TweetNaCl Bindings

Synopsis

(import (crypto tweetnacl))

Bindings to the TweetNaCl library of cryptographic operations.

Keys

record: key

procedure: (key? any)

procedure: (make-key algorithm public secret)

procedure: (key-algorithm key)

procedure: (public-key key)

procedure: (secret-key key)

Keys are represented by record instances that hold an algorithm name, a public key bytevector and a secret key bytevector. Depending on the algorithm and intended use of the key, either the public or secret component may be #f.

procedure: (check-key who algorithm any)

Ensures that the given value is a key with the given algorithm name and returns the key. If the value does not pass the check, an error condition is raised that contains a &who condition indicating the given location.

Asymmetric Boxes

constant: asymmetric-box-algorithm

The name of the asymmetric box algorithm.

constant: asymmetric-box-publickeybytes

constant: asymmetric-box-secretkeybytes

constant: asymmetric-box-noncebytes

Byte lengths of algorithm parameters.

procedure: (make-asymmetric-box-key)

procedure: (make-asymmetric-box-key port)

Generate a new keypair using entropy from the given port or from (current-entropy-port).

procedure: ((asymmetric-box pk sk) data nonce)

procedure: ((asymmetric-unbox pk sk) data nonce)

Perform key agreement and return boxing and unboxing procedures.

Asymmetric Signatures

constant: asymmetric-sign-algorithm

The name of the asymmetric signature algorithm.

constant: asymmetric-sign-publickeybytes

constant: asymmetric-sign-secretkeybytes

Byte lengths of algorithm parameters.

procedure: (make-asymmetric-sign-key)

procedure: (make-asymmetric-sign-key port)

Generate a new keypair using entropy from the given port or from (current-entropy-port).

procedure: ((asymmetric-sign sk) data)

procedure: ((asymmetric-verify pk) data)

Create signature and verification procedures.

Symmetric Boxes

constant: symmetric-box-algorithm

The name of the symmetric box algorithm.

constant: symmetric-box-keybytes

constant: symmetric-box-noncebytes

Byte lengths of algorithm parameters.

procedure: (make-symmetric-box-key)

procedure: (make-symmetric-box-key port)

Generate a new key using entropy from the given port or from (current-entropy-port).

procedure: (derive-symmetric-box-key pk sk)

Derive a symmetric box key through an asymmetric box key agreement.

procedure: ((symmetric-box k) data nonce)

procedure: ((symmetric-unbox k) data nonce)

Create boxing and unboxing procedures.

Symmetric Signatures

constant: symmetric-sign-algorithm

The name of the symmetric signature algorithm.

constant: symmetric-sign-keybytes

Byte lengths of algorithm parameters.

procedure: (make-symmetric-sign-key)

procedure: (make-symmetric-sign-key port)

Generate a new key using entropy from the given port or from (current-entropy-port).

procedure: ((symmetric-sign k) data)

procedure: ((symmetric-verify k) data)

Create signature and verification procedures.

Pseudo-Random Streams

constant: random-stream-algorithm

The name of the pseudo-random number generator algorithm.

constant: random-stream-keybytes

constant: random-stream-noncebytes

Byte lengths of algorithm parameters.

procedure: (make-random-stream-key)

procedure: (make-random-stream-key port)

Generate a new key using entropy from the given port or from (current-entropy-port).

procedure: (derive-random-stream-key pk sk)

Derive a pseudo-random stream key through an asymmetric box key agreement.

procedure: (open-random-stream k nonce)

procedure: (open-random-stream k nonce limit)

Open a binary input port backed by a pseudo-random number generator. The default limit, after which the port will signal end of file, is 1 GiB of random data, but #f or +inf.0 may be passed to deactivate the limit.

Message Digests

constant: hash-algorithm

The name of the message digest algorithm.

procedure: (hash data)

Compute the message digest of binary data.