class SecretBox
(source)
Secret-key authenticated encryption.
Encrypts a message with a key and a nonce to keep it confidential, and computes an authentication tag. The tag is used to make sure that the message hasn't been tampered with before decrypting it.
A single key is used both to encrypt/sign and verify/decrypt messages. For this reason, it is critical to keep the key confidential.
The nonce doesn't have to be confidential, but it should never ever be reused with the same key. The easiest way to generate a nonce is to use randombytes_buf().
Messages encrypted are assumed to be independent. If multiple messages are sent using this API and random nonces, there will be no way to detect if a message has been received twice, or if messages have been reordered.
This class depends upon the JNR-FFI library being available on the classpath, along with its dependencies. See https://github.com/jnr/jnr-ffi. JNR-FFI can be included using the gradle dependency 'com.github.jnr:jnr-ffi'.
class Key : Destroyable
A SecretBox key. |
|
class Nonce : Destroyable
A SecretBox nonce. |
static fun decrypt(cipherText: Bytes, key: Key, nonce: Nonce): Bytes? static fun decrypt(cipherText: Allocated, key: Key, nonce: Nonce): Allocated? static fun decrypt(cipherText: ByteArray, key: Key, nonce: Nonce): ByteArray?
Decrypt a message using a key. static fun decrypt(cipherText: Bytes, password: String): Bytes? static fun decrypt(cipherText: ByteArray, password: String): ByteArray?
Decrypt a message using a password, using PasswordHash for the key generation (with the currently recommended algorithm and limits on operations and memory that are suitable for most use-cases). static fun decrypt(cipherText: Bytes, password: String, algorithm: Algorithm): Bytes? static fun decrypt(cipherText: ByteArray, password: String, algorithm: Algorithm): ByteArray?
Decrypt a message using a password, using PasswordHash for the key generation (with limits on operations and memory that are suitable for most use-cases). static fun decrypt(cipherText: Bytes, password: String, opsLimit: Long, memLimit: Long, algorithm: Algorithm): Bytes? static fun decrypt(cipherText: ByteArray, password: String, opsLimit: Long, memLimit: Long, algorithm: Algorithm): ByteArray?
Decrypt a message using a password, using PasswordHash for the key generation. |
|
static fun decryptDetached(cipherText: Bytes, mac: Bytes, key: Key, nonce: Nonce): Bytes? static fun decryptDetached(cipherText: ByteArray, mac: ByteArray, key: Key, nonce: Nonce): ByteArray?
Decrypt a message using a key and a detached message authentication code. static fun decryptDetached(cipherText: Bytes, mac: Bytes, password: String): Bytes? static fun decryptDetached(cipherText: ByteArray, mac: ByteArray, password: String): ByteArray?
Decrypt a message using a password and a detached message authentication code, using PasswordHash for the key generation (with the currently recommended algorithm and limits on operations and memory that are suitable for most use-cases). static fun decryptDetached(cipherText: Bytes, mac: Bytes, password: String, algorithm: Algorithm): Bytes? static fun decryptDetached(cipherText: ByteArray, mac: ByteArray, password: String, algorithm: Algorithm): ByteArray?
Decrypt a message using a password and a detached message authentication code, using PasswordHash for the key generation (with limits on operations and memory that are suitable for most use-cases). static fun decryptDetached(cipherText: Bytes, mac: Bytes, password: String, opsLimit: Long, memLimit: Long, algorithm: Algorithm): Bytes? static fun decryptDetached(cipherText: ByteArray, mac: ByteArray, password: String, opsLimit: Long, memLimit: Long, algorithm: Algorithm): ByteArray?
Decrypt a message using a password and a detached message authentication code, using PasswordHash for the key generation. |
|
static fun decryptInteractive(cipherText: Bytes, password: String): Bytes? static fun decryptInteractive(cipherText: ByteArray, password: String): ByteArray?
Decrypt a message using a password, using PasswordHash for the key generation (with the currently recommended algorithm and limits on operations and memory that are suitable for interactive use-cases). static fun decryptInteractive(cipherText: Bytes, password: String, algorithm: Algorithm): Bytes? static fun decryptInteractive(cipherText: ByteArray, password: String, algorithm: Algorithm): ByteArray?
Decrypt a message using a password, using PasswordHash for the key generation (with limits on operations and memory that are suitable for interactive use-cases). |
|
static fun decryptInteractiveDetached(cipherText: Bytes, mac: Bytes, password: String): Bytes? static fun decryptInteractiveDetached(cipherText: ByteArray, mac: ByteArray, password: String): ByteArray?
Decrypt a message using a password and a detached message authentication code, using PasswordHash for the key generation (with the currently recommended algorithm and limits on operations and memory that are suitable for interactive use-cases). static fun decryptInteractiveDetached(cipherText: Bytes, mac: Bytes, password: String, algorithm: Algorithm): Bytes? static fun decryptInteractiveDetached(cipherText: ByteArray, mac: ByteArray, password: String, algorithm: Algorithm): ByteArray?
Decrypt a message using a password and a detached message authentication code, using PasswordHash for the key generation (with limits on operations and memory that are suitable for interactive use-cases). |
|
static fun decryptSensitive(cipherText: Bytes, password: String): Bytes? static fun decryptSensitive(cipherText: ByteArray, password: String): ByteArray?
Decrypt a message using a password, using PasswordHash for the key generation (with the currently recommended algorithm and limits on operations and memory that are suitable for sensitive use-cases). static fun decryptSensitive(cipherText: Bytes, password: String, algorithm: Algorithm): Bytes? static fun decryptSensitive(cipherText: ByteArray, password: String, algorithm: Algorithm): ByteArray?
Decrypt a message using a password, using PasswordHash for the key generation (with limits on operations and memory that are suitable for sensitive use-cases). |
|
static fun decryptSensitiveDetached(cipherText: Bytes, mac: Bytes, password: String): Bytes? static fun decryptSensitiveDetached(cipherText: ByteArray, mac: ByteArray, password: String): ByteArray?
Decrypt a message using a password and a detached message authentication code, using PasswordHash for the key generation (with the currently recommended algorithm and limits on operations and memory that are suitable for sensitive use-cases). static fun decryptSensitiveDetached(cipherText: Bytes, mac: Bytes, password: String, algorithm: Algorithm): Bytes? static fun decryptSensitiveDetached(cipherText: ByteArray, mac: ByteArray, password: String, algorithm: Algorithm): ByteArray?
Decrypt a message using a password and a detached message authentication code, using PasswordHash for the key generation (with limits on operations and memory that are suitable for sensitive use-cases). |
|
static fun encrypt(message: Bytes, key: Key, nonce: Nonce): Bytes static fun encrypt(message: Allocated, key: Key, nonce: Nonce): Allocated static fun encrypt(message: ByteArray, key: Key, nonce: Nonce): ByteArray
Encrypt a message with a key. static fun encrypt(message: Bytes, password: String): Bytes static fun encrypt(message: ByteArray, password: String): ByteArray
Encrypt a message with a password, using PasswordHash for the key generation (with the currently recommended algorithm and limits on operations and memory that are suitable for most use-cases). static fun encrypt(message: Bytes, password: String, algorithm: Algorithm): Bytes static fun encrypt(message: ByteArray, password: String, algorithm: Algorithm): ByteArray
Encrypt a message with a password, using PasswordHash for the key generation (with limits on operations and memory that are suitable for most use-cases). static fun encrypt(message: Bytes, password: String, opsLimit: Long, memLimit: Long, algorithm: Algorithm): Bytes static fun encrypt(message: ByteArray, password: String, opsLimit: Long, memLimit: Long, algorithm: Algorithm): ByteArray
Encrypt a message with a password, using PasswordHash for the key generation. |
|
static fun encryptDetached(message: Bytes, key: Key, nonce: Nonce): DetachedEncryptionResult static fun encryptDetached(message: ByteArray, key: Key, nonce: Nonce): DetachedEncryptionResult
Encrypt a message with a key, generating a detached message authentication code. static fun encryptDetached(message: Bytes, password: String): DetachedEncryptionResult static fun encryptDetached(message: ByteArray, password: String): DetachedEncryptionResult
Encrypt a message with a password, generating a detached message authentication code, using PasswordHash for the key generation (with the currently recommended algorithm and limits on operations and memory that are suitable for most use-cases). static fun encryptDetached(message: Bytes, password: String, algorithm: Algorithm): DetachedEncryptionResult static fun encryptDetached(message: ByteArray, password: String, algorithm: Algorithm): DetachedEncryptionResult
Encrypt a message with a password, generating a detached message authentication code, using PasswordHash for the key generation (with limits on operations and memory that are suitable for most use-cases). static fun encryptDetached(message: Bytes, password: String, opsLimit: Long, memLimit: Long, algorithm: Algorithm): DetachedEncryptionResult
Encrypt a message with a password, generating a detached message authentication code, using PasswordHash for the key generation static fun encryptDetached(message: ByteArray, password: String, opsLimit: Long, memLimit: Long, algorithm: Algorithm): DetachedEncryptionResult
Encrypt a message with a password, generating a detached message authentication code, using PasswordHash for the key generation. |
|
static fun encryptInteractive(message: Bytes, password: String): Bytes static fun encryptInteractive(message: ByteArray, password: String): ByteArray
Encrypt a message with a password, using PasswordHash for the key generation (with the currently recommended algorithm and limits on operations and memory that are suitable for interactive use-cases). static fun encryptInteractive(message: Bytes, password: String, algorithm: Algorithm): Bytes static fun encryptInteractive(message: ByteArray, password: String, algorithm: Algorithm): ByteArray
Encrypt a message with a password, using PasswordHash for the key generation (with limits on operations and memory that are suitable for interactive use-cases). |
|
static fun encryptInteractiveDetached(message: Bytes, password: String): DetachedEncryptionResult static fun encryptInteractiveDetached(message: ByteArray, password: String): DetachedEncryptionResult
Encrypt a message with a password, generating a detached message authentication code, using PasswordHash for the key generation (with the currently recommended algorithm and limits on operations and memory that are suitable for interactive use-cases). static fun encryptInteractiveDetached(message: Bytes, password: String, algorithm: Algorithm): DetachedEncryptionResult static fun encryptInteractiveDetached(message: ByteArray, password: String, algorithm: Algorithm): DetachedEncryptionResult
Encrypt a message with a password, generating a detached message authentication code, using PasswordHash for the key generation (with limits on operations and memory that are suitable for interactive use-cases). |
|
static fun encryptSensitive(message: Bytes, password: String): Bytes static fun encryptSensitive(message: ByteArray, password: String): ByteArray
Encrypt a message with a password, using PasswordHash for the key generation (with the currently recommended algorithm and limits on operations and memory that are suitable for sensitive use-cases). static fun encryptSensitive(message: Bytes, password: String, algorithm: Algorithm): Bytes static fun encryptSensitive(message: ByteArray, password: String, algorithm: Algorithm): ByteArray
Encrypt a message with a password, using PasswordHash for the key generation (with limits on operations and memory that are suitable for sensitive use-cases). |
|
static fun encryptSensitiveDetached(message: Bytes, password: String): DetachedEncryptionResult static fun encryptSensitiveDetached(message: ByteArray, password: String): DetachedEncryptionResult
Encrypt a message with a password, generating a detached message authentication code, using PasswordHash for the key generation (with the currently recommended algorithm and limits on operations and memory that are suitable for sensitive use-cases). static fun encryptSensitiveDetached(message: Bytes, password: String, algorithm: Algorithm): DetachedEncryptionResult static fun encryptSensitiveDetached(message: ByteArray, password: String, algorithm: Algorithm): DetachedEncryptionResult
Encrypt a message with a password, generating a detached message authentication code, using PasswordHash for the key generation (with limits on operations and memory that are suitable for sensitive use-cases). |