parameter is a custom input port that returns bytes produced by RtlGenRandom. On other systems the default value of the parameter will be`#f`and you will have to set it explicitly before key generation functions can be used.