## tweetnacl

## TOC »

### Author

### Description

This egg is a CHICKEN wrapper around TweetNaCl. The C source code for TweetNaCl is included in the egg.

### Usage

(require-extension tweetnacl)

#### Asymmetric Algorithms

`asymmetric-box-primitive`constantA string that briefly describes the algorithm combination used to implement asymmetric cryptographic boxes.

`asymmetric-box-publickeybytes`constantThe size of public keys for asymmetric cryptographic boxes in bytes.

`asymmetric-box-secretkeybytes`constantThe size of private keys for asymmetric cryptographic boxes in bytes.

`asymmetric-box-noncebytes`constantThe size of nonces for asymmetric cryptographic boxes in bytes.

`make-asymmetric-box-keypair``#!optional``entropy-port``current-entropy-port`procedureGenerate a new keypair for asymmetric boxing. Reads data from

`entropy-port`. Returns two blobs representing the new public and secret key.

pksk `m``n`procedureEncrypt and authenticate a message

`m`from secret key`sk`to public key`pk`using nonce`n`for algorithm randomization. The plaintext`m`and the returned ciphertext are represented as strings, the nonce`n`is represented as a`u8vector`.

pksk `c``n`procedureDecrypt and verify a message

`c`from the public key`pk`to the secret key`sk`using nonce`n`for algorithm randomization. The ciphertext`c`and the returned plaintext are represented as strings, the nonce`n`is represented as a`u8vector`. If the authenticity of the message cannot be verified the procedure returns`#f`instead of a string.

`asymmetric-sign-primitive`constantA string that briefly describes the algorithm combination used to implement asymmetric cryptographic signatures.

`asymmetric-sign-publickeybytes`constantThe size of public keys for asymmetric cryptographic signatures in bytes.

`asymmetric-sign-secretkeybytes`constantThe size of private keys for asymmetric cryptographic signatures in bytes.

`make-asymmetric-sign-keypair``#!optional``entropy-port``current-entropy-port`procedureGenerate a new keypair for asymmetric signing. Reads data from

`entropy-port`. Returns two blobs representing the new public and secret key.

sk `m`procedureSign a message

`m`from secret key`sk`to the general public. The plaintext`m`and the returned signature message combination are represented as strings.

pk `sm`procedureDecrypt and verify a message

`sm`from the public key`pk`to the general public. The signature message combination`sm`and the returned plaintext are represented as strings. If the authenticity of the message cannot be verified the procedure returns`#f`instead of a string.

`scalarmult-primitive`constantA string that briefly describes the scalar multiplication algorithm.

`scalarmult-pointbytes`constantThe size of field elements in bytes.

`scalarmult-scalarbytes`constantThe size of scalar values in bytes.

`scalarmult*``n``p`procedureMultiplies the field element

`p`by the scalar`n`and returns a new field element.**Warning:**This is a low-level primitive that should be used with care. Key agreement schemes can be implemented using this function, but the result*does*have inherent algebraic structure and*must*be passed through a hash function before it can be used safely as a cryptographic key.

#### Symmetric Algorithms

`symmetric-box-primitive`constantA string that briefly describes the algorithm combination used to implement symmetric cryptographic boxes.

`symmetric-box-keybytes`constantThe size of shared keys for symmetric cryptographic boxes in bytes.

`symmetric-box-noncebytes`constantThe size of nonces for symmetric cryptographic boxes in bytes.

`make-symmetric-box-key``#!optional``entropy-port``current-entropy-port`procedureGenerate a new key for symmetric boxing. Reads data from

`entropy-port`. Returns a blob representing the new shared key.

`derive-symmetric-box-key``pk``sk`procedureDerive a new key for symmetric boxing from secret key

`sk`to public key`pk`. The results of(symmetric-box (derive-symmetric-box-key pk sk))

and

(asymmetric-box pk sk)

are equivalent. The same holds for the corresponding unbox calls.

k `m``n`procedureEncrypt and authenticate a message

`m`using the shared key`k`and nonce`n`for algorithm randomization. The plaintext`m`and the returned ciphertext are represented as strings, the nonce`n`is represented as a`u8vector`.

k `c``n`procedureDecrypt and verify a message

`c`using the shared key`k`and nonce`n`for algorithm randomization. The ciphertext`c`and the returned plaintext are represented as strings, the nonce`n`is represented as a`u8vector`. If the authenticity of the message cannot be verified the procedure returns`#f`instead of a string.

`symmetric-sign-primitive`constantA string that briefly describes the algorithm combination used to implement symmetric cryptographic one-time signatures.

`symmetric-sign-keybytes`constantThe size of shared keys for symmetric cryptographic one-time signatures in bytes.

`make-symmetric-sign-key``#!optional``entropy-port``current-entropy-port`procedureGenerate a new key for symmetric signing. Reads data from

`entropy-port`. Returns a blob representing the new shared key.

k `m``#!key``tag-only?`procedureSign a message

`m`using the shared key`k`. The plaintext`m`and the returned signature message combination are represented as strings. If`tag-only?`is given and not`#f`, the procedure returns only the message authentication tag as a string rather than a combination of authentication tag and message.

k `sm``#!optional``m`procedureDecrypt and verify a message

`sm`using the shared key`k`. The signature message combination`sm`and the returned plaintext are represented as strings. If the authenticity of the message cannot be verified the procedure returns`#f`instead of a string. If`m`is given and not`#f`it must be a string containing the plaintext of the message and`sm`is expected to only contain the message authentication tag in that case.

#### Pseudo-Random Streams

`random-stream-primitive`constantA string that briefly describes the algorithm combination used to implement pseudo-random streams.

`random-stream-keybytes`constantThe size of shared keys for pseudo-random streams in bytes.

`random-stream-noncebytes`constantThe size of nonces for pseudo-random streams in bytes.

`make-random-stream-key``#!optional``entropy-port``current-entropy-port`procedureGenerate a new key for pseudo-random streams. Reads data from

`entropy-port`. Returns a blob representing the new shared key.

`derive-random-stream-key``pk``sk`procedureDerive a new key for pseudo-random streams from secret key

`sk`to public key`pk`.

`(open-random-stream k n #!optional [limit (expt 2 30)])`procedureOpen a stream of pseudo-random bytes using the shared key

`k`and nonce`n`for algorithm randomization. The stream ends after`limit`bytes, unless`limit`is`#f`or infinity.

`(stream-xor! buffer #!optional [stream (current-input-port)])`procedureDestructively xors the contents of the string

`buffer`with bytes read from`stream`. Returns`buffer`.

`(stream-xor buffer #!optional [stream (current-input-port)])`procedureXors the contents of the string

`buffer`with bytes read from`stream`. Returns a new string holding the result.

#### Miscellaneous

`hash-primitive`constantA string that briefly describes the message digest algorithm.

`hash-bytes`constantThe size of message digests in bytes.

`hash``m`procedureHashes the string

`m`into a message digest. Returns the binary digest as a string.

`current-entropy-port`parameterAn input port connected to an entropy source for key generation.

When compiled on a unix system, this parameter is by default bound to the result of

`(open-input-file "/dev/random")`. When compiled on a windows system, the default value of the parameter is a custom input port that returns bytes produced by RtlGenRandom. On other systems the default value of the parameter will be`#f`and you will have to set it explicitly before key generation functions can be used.To speed up key generation it can be useful to set

`current-entropy-port`to a pseudo-random stream only seeded initially from the system entropy source:(current-entropy-port (open-random-stream (make-random-stream-key) (make-u8vector random-stream-noncebytes 0)))