# typed: true # DO NOT EDIT MANUALLY # This is an autogenerated file for types exported from the `rbnacl` gem. # Please instead update this file by running `bin/tapioca gem rbnacl`. # NaCl/libsodium for Ruby # # source://rbnacl//lib/rbnacl/version.rb#5 module RbNaCl; end # source://rbnacl//lib/rbnacl/aead/base.rb#5 module RbNaCl::AEAD; end # Abstract base class for Authenticated Encryption with Additional Data # # This construction encrypts a message, and computes an authentication # tag for the encrypted message and some optional additional data # # RbNaCl provides wrappers for both ChaCha20-Poly1305 AEAD implementations # in libsodium: the original, and the IETF version. # # source://rbnacl//lib/rbnacl/aead/base.rb#13 class RbNaCl::AEAD::Base # Create a new AEAD using the IETF chacha20poly1305 construction # # Sets up AEAD with a secret key for encrypting and decrypting messages. # # @param key [String] The key to encrypt and decrypt with # @raise [RbNaCl::LengthError] on invalid keys # @return [RbNaCl::AEAD::Chacha20Poly1305IETF] The new AEAD construct, ready to use # # source://rbnacl//lib/rbnacl/aead/base.rb#32 def initialize(key); end # Decrypts and verifies an encrypted message with additional authenticated data # # @param nonce [String] An 8-byte string containing the nonce. # @param ciphertext [String] The message to be decrypted. # @param additional_data [String] The additional authenticated data # @raise [RbNaCl::LengthError] If the nonce is not valid # @raise [RbNaCl::CryptoError] If the ciphertext cannot be authenticated. # @return [String] The decrypted message # # source://rbnacl//lib/rbnacl/aead/base.rb#68 def decrypt(nonce, ciphertext, additional_data); end # Encrypts and authenticates a message with additional authenticated data # # @param nonce [String] An 8-byte string containing the nonce. # @param message [String] The message to be encrypted. # @param additional_data [String] The additional authenticated data # @raise [RbNaCl::LengthError] If the nonce is not valid # @raise [RbNaCl::CryptoError] If the ciphertext cannot be authenticated. # @return [String] The encrypted message with the authenticator tag appended # # source://rbnacl//lib/rbnacl/aead/base.rb#46 def encrypt(nonce, message, additional_data); end # The key bytes for the AEAD instance # # @return [Integer] The number of bytes in a valid key # # source://rbnacl//lib/rbnacl/aead/base.rb#111 def key_bytes; end # The nonce bytes for the AEAD instance # # @return [Integer] The number of bytes in a valid nonce # # source://rbnacl//lib/rbnacl/aead/base.rb#97 def nonce_bytes; end # The crypto primitive for this aead instance # # @return [Symbol] The primitive used # # source://rbnacl//lib/rbnacl/aead/base.rb#83 def primitive; end # The number of bytes in the tag or authenticator for this AEAD instance # # @return [Integer] number of tag bytes # # source://rbnacl//lib/rbnacl/aead/base.rb#125 def tag_bytes; end private # source://rbnacl//lib/rbnacl/aead/base.rb#131 def data_len(data); end # @raise [NotImplementedError] # # source://rbnacl//lib/rbnacl/aead/base.rb#141 def do_decrypt(_message, _message_len, _nonce, _ciphertext, _additional_data); end # @raise [NotImplementedError] # # source://rbnacl//lib/rbnacl/aead/base.rb#137 def do_encrypt(_ciphertext, _ciphertext_len, _nonce, _message, _additional_data); end # Returns the value of attribute key. # # source://rbnacl//lib/rbnacl/aead/base.rb#20 def key; end class << self # The key bytes for the AEAD class # # @return [Integer] The number of bytes in a valid key # # source://rbnacl//lib/rbnacl/aead/base.rb#104 def key_bytes; end # The nonce bytes for the AEAD class # # @return [Integer] The number of bytes in a valid nonce # # source://rbnacl//lib/rbnacl/aead/base.rb#90 def nonce_bytes; end # The number bytes in the tag or authenticator from this AEAD class # # @return [Integer] number of tag bytes # # source://rbnacl//lib/rbnacl/aead/base.rb#118 def tag_bytes; end end end # Number of bytes in a valid key # # source://rbnacl//lib/rbnacl/aead/base.rb#15 RbNaCl::AEAD::Base::KEYBYTES = T.let(T.unsafe(nil), Integer) # Number of bytes in a valid nonce # # source://rbnacl//lib/rbnacl/aead/base.rb#18 RbNaCl::AEAD::Base::NPUBBYTES = T.let(T.unsafe(nil), Integer) # This class contains wrappers for the IETF implementation of # Authenticated Encryption with Additional Data using ChaCha20-Poly1305 # # source://rbnacl//lib/rbnacl/aead/chacha20poly1305_ietf.rb#8 class RbNaCl::AEAD::ChaCha20Poly1305IETF < ::RbNaCl::AEAD::Base extend ::RbNaCl::Sodium extend ::FFI::Library def crypto_aead_chacha20poly1305_ietf_abytes(*_arg0); end def crypto_aead_chacha20poly1305_ietf_decrypt(*_arg0); end def crypto_aead_chacha20poly1305_ietf_encrypt(*_arg0); end def crypto_aead_chacha20poly1305_ietf_keybytes(*_arg0); end def crypto_aead_chacha20poly1305_ietf_npubbytes(*_arg0); end private # source://rbnacl//lib/rbnacl/aead/chacha20poly1305_ietf.rb#35 def do_decrypt(message, message_len, nonce, ciphertext, additional_data); end # source://rbnacl//lib/rbnacl/aead/chacha20poly1305_ietf.rb#28 def do_encrypt(ciphertext, ciphertext_len, nonce, message, additional_data); end class << self # source://rbnacl//lib/rbnacl/sodium.rb#50 def aead_chacha20poly1305_ietf_decrypt(*args); end # source://rbnacl//lib/rbnacl/sodium.rb#50 def aead_chacha20poly1305_ietf_encrypt(*args); end def crypto_aead_chacha20poly1305_ietf_abytes(*_arg0); end def crypto_aead_chacha20poly1305_ietf_decrypt(*_arg0); end def crypto_aead_chacha20poly1305_ietf_encrypt(*_arg0); end def crypto_aead_chacha20poly1305_ietf_keybytes(*_arg0); end def crypto_aead_chacha20poly1305_ietf_npubbytes(*_arg0); end end end # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::AEAD::ChaCha20Poly1305IETF::ABYTES = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::AEAD::ChaCha20Poly1305IETF::KEYBYTES = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::AEAD::ChaCha20Poly1305IETF::NPUBBYTES = T.let(T.unsafe(nil), Integer) # This class contains wrappers for the original libsodium implementation of # Authenticated Encryption with Additional Data using ChaCha20-Poly1305 # # source://rbnacl//lib/rbnacl/aead/chacha20poly1305_legacy.rb#8 class RbNaCl::AEAD::ChaCha20Poly1305Legacy < ::RbNaCl::AEAD::Base extend ::RbNaCl::Sodium extend ::FFI::Library def crypto_aead_chacha20poly1305_abytes(*_arg0); end def crypto_aead_chacha20poly1305_decrypt(*_arg0); end def crypto_aead_chacha20poly1305_encrypt(*_arg0); end def crypto_aead_chacha20poly1305_keybytes(*_arg0); end def crypto_aead_chacha20poly1305_npubbytes(*_arg0); end private # source://rbnacl//lib/rbnacl/aead/chacha20poly1305_legacy.rb#34 def do_decrypt(message, message_len, nonce, ciphertext, additional_data); end # source://rbnacl//lib/rbnacl/aead/chacha20poly1305_legacy.rb#27 def do_encrypt(ciphertext, ciphertext_len, nonce, message, additional_data); end class << self # source://rbnacl//lib/rbnacl/sodium.rb#50 def aead_chacha20poly1305_decrypt(*args); end # source://rbnacl//lib/rbnacl/sodium.rb#50 def aead_chacha20poly1305_encrypt(*args); end def crypto_aead_chacha20poly1305_abytes(*_arg0); end def crypto_aead_chacha20poly1305_decrypt(*_arg0); end def crypto_aead_chacha20poly1305_encrypt(*_arg0); end def crypto_aead_chacha20poly1305_keybytes(*_arg0); end def crypto_aead_chacha20poly1305_npubbytes(*_arg0); end end end # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::AEAD::ChaCha20Poly1305Legacy::ABYTES = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::AEAD::ChaCha20Poly1305Legacy::KEYBYTES = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::AEAD::ChaCha20Poly1305Legacy::NPUBBYTES = T.let(T.unsafe(nil), Integer) # This class contains wrappers for the IETF implementation of # Authenticated Encryption with Additional Data using ChaCha20-Poly1305 # # source://rbnacl//lib/rbnacl/aead/xchacha20poly1305_ietf.rb#8 class RbNaCl::AEAD::XChaCha20Poly1305IETF < ::RbNaCl::AEAD::Base extend ::RbNaCl::Sodium extend ::FFI::Library def crypto_aead_xchacha20poly1305_ietf_abytes(*_arg0); end def crypto_aead_xchacha20poly1305_ietf_decrypt(*_arg0); end def crypto_aead_xchacha20poly1305_ietf_encrypt(*_arg0); end def crypto_aead_xchacha20poly1305_ietf_keybytes(*_arg0); end def crypto_aead_xchacha20poly1305_ietf_npubbytes(*_arg0); end private # source://rbnacl//lib/rbnacl/aead/xchacha20poly1305_ietf.rb#35 def do_decrypt(message, message_len, nonce, ciphertext, additional_data); end # source://rbnacl//lib/rbnacl/aead/xchacha20poly1305_ietf.rb#28 def do_encrypt(ciphertext, ciphertext_len, nonce, message, additional_data); end class << self # source://rbnacl//lib/rbnacl/sodium.rb#50 def aead_xchacha20poly1305_ietf_decrypt(*args); end # source://rbnacl//lib/rbnacl/sodium.rb#50 def aead_xchacha20poly1305_ietf_encrypt(*args); end def crypto_aead_xchacha20poly1305_ietf_abytes(*_arg0); end def crypto_aead_xchacha20poly1305_ietf_decrypt(*_arg0); end def crypto_aead_xchacha20poly1305_ietf_encrypt(*_arg0); end def crypto_aead_xchacha20poly1305_ietf_keybytes(*_arg0); end def crypto_aead_xchacha20poly1305_ietf_npubbytes(*_arg0); end end end # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::AEAD::XChaCha20Poly1305IETF::ABYTES = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::AEAD::XChaCha20Poly1305IETF::KEYBYTES = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::AEAD::XChaCha20Poly1305IETF::NPUBBYTES = T.let(T.unsafe(nil), Integer) # Secret Key Authenticators # # These provide a means of verifying the integrity of a message, but only # with the knowledge of a shared key. This can be a preshared key, or one # that is derived through some cryptographic protocol. # # source://rbnacl//lib/rbnacl/auth.rb#10 class RbNaCl::Auth # A new authenticator, ready for auth and verification # # @param key [#to_str] the key used for authenticators, 32 bytes. # @return [Auth] a new instance of Auth # # source://rbnacl//lib/rbnacl/auth.rb#23 def initialize(key); end # Compute authenticator for message # # @param message [#to_str] the message to authenticate # @return [String] the authenticator as raw bytes # # source://rbnacl//lib/rbnacl/auth.rb#56 def auth(message); end # The number of key bytes for this Auth instance # # @return [Integer] number of key bytes # # source://rbnacl//lib/rbnacl/auth.rb#95 def key_bytes; end # The crypto primitive for this authenticator instance # # @return [Symbol] The primitive used # # source://rbnacl//lib/rbnacl/auth.rb#81 def primitive; end # The number of bytes in the tag or authenticator for this Auth instance # # @return [Integer] number of tag bytes # # source://rbnacl//lib/rbnacl/auth.rb#109 def tag_bytes; end # Verifies the given authenticator with the message. # # @param authenticator [#to_str] to be checked # @param message [#to_str] the message to be authenticated # @raise [BadAuthenticatorError] if the tag isn't valid # @raise [LengthError] if the tag is of the wrong length # @return [Boolean] Was it valid? # # source://rbnacl//lib/rbnacl/auth.rb#72 def verify(authenticator, message); end private # @raise [NotImplementedError] # # source://rbnacl//lib/rbnacl/auth.rb#115 def compute_authenticator(_authenticator, _message); end # Returns the value of attribute key. # # source://rbnacl//lib/rbnacl/auth.rb#17 def key; end # @raise [NotImplementedError] # # source://rbnacl//lib/rbnacl/auth.rb#119 def verify_message(_authenticator, _message); end class << self # Compute authenticator for message # # @param key [#to_str] the key used for the authenticator # @param message [#to_str] message to construct an authenticator for # @return [String] The authenticator, as raw bytes # # source://rbnacl//lib/rbnacl/auth.rb#33 def auth(key, message); end # The number of key bytes for this Auth class # # @return [Integer] number of key bytes # # source://rbnacl//lib/rbnacl/auth.rb#88 def key_bytes; end # The number bytes in the tag or authenticator from this Auth class # # @return [Integer] number of tag bytes # # source://rbnacl//lib/rbnacl/auth.rb#102 def tag_bytes; end # Verifies the given authenticator with the message. # # @param key [#to_str] the key used for the authenticator # @param authenticator [#to_str] to be checked # @param message [#to_str] the message to be authenticated # @raise [BadAuthenticatorError] if the tag isn't valid # @raise [LengthError] if the tag is of the wrong length # @return [Boolean] Was it valid? # # source://rbnacl//lib/rbnacl/auth.rb#47 def verify(key, authenticator, message); end end end # Number of bytes in a valid authenticator # # source://rbnacl//lib/rbnacl/auth.rb#15 RbNaCl::Auth::BYTES = T.let(T.unsafe(nil), Integer) # Number of bytes in a valid key # # source://rbnacl//lib/rbnacl/auth.rb#12 RbNaCl::Auth::KEYBYTES = T.let(T.unsafe(nil), Integer) # The authenticator was forged or otherwise corrupt # # source://rbnacl//lib/rbnacl.rb#48 class RbNaCl::BadAuthenticatorError < ::RbNaCl::CryptoError; end # The signature was forged or otherwise corrupt # # source://rbnacl//lib/rbnacl.rb#45 class RbNaCl::BadSignatureError < ::RbNaCl::CryptoError; end # Bind aliases used by the public API # # source://rbnacl//lib/rbnacl.rb#96 RbNaCl::Box = RbNaCl::Boxes::Curve25519XSalsa20Poly1305 # source://rbnacl//lib/rbnacl/boxes/curve25519xsalsa20poly1305.rb#5 module RbNaCl::Boxes; end # The Box class boxes and unboxes messages between a pair of keys # # This class uses the given public and secret keys to derive a shared key, # which is used with the nonce given to encrypt the given messages and # decrypt the given ciphertexts. The same shared key will generated from # both pairing of keys, so given two keypairs belonging to alice (pkalice, # skalice) and bob(pkbob, skbob), the key derived from (pkalice, skbob) with # equal that from (pkbob, skalice). This is how the system works: # # It is VITALLY important that the nonce is a nonce, i.e. it is a number used # only once for any given pair of keys. If you fail to do this, you # compromise the privacy of the the messages encrypted. Also, bear in mind # the property mentioned just above. Give your nonces a different prefix, or # have one side use an odd counter and one an even counter. Just make sure # they are different. # # The ciphertexts generated by this class include a 16-byte authenticator which # is checked as part of the decryption. An invalid authenticator will cause # the unbox function to raise. The authenticator is not a signature. Once # you've looked in the box, you've demonstrated the ability to create # arbitrary valid messages, so messages you send are repudiable. For # non-repudiable messages, sign them before or after encryption. # # @example # # On bob's system # bobkey = RbNaCl::PrivateKey.generate # #=> # # # # send bobkey.public_key to alice # # receive alice's public key, alicepk # # NB: This is actually the hard part of the system. How to do it securely # # is left as an exercise to for the reader. # alice_pubkey = "..." # # # make a box # alicebob_box = RbNaCl::Box.new(alice_pubkey, bobkey) # #=> # # # # encrypt a message to alice # cipher_text = alicebob_box.box("A bad example of a nonce", "Hello, Alice!") # #=> "..." # a string of bytes, 29 bytes long # # # send ["A bad example of a nonce", cipher_text] to alice # # note that nonces don't have to be secret # # receive [nonce, cipher_text_to_bob] from alice # # # decrypt the reply # # Alice has been a little more sensible than bob, and has a random nonce # # that is too fiddly to type here. But there are other choices than just # # random # plain_text = alicebob_box.open(nonce, cipher_text_to_bob) # #=> "Hey there, Bob!" # # # we have a new message! # # But Eve has tampered with this message, by flipping some bytes around! # # [nonce2, cipher_text_to_bob_honest_love_eve] # alicebob_box.open(nonce2, cipher_text_to_bob_honest_love_eve) # # # BOOM! # # Bob gets a RbNaCl::CryptoError to deal with! # # source://rbnacl//lib/rbnacl/boxes/curve25519xsalsa20poly1305.rb#66 class RbNaCl::Boxes::Curve25519XSalsa20Poly1305 extend ::RbNaCl::Sodium extend ::FFI::Library # Create a new Box # # Sets up the Box for deriving the shared key and encrypting and # decrypting messages. # # @param public_key [String, RbNaCl::PublicKey] The public key to encrypt to # @param private_key [String, RbNaCl::PrivateKey] The private key to encrypt with # @raise [RbNaCl::LengthError] on invalid keys # @return [RbNaCl::Box] The new Box, ready to use # # source://rbnacl//lib/rbnacl/boxes/curve25519xsalsa20poly1305.rb#101 def initialize(public_key, private_key); end # Encrypts a message # # Encrypts the message with the given nonce to the keypair set up when # initializing the class. Make sure the nonce is unique for any given # keypair, or you might as well just send plain text. # # This function takes care of the padding required by the NaCL C API. # # @param nonce [String] A 24-byte string containing the nonce. # @param message [String] The message to be encrypted. # @raise [RbNaCl::LengthError] If the nonce is not valid # @return [String] The ciphertext without the nonce prepended (BINARY encoded) # # source://rbnacl//lib/rbnacl/boxes/curve25519xsalsa20poly1305.rb#121 def box(nonce, message); end def crypto_box_curve25519xsalsa20poly1305_afternm(*_arg0); end def crypto_box_curve25519xsalsa20poly1305_beforenm(*_arg0); end def crypto_box_curve25519xsalsa20poly1305_beforenmbytes(*_arg0); end def crypto_box_curve25519xsalsa20poly1305_boxzerobytes(*_arg0); end def crypto_box_curve25519xsalsa20poly1305_noncebytes(*_arg0); end def crypto_box_curve25519xsalsa20poly1305_open_afternm(*_arg0); end def crypto_box_curve25519xsalsa20poly1305_publickeybytes(*_arg0); end def crypto_box_curve25519xsalsa20poly1305_secretkeybytes(*_arg0); end def crypto_box_curve25519xsalsa20poly1305_zerobytes(*_arg0); end # Decrypts a ciphertext # # Decrypts the ciphertext with the given nonce using the keypair setup when # initializing the class. # # This function takes care of the padding required by the NaCL C API. # # @param nonce [String] A 24-byte string containing the nonce. # @param ciphertext [String] The message to be decrypted. # @raise [RbNaCl::LengthError] If the nonce is not valid # @raise [RbNaCl::CryptoError] If the ciphertext cannot be authenticated. # @return [String] The decrypted message (BINARY encoded) # # source://rbnacl//lib/rbnacl/boxes/curve25519xsalsa20poly1305.rb#147 def decrypt(nonce, ciphertext); end # Encrypts a message # # Encrypts the message with the given nonce to the keypair set up when # initializing the class. Make sure the nonce is unique for any given # keypair, or you might as well just send plain text. # # This function takes care of the padding required by the NaCL C API. # # @param nonce [String] A 24-byte string containing the nonce. # @param message [String] The message to be encrypted. # @raise [RbNaCl::LengthError] If the nonce is not valid # @return [String] The ciphertext without the nonce prepended (BINARY encoded) # # source://rbnacl//lib/rbnacl/boxes/curve25519xsalsa20poly1305.rb#121 def encrypt(nonce, message); end # The nonce bytes for the box instance # # @return [Integer] The number of bytes in a valid nonce # # source://rbnacl//lib/rbnacl/boxes/curve25519xsalsa20poly1305.rb#176 def nonce_bytes; end # Decrypts a ciphertext # # Decrypts the ciphertext with the given nonce using the keypair setup when # initializing the class. # # This function takes care of the padding required by the NaCL C API. # # @param nonce [String] A 24-byte string containing the nonce. # @param ciphertext [String] The message to be decrypted. # @raise [RbNaCl::LengthError] If the nonce is not valid # @raise [RbNaCl::CryptoError] If the ciphertext cannot be authenticated. # @return [String] The decrypted message (BINARY encoded) # # source://rbnacl//lib/rbnacl/boxes/curve25519xsalsa20poly1305.rb#147 def open(nonce, ciphertext); end # The crypto primitive for the box class # # @return [Symbol] The primitive used # # source://rbnacl//lib/rbnacl/boxes/curve25519xsalsa20poly1305.rb#162 def primitive; end private # source://rbnacl//lib/rbnacl/boxes/curve25519xsalsa20poly1305.rb#182 def beforenm; end class << self # source://rbnacl//lib/rbnacl/sodium.rb#50 def box_curve25519xsalsa20poly1305_afternm(*args); end # source://rbnacl//lib/rbnacl/sodium.rb#50 def box_curve25519xsalsa20poly1305_beforenm(*args); end # source://rbnacl//lib/rbnacl/sodium.rb#50 def box_curve25519xsalsa20poly1305_open_afternm(*args); end def crypto_box_curve25519xsalsa20poly1305_afternm(*_arg0); end def crypto_box_curve25519xsalsa20poly1305_beforenm(*_arg0); end def crypto_box_curve25519xsalsa20poly1305_beforenmbytes(*_arg0); end def crypto_box_curve25519xsalsa20poly1305_boxzerobytes(*_arg0); end def crypto_box_curve25519xsalsa20poly1305_noncebytes(*_arg0); end def crypto_box_curve25519xsalsa20poly1305_open_afternm(*_arg0); end def crypto_box_curve25519xsalsa20poly1305_publickeybytes(*_arg0); end def crypto_box_curve25519xsalsa20poly1305_secretkeybytes(*_arg0); end def crypto_box_curve25519xsalsa20poly1305_zerobytes(*_arg0); end # The nonce bytes for the box class # # @return [Integer] The number of bytes in a valid nonce # # source://rbnacl//lib/rbnacl/boxes/curve25519xsalsa20poly1305.rb#169 def nonce_bytes; end end end # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::Boxes::Curve25519XSalsa20Poly1305::BEFORENMBYTES = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::Boxes::Curve25519XSalsa20Poly1305::BOXZEROBYTES = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::Boxes::Curve25519XSalsa20Poly1305::NONCEBYTES = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::Boxes::Curve25519XSalsa20Poly1305::PRIVATEKEYBYTES = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::Boxes::Curve25519XSalsa20Poly1305::PUBLICKEYBYTES = T.let(T.unsafe(nil), Integer) # RbNaCl::Box private key. Keep it safe # # This class generates and stores NaCL private keys, as well as providing a # reference to the public key associated with this private key, if that's # provided. # # Note that the documentation for NaCl refers to this as a secret key, but in # this library its a private key, to avoid confusing the issue with the # SecretBox, which does symmetric encryption. # # source://rbnacl//lib/rbnacl/boxes/curve25519xsalsa20poly1305/private_key.rb#16 class RbNaCl::Boxes::Curve25519XSalsa20Poly1305::PrivateKey include ::Comparable include ::RbNaCl::KeyComparator include ::RbNaCl::Serializable extend ::RbNaCl::Sodium extend ::FFI::Library # Initializes a new PrivateKey for key operations. # # Takes the (optionally encoded) private key bytes. This class can then be # used for various key operations, including deriving the corresponding # PublicKey # # @param private_key [String] The private key # @raise [TypeError] If the key is nil # @raise [RbNaCl::LengthError] If the key is not valid after decoding. # @return A new PrivateKey # # source://rbnacl//lib/rbnacl/boxes/curve25519xsalsa20poly1305/private_key.rb#44 def initialize(private_key); end def crypto_box_curve25519xsalsa20poly1305_keypair(*_arg0); end # The crypto primitive this PrivateKey is to be used for. # # @return [Symbol] The primitive # # source://rbnacl//lib/rbnacl/boxes/curve25519xsalsa20poly1305/private_key.rb#77 def primitive; end # the public key associated with this private key # # @return [PublicKey] the key # # source://rbnacl//lib/rbnacl/boxes/curve25519xsalsa20poly1305/private_key.rb#70 def public_key; end # The raw bytes of the key # # @return [String] the raw bytes. # # source://rbnacl//lib/rbnacl/boxes/curve25519xsalsa20poly1305/private_key.rb#63 def to_bytes; end class << self # source://rbnacl//lib/rbnacl/sodium.rb#50 def box_curve25519xsalsa20poly1305_keypair(*args); end def crypto_box_curve25519xsalsa20poly1305_keypair(*_arg0); end # Generates a new keypair # # @raise [RbNaCl::CryptoError] if key generation fails, due to insufficient randomness. # @return [RbNaCl::PrivateKey] A new private key, with the associated public key also set. # # source://rbnacl//lib/rbnacl/boxes/curve25519xsalsa20poly1305/private_key.rb#53 def generate; end end end # The size of the key, in bytes # # source://rbnacl//lib/rbnacl/boxes/curve25519xsalsa20poly1305/private_key.rb#30 RbNaCl::Boxes::Curve25519XSalsa20Poly1305::PrivateKey::BYTES = T.let(T.unsafe(nil), Integer) # RbNaCl::Box public key. Send it (securely!) to your friends. # # This class stores the NaCL public key, and provides some convenience # functions for working with it. # # source://rbnacl//lib/rbnacl/boxes/curve25519xsalsa20poly1305/public_key.rb#11 class RbNaCl::Boxes::Curve25519XSalsa20Poly1305::PublicKey include ::Comparable include ::RbNaCl::KeyComparator include ::RbNaCl::Serializable # Initializes a new PublicKey for key operations. # # Takes the (optionally encoded) public key bytes. This can be shared with # many people and used to establish key pairs with their private key, for # the exchanging of messages using a RbNaCl::Box # # @param public_key [String] The public key # @raise [RbNaCl::LengthError] If the key is not valid after decoding. # @return A new PublicKey # # source://rbnacl//lib/rbnacl/boxes/curve25519xsalsa20poly1305/public_key.rb#29 def initialize(public_key); end # The crypto primitive this PublicKey is to be used for. # # @return [Symbol] The primitive # # source://rbnacl//lib/rbnacl/boxes/curve25519xsalsa20poly1305/public_key.rb#50 def primitive; end # The raw bytes of the key # # @return [String] the raw bytes. # # source://rbnacl//lib/rbnacl/boxes/curve25519xsalsa20poly1305/public_key.rb#36 def to_bytes; end class << self # The crypto primitive the PublicKey class is to be used for # # @return [Symbol] The primitive # # source://rbnacl//lib/rbnacl/boxes/curve25519xsalsa20poly1305/public_key.rb#43 def primitive; end end end # The size of the key, in bytes # # source://rbnacl//lib/rbnacl/boxes/curve25519xsalsa20poly1305/public_key.rb#16 RbNaCl::Boxes::Curve25519XSalsa20Poly1305::PublicKey::BYTES = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::Boxes::Curve25519XSalsa20Poly1305::ZEROBYTES = T.let(T.unsafe(nil), Integer) # Sealed boxes are designed to anonymously send messages to a recipient # given its public key. # # Only the recipient can decrypt these messages, using its private key. # While the recipient can verify the integrity of the message, it cannot # verify the identity of the sender. # # A message is encrypted using an ephemeral key pair, whose secret part # is destroyed right after the encryption process. # # Without knowing the secret key used for a given message, the sender # cannot decrypt its own message later. And without additional data, # a message cannot be correlated with the identity of its sender. # # source://rbnacl//lib/rbnacl/boxes/sealed.rb#19 class RbNaCl::Boxes::Sealed extend ::RbNaCl::Sodium extend ::FFI::Library # WARNING: you should strongly prefer the from_private_key/from_public_key class methods. # # Create a new Sealed Box # # Sets up the Box for deriving the shared key and encrypting and # decrypting messages. # # @param public_key [String, RbNaCl::PublicKey] The public key to encrypt to # @param private_key [String, RbNaCl::PrivateKey] The private key to decrypt with # @raise [RbNaCl::LengthError] on invalid keys # @return [RbNaCl::SealedBox] The new Box, ready to use # # source://rbnacl//lib/rbnacl/boxes/sealed.rb#47 def initialize(public_key, private_key = T.unsafe(nil)); end # Encrypts a message # # @param message [String] The message to be encrypted. # @raise [RbNaCl::CryptoError] If the encrytion fails. # @return [String] The ciphertext (BINARY encoded) # # source://rbnacl//lib/rbnacl/boxes/sealed.rb#92 def box(message); end def crypto_box_seal(*_arg0); end def crypto_box_seal_open(*_arg0); end def crypto_box_sealbytes(*_arg0); end # Decrypts a ciphertext # # @param ciphertext [String] The message to be decrypted. # @raise [RbNaCl::CryptoError] If no private key is available. # @raise [RbNaCl::CryptoError] If the ciphertext cannot be authenticated. # @return [String] The decrypted message (BINARY encoded) # # source://rbnacl//lib/rbnacl/boxes/sealed.rb#113 def decrypt(ciphertext); end # Encrypts a message # # @param message [String] The message to be encrypted. # @raise [RbNaCl::CryptoError] If the encrytion fails. # @return [String] The ciphertext (BINARY encoded) # # source://rbnacl//lib/rbnacl/boxes/sealed.rb#92 def encrypt(message); end # Decrypts a ciphertext # # @param ciphertext [String] The message to be decrypted. # @raise [RbNaCl::CryptoError] If no private key is available. # @raise [RbNaCl::CryptoError] If the ciphertext cannot be authenticated. # @return [String] The decrypted message (BINARY encoded) # # source://rbnacl//lib/rbnacl/boxes/sealed.rb#113 def open(ciphertext); end # The crypto primitive for the box class # # @return [Symbol] The primitive used # # source://rbnacl//lib/rbnacl/boxes/sealed.rb#131 def primitive; end class << self # source://rbnacl//lib/rbnacl/sodium.rb#50 def box_seal(*args); end # source://rbnacl//lib/rbnacl/sodium.rb#50 def box_seal_open(*args); end def crypto_box_seal(*_arg0); end def crypto_box_seal_open(*_arg0); end def crypto_box_sealbytes(*_arg0); end # Create a new Sealed Box for encrypting # # Sets up the Box for encryoption of new messages. # # @param private_key [String, RbNaCl::PrivateKey] The private key to decrypt with # @raise [RbNaCl::LengthError] on invalid keys # @return [RbNaCl::SealedBox] The new Box, ready to use # # source://rbnacl//lib/rbnacl/boxes/sealed.rb#68 def from_private_key(private_key); end # Create a new Sealed Box for decrypting # # Sets up the Box for decrytoption of new messages. # # @param public_key [String, RbNaCl::PublicKey] The public key to encrypt to # @raise [RbNaCl::LengthError] on invalid keys # @return [RbNaCl::SealedBox] The new Box, ready to use # # source://rbnacl//lib/rbnacl/boxes/sealed.rb#81 def from_public_key(public_key); end end end # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::Boxes::Sealed::SEALBYTES = T.let(T.unsafe(nil), Integer) # Oh no, something went wrong! # # This indicates a failure in the operation of a cryptographic primitive such # as authentication failing on an attempt to decrypt a ciphertext. Classes # in the library may define more specific subclasses. # # source://rbnacl//lib/rbnacl.rb#30 class RbNaCl::CryptoError < ::StandardError; end # source://rbnacl//lib/rbnacl.rb#103 RbNaCl::GroupElement = RbNaCl::GroupElements::Curve25519 # source://rbnacl//lib/rbnacl/group_elements/curve25519.rb#5 module RbNaCl::GroupElements; end # Points provide the interface to NaCl's Curve25519 high-speed elliptic # curve cryptography, which can be used for implementing Diffie-Hellman # and other forms of public key cryptography (e.g. RbNaCl::Box) # # Objects of the Point class represent points on Edwards curves. NaCl # defines a base point (the "standard group element") which we can # multiply by an arbitrary integer. This is how NaCl computes public # keys from private keys. # # source://rbnacl//lib/rbnacl/group_elements/curve25519.rb#14 class RbNaCl::GroupElements::Curve25519 include ::Comparable include ::RbNaCl::KeyComparator include ::RbNaCl::Serializable extend ::RbNaCl::Sodium extend ::FFI::Library # Creates a new Point from the given serialization # # @param point [String] location of a group element (32-bytes) # @raise [CryptoError] # @return [RbNaCl::Point] the Point at this location # # source://rbnacl//lib/rbnacl/group_elements/curve25519.rb#47 def initialize(point); end def crypto_scalarmult_curve25519(*_arg0); end # Multiply the given integer by this point # This ordering is a bit confusing because traditionally the point # would be the right-hand operand. # # @param integer [String] value to multiply with this Point (32-bytes) # @raise [CryptoError] # @return [RbNaCl::Point] result as a Point object # # source://rbnacl//lib/rbnacl/group_elements/curve25519.rb#64 def mult(integer); end # Return the point serialized as bytes # # @return [String] 32-byte string representing this point # # source://rbnacl//lib/rbnacl/group_elements/curve25519.rb#78 def to_bytes; end class << self # NaCl's standard base point for all Curve25519 public keys # # @return [RbNaCl::Point] standard base point (a.k.a. standard group element) # # source://rbnacl//lib/rbnacl/group_elements/curve25519.rb#87 def base; end # Returns the value of attribute base_point. # # source://rbnacl//lib/rbnacl/group_elements/curve25519.rb#92 def base_point; end def crypto_scalarmult_curve25519(*_arg0); end # source://rbnacl//lib/rbnacl/sodium.rb#50 def scalarmult_curve25519(*args); end end end # source://rbnacl//lib/rbnacl/group_elements/curve25519.rb#38 RbNaCl::GroupElements::Curve25519::BYTES = T.let(T.unsafe(nil), Integer) # Degenerate key (all-zeroes, results in an all-zero shared secret) # # source://rbnacl//lib/rbnacl/group_elements/curve25519.rb#22 RbNaCl::GroupElements::Curve25519::DEGENERATE_KEY = T.let(T.unsafe(nil), String) # Number of bytes in a scalar on this curve # # source://rbnacl//lib/rbnacl/group_elements/curve25519.rb#37 RbNaCl::GroupElements::Curve25519::SCALARBYTES = T.let(T.unsafe(nil), Integer) # NaCl's Curve25519 base point (a.k.a. standard group element), serialized as hex # # source://rbnacl//lib/rbnacl/group_elements/curve25519.rb#16 RbNaCl::GroupElements::Curve25519::STANDARD_GROUP_ELEMENT = T.let(T.unsafe(nil), String) # Order of the standard group # # source://rbnacl//lib/rbnacl/group_elements/curve25519.rb#19 RbNaCl::GroupElements::Curve25519::STANDARD_GROUP_ORDER = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/hmac/sha256.rb#5 module RbNaCl::HMAC; end # Computes an authenticator as HMAC-SHA-256 # # The authenticator can be used at a later time to verify the provenance of # the message by recomputing the HMAC over the message and then comparing it to # the provided authenticator. The class provides methods for generating # signatures and also has a constant-time implementation for checking them. # # This is a secret key authenticator, i.e. anyone who can verify signatures # can also create them. # # @see http://nacl.cr.yp.to/auth.html # # source://rbnacl//lib/rbnacl/hmac/sha256.rb#17 class RbNaCl::HMAC::SHA256 < ::RbNaCl::Auth extend ::RbNaCl::Sodium extend ::FFI::Library # Create instance without checking key length # # RFC 2104 HMAC # The key for HMAC can be of any length. # # see https://tools.ietf.org/html/rfc2104#section-3 # # @return [SHA256] a new instance of SHA256 # # source://rbnacl//lib/rbnacl/hmac/sha256.rb#43 def initialize(key); end def crypto_auth_hmacsha256_bytes(*_arg0); end def crypto_auth_hmacsha256_final(*_arg0); end def crypto_auth_hmacsha256_init(*_arg0); end def crypto_auth_hmacsha256_keybytes(*_arg0); end def crypto_auth_hmacsha256_update(*_arg0); end # Return the authenticator, as raw bytes # # @return [String] The authenticator, as raw bytes # # source://rbnacl//lib/rbnacl/hmac/sha256.rb#64 def digest; end # Return the authenticator, as hex string # # @return [String] The authenticator, as hex string # # source://rbnacl//lib/rbnacl/hmac/sha256.rb#71 def hexdigest; end # Compute authenticator for message # # source://rbnacl//lib/rbnacl/hmac/sha256.rb#54 def update(message); end private # source://rbnacl//lib/rbnacl/hmac/sha256.rb#77 def compute_authenticator(authenticator, message); end # libsodium crypto_auth_hmacsha256_verify works only for 32 byte keys # ref: https://github.com/jedisct1/libsodium/blob/master/src/libsodium/crypto_auth/hmacsha256/auth_hmacsha256.c#L109 # # source://rbnacl//lib/rbnacl/hmac/sha256.rb#87 def verify_message(authenticator, message); end class << self # source://rbnacl//lib/rbnacl/sodium.rb#50 def auth_hmacsha256_final(*args); end # source://rbnacl//lib/rbnacl/sodium.rb#50 def auth_hmacsha256_init(*args); end # source://rbnacl//lib/rbnacl/sodium.rb#50 def auth_hmacsha256_update(*args); end def crypto_auth_hmacsha256_bytes(*_arg0); end def crypto_auth_hmacsha256_final(*_arg0); end def crypto_auth_hmacsha256_init(*_arg0); end def crypto_auth_hmacsha256_keybytes(*_arg0); end def crypto_auth_hmacsha256_update(*_arg0); end end end # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::HMAC::SHA256::BYTES = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::HMAC::SHA256::KEYBYTES = T.let(T.unsafe(nil), Integer) # The crypto_auth_hmacsha256_state struct representation # ref: jedisct1/libsodium/src/libsodium/include/sodium/crypto_auth_hmacsha256.h # # source://rbnacl//lib/rbnacl/hmac/sha256.rb#95 class RbNaCl::HMAC::SHA256::SHA256State < ::FFI::Struct; end # The crypto_hash_sha256_state struct representation # ref: jedisct1/libsodium/src/libsodium/include/sodium/crypto_hash_sha256.h # # source://rbnacl//lib/rbnacl/hmac/sha256.rb#103 class RbNaCl::HMAC::SHA256::State < ::FFI::Struct; end # Computes an authenticator as HMAC-SHA-512 # # The authenticator can be used at a later time to verify the provenance of # the message by recomputing the HMAC over the message and then comparing it to # the provided authenticator. The class provides methods for generating # signatures and also has a constant-time implementation for checking them. # # This is a secret key authenticator, i.e. anyone who can verify signatures # can also create them. # # @see http://nacl.cr.yp.to/auth.html # # source://rbnacl//lib/rbnacl/hmac/sha512.rb#17 class RbNaCl::HMAC::SHA512 < ::RbNaCl::Auth extend ::RbNaCl::Sodium extend ::FFI::Library # Create instance without checking key length # # RFC 2104 HMAC # The key for HMAC can be of any length. # # see https://tools.ietf.org/html/rfc2104#section-3 # # @return [SHA512] a new instance of SHA512 # # source://rbnacl//lib/rbnacl/hmac/sha512.rb#43 def initialize(key); end def crypto_auth_hmacsha512_bytes(*_arg0); end def crypto_auth_hmacsha512_final(*_arg0); end def crypto_auth_hmacsha512_init(*_arg0); end def crypto_auth_hmacsha512_keybytes(*_arg0); end def crypto_auth_hmacsha512_update(*_arg0); end # Return the authenticator, as raw bytes # # @return [String] The authenticator, as raw bytes # # source://rbnacl//lib/rbnacl/hmac/sha512.rb#64 def digest; end # Return the authenticator, as hex string # # @return [String] The authenticator, as hex string # # source://rbnacl//lib/rbnacl/hmac/sha512.rb#71 def hexdigest; end # Compute authenticator for message # # source://rbnacl//lib/rbnacl/hmac/sha512.rb#54 def update(message); end private # source://rbnacl//lib/rbnacl/hmac/sha512.rb#77 def compute_authenticator(authenticator, message); end # libsodium crypto_auth_hmacsha512_verify works only for 32 byte keys # ref: https://github.com/jedisct1/libsodium/blob/master/src/libsodium/crypto_auth/hmacsha512/auth_hmacsha512.c#L109 # # source://rbnacl//lib/rbnacl/hmac/sha512.rb#87 def verify_message(authenticator, message); end class << self # source://rbnacl//lib/rbnacl/sodium.rb#50 def auth_hmacsha512_final(*args); end # source://rbnacl//lib/rbnacl/sodium.rb#50 def auth_hmacsha512_init(*args); end # source://rbnacl//lib/rbnacl/sodium.rb#50 def auth_hmacsha512_update(*args); end def crypto_auth_hmacsha512_bytes(*_arg0); end def crypto_auth_hmacsha512_final(*_arg0); end def crypto_auth_hmacsha512_init(*_arg0); end def crypto_auth_hmacsha512_keybytes(*_arg0); end def crypto_auth_hmacsha512_update(*_arg0); end end end # Computes an authenticator as HMAC-SHA-512 truncated to 256-bits # # The authenticator can be used at a later time to verify the provenance of # the message by recomputing the HMAC over the message and then comparing it to # the provided authenticator. The class provides methods for generating # signatures and also has a constant-time implementation for checking them. # # This is a secret key authenticator, i.e. anyone who can verify signatures # can also create them. # # @see http://nacl.cr.yp.to/auth.html # # source://rbnacl//lib/rbnacl/hmac/sha512256.rb#17 class RbNaCl::HMAC::SHA512256 < ::RbNaCl::Auth extend ::RbNaCl::Sodium extend ::FFI::Library # Create instance without checking key length # # RFC 2104 HMAC # The key for HMAC can be of any length. # # see https://tools.ietf.org/html/rfc2104#section-3 # # @return [SHA512256] a new instance of SHA512256 # # source://rbnacl//lib/rbnacl/hmac/sha512256.rb#43 def initialize(key); end def crypto_auth_hmacsha512256_bytes(*_arg0); end def crypto_auth_hmacsha512256_final(*_arg0); end def crypto_auth_hmacsha512256_init(*_arg0); end def crypto_auth_hmacsha512256_keybytes(*_arg0); end def crypto_auth_hmacsha512256_update(*_arg0); end # Return the authenticator, as raw bytes # # @return [String] The authenticator, as raw bytes # # source://rbnacl//lib/rbnacl/hmac/sha512256.rb#64 def digest; end # Return the authenticator, as hex string # # @return [String] The authenticator, as hex string # # source://rbnacl//lib/rbnacl/hmac/sha512256.rb#71 def hexdigest; end # Compute authenticator for message # # source://rbnacl//lib/rbnacl/hmac/sha512256.rb#54 def update(message); end private # source://rbnacl//lib/rbnacl/hmac/sha512256.rb#77 def compute_authenticator(authenticator, message); end # source://rbnacl//lib/rbnacl/hmac/sha512256.rb#85 def verify_message(authenticator, message); end class << self # source://rbnacl//lib/rbnacl/sodium.rb#50 def auth_hmacsha512256_final(*args); end # source://rbnacl//lib/rbnacl/sodium.rb#50 def auth_hmacsha512256_init(*args); end # source://rbnacl//lib/rbnacl/sodium.rb#50 def auth_hmacsha512256_update(*args); end def crypto_auth_hmacsha512256_bytes(*_arg0); end def crypto_auth_hmacsha512256_final(*_arg0); end def crypto_auth_hmacsha512256_init(*_arg0); end def crypto_auth_hmacsha512256_keybytes(*_arg0); end def crypto_auth_hmacsha512256_update(*_arg0); end end end # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::HMAC::SHA512256::BYTES = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::HMAC::SHA512256::KEYBYTES = T.let(T.unsafe(nil), Integer) # The crypto_auth_hmacsha512256_state struct representation # ref: jedisct1/libsodium/src/libsodium/include/sodium/crypto_auth_hmacsha512256.h # # source://rbnacl//lib/rbnacl/hmac/sha512256.rb#93 class RbNaCl::HMAC::SHA512256::SHA512256State < ::FFI::Struct; end # The crypto_hash_sha512_state struct representation # ref: jedisct1/libsodium/src/libsodium/include/sodium/crypto_hash_sha512.h # # source://rbnacl//lib/rbnacl/hmac/sha512256.rb#101 class RbNaCl::HMAC::SHA512256::State < ::FFI::Struct; end # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::HMAC::SHA512::BYTES = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::HMAC::SHA512::KEYBYTES = T.let(T.unsafe(nil), Integer) # The crypto_auth_hmacsha512_state struct representation # ref: jedisct1/libsodium/src/libsodium/include/sodium/crypto_auth_hmacsha512.h # # source://rbnacl//lib/rbnacl/hmac/sha512.rb#95 class RbNaCl::HMAC::SHA512::SHA512State < ::FFI::Struct; end # The crypto_hash_sha512_state struct representation # ref: jedisct1/libsodium/src/libsodium/include/sodium/crypto_hash_sha512.h # # source://rbnacl//lib/rbnacl/hmac/sha512.rb#103 class RbNaCl::HMAC::SHA512::State < ::FFI::Struct; end # Cryptographic hash functions # # Cryptographic hash functions take a variable length message and compute a # fixed length string, the message digest. Even a small change in the input # data should produce a large change in the digest, and it is 'very difficult' # to create two messages with the same digest. # # A cryptographic hash can be used for checking the integrity of data, but # there is no secret involved in the hashing, so anyone can create the hash of # a given message. # # RbNaCl provides the SHA-256,SHA-512 as well as the Blake2b hash functions. # # source://rbnacl//lib/rbnacl/hash.rb#17 module RbNaCl::Hash class << self # Returns the Blake2b hash of the given data # # There's no streaming done, just pass in the data and be done with it. # This method returns a 64-byte hash by default. # # @option options # @option options # @option options # @option options # @param data [String] The data, as a collection of bytes # @param options [Hash] a customizable set of options # @raise [CryptoError] If the hashing fails for some reason. # @return [String] The Blake2b hash digest as raw bytes # # source://rbnacl//lib/rbnacl/hash.rb#65 def blake2b(data, options = T.unsafe(nil)); end # Returns the SHA-256 hash of the given data # # There's no streaming done, just pass in the data and be done with it. # # @param data [#to_str] The data, as a collection of bytes # @raise [CryptoError] If the hashing fails for some reason. # @return [String] The SHA-256 hash digest as raw bytes # # source://rbnacl//lib/rbnacl/hash.rb#27 def sha256(data); end # Returns the SHA-512 hash of the given data # # There's no streaming done, just pass in the data and be done with it. # # @param data [#to_str] The data, as a collection of bytes # @raise [CryptoError] If the hashing fails for some reason. # @return [String] The SHA-512 hash digest as raw bytes # # source://rbnacl//lib/rbnacl/hash.rb#43 def sha512(data); end end end # The Blake2b hash function # # Blake2b is based on Blake, a SHA3 finalist which was snubbed in favor of # Keccak, a much slower hash function but one sufficiently different from # SHA2 to let the SHA3 judges panel sleep easy. Back in the real world, # it'd be great if we can calculate hashes quickly if possible. # # Blake2b provides for up to 64-bit digests and also supports a keyed mode # similar to HMAC # # source://rbnacl//lib/rbnacl/hash/blake2b.rb#15 class RbNaCl::Hash::Blake2b extend ::RbNaCl::Sodium extend ::FFI::Library # Create a new Blake2b hash object # # @option opts # @option opts # @option opts # @option opts # @param opts [Hash] Blake2b configuration # @raise [RbNaCl::LengthError] Invalid length specified for one or more options # @return [RbNaCl::Hash::Blake2b] A Blake2b hasher object # # source://rbnacl//lib/rbnacl/hash/blake2b.rb#127 def initialize(opts = T.unsafe(nil)); end # Reentrant version of Blake2b digest calculation method # # @param message [String] Message to be hashed # # source://rbnacl//lib/rbnacl/hash/blake2b.rb#152 def <<(message); end def crypto_generichash_blake2b_bytes_max(*_arg0); end def crypto_generichash_blake2b_bytes_min(*_arg0); end def crypto_generichash_blake2b_final(*_arg0); end def crypto_generichash_blake2b_init_salt_personal(*_arg0); end def crypto_generichash_blake2b_keybytes_max(*_arg0); end def crypto_generichash_blake2b_keybytes_min(*_arg0); end def crypto_generichash_blake2b_personalbytes(*_arg0); end def crypto_generichash_blake2b_salt_personal(*_arg0); end def crypto_generichash_blake2b_saltbytes(*_arg0); end def crypto_generichash_blake2b_update(*_arg0); end # Finalize digest calculation, return cached digest if any # # @raise [CryptoError] # @return [String] Blake2b digest of the string as raw bytes # # source://rbnacl//lib/rbnacl/hash/blake2b.rb#162 def digest; end # Initialize state for Blake2b hash calculation, # this will be called automatically from #update if needed # # source://rbnacl//lib/rbnacl/hash/blake2b.rb#140 def reset; end # Reentrant version of Blake2b digest calculation method # # @param message [String] Message to be hashed # # source://rbnacl//lib/rbnacl/hash/blake2b.rb#152 def update(message); end class << self def crypto_generichash_blake2b_bytes_max(*_arg0); end def crypto_generichash_blake2b_bytes_min(*_arg0); end def crypto_generichash_blake2b_final(*_arg0); end def crypto_generichash_blake2b_init_salt_personal(*_arg0); end def crypto_generichash_blake2b_keybytes_max(*_arg0); end def crypto_generichash_blake2b_keybytes_min(*_arg0); end def crypto_generichash_blake2b_personalbytes(*_arg0); end def crypto_generichash_blake2b_salt_personal(*_arg0); end def crypto_generichash_blake2b_saltbytes(*_arg0); end def crypto_generichash_blake2b_update(*_arg0); end # Calculate a Blake2b digest # # @option opts # @option opts # @option opts # @option opts # @param message [String] Message to be hashed # @param options [Hash] Blake2b configuration # @param opts [Hash] a customizable set of options # @raise [RbNaCl::LengthError] Invalid length specified for one or more options # @return [String] Blake2b digest of the string as raw bytes # # source://rbnacl//lib/rbnacl/hash/blake2b.rb#60 def digest(message, options); end # source://rbnacl//lib/rbnacl/sodium.rb#50 def generichash_blake2b(*args); end # source://rbnacl//lib/rbnacl/sodium.rb#50 def generichash_blake2b_final(*args); end # source://rbnacl//lib/rbnacl/sodium.rb#50 def generichash_blake2b_init(*args); end # source://rbnacl//lib/rbnacl/sodium.rb#50 def generichash_blake2b_update(*args); end # source://rbnacl//lib/rbnacl/hash/blake2b.rb#109 def new(opts = T.unsafe(nil)); end private # Validate and sanitize values for Blake2b configuration # # @option opts # @option opts # @option opts # @option opts # @param options [Hash] Blake2b configuration # @param opts [Hash] a customizable set of options # @raise [RbNaCl::LengthError] Invalid length specified for one or more options # @return [Hash] opts Configuration hash with sanitized values # # source://rbnacl//lib/rbnacl/hash/blake2b.rb#82 def validate_opts(opts); end end end # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::Hash::Blake2b::BYTES_MAX = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::Hash::Blake2b::BYTES_MIN = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/hash/blake2b.rb#43 RbNaCl::Hash::Blake2b::EMPTY_PERSONAL = T.let(T.unsafe(nil), String) # source://rbnacl//lib/rbnacl/hash/blake2b.rb#44 RbNaCl::Hash::Blake2b::EMPTY_SALT = T.let(T.unsafe(nil), String) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::Hash::Blake2b::KEYBYTES_MAX = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::Hash::Blake2b::KEYBYTES_MIN = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::Hash::Blake2b::PERSONALBYTES = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::Hash::Blake2b::SALTBYTES = T.let(T.unsafe(nil), Integer) # The crypto_generichash_blake2b_state struct representation # ref: jedisct1/libsodium/blob/c87df74c7b5969f4/src/libsodium/include/sodium/crypto_generichash_blake2b.h#L23-L25 # # source://rbnacl//lib/rbnacl/hash/blake2b.rb#174 class RbNaCl::Hash::Blake2b::State < ::FFI::Struct; end # Provides a binding for the SHA256 function in libsodium # # source://rbnacl//lib/rbnacl/hash/sha256.rb#7 module RbNaCl::Hash::SHA256 extend ::RbNaCl::Sodium extend ::FFI::Library def crypto_hash_sha256(*_arg0); end def crypto_hash_sha256_bytes(*_arg0); end class << self def crypto_hash_sha256(*_arg0); end def crypto_hash_sha256_bytes(*_arg0); end # source://rbnacl//lib/rbnacl/sodium.rb#50 def hash_sha256(*args); end end end # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::Hash::SHA256::BYTES = T.let(T.unsafe(nil), Integer) # Provides the binding for the SHA512 hash function # # source://rbnacl//lib/rbnacl/hash/sha512.rb#7 module RbNaCl::Hash::SHA512 extend ::RbNaCl::Sodium extend ::FFI::Library def crypto_hash_sha512(*_arg0); end def crypto_hash_sha512_bytes(*_arg0); end class << self def crypto_hash_sha512(*_arg0); end def crypto_hash_sha512_bytes(*_arg0); end # source://rbnacl//lib/rbnacl/sodium.rb#50 def hash_sha512(*args); end end end # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::Hash::SHA512::BYTES = T.let(T.unsafe(nil), Integer) # An incorrect primitive has been passed to a method # # This indicates that an attempt has been made to use something (probably a key) # with an incorrect primitive # # source://rbnacl//lib/rbnacl.rb#42 class RbNaCl::IncorrectPrimitiveError < ::ArgumentError; end # Defines the libsodium init function # # source://rbnacl//lib/rbnacl/init.rb#6 module RbNaCl::Init extend ::FFI::Library def sodium_init(*_arg0); end class << self def sodium_init(*_arg0); end end end # Implements comparisons of keys # # This permits both timing invariant equality tests, as well as # lexicographical sorting. # # source://rbnacl//lib/rbnacl/key_comparator.rb#9 module RbNaCl::KeyComparator include ::Comparable # spaceship operator # # @param other [KeyComparator, #to_str] The thing to compare # @return [0] if the keys are equal # @return [1] if the key is larger than the other key # @return [-1] if the key is smaller than the other key # @return [nil] if comparison doesn't make sense # # source://rbnacl//lib/rbnacl/key_comparator.rb#19 def <=>(other); end # equality operator # # The equality operator is explicity defined, despite including Comparable # and having a spaceship operator, so that if equality tests are desired, # they can be timing invariant, without any chance that the further # comparisons for greater than and less than can leak information. Maybe # this is too paranoid, but I don't know how ruby works under the hood with # comparable. # # @param other [KeyComparator, #to_str] The thing to compare # @return [true] if the keys are equal # @return [false] if they keys are not equal # # source://rbnacl//lib/rbnacl/key_comparator.rb#43 def ==(other); end private # source://rbnacl//lib/rbnacl/key_comparator.rb#56 def compare32(other); end end # Something, probably a key, is the wrong length # # This indicates some argument with an expected length was not that length. # Since this is probably a cryptographic key, you should check that! # # source://rbnacl//lib/rbnacl.rb#36 class RbNaCl::LengthError < ::ArgumentError; end # source://rbnacl//lib/rbnacl.rb#104 RbNaCl::OneTimeAuth = RbNaCl::OneTimeAuths::Poly1305 # source://rbnacl//lib/rbnacl/one_time_auths/poly1305.rb#5 module RbNaCl::OneTimeAuths; end # Computes an authenticator using poly1305 # # The authenticator can be used at a later time to verify the provenance of # the message by recomputing the tag over the message and then comparing it to # the provided authenticator. The class provides methods for generating # signatures and also has a constant-time implementation for checking them. # # As the name suggests, this is a **ONE TIME** authenticator. Computing an # authenticator for two messages using the same key probably gives an # attacker enough information to forge further authenticators for the same # key. # # This is a secret key authenticator, i.e. anyone who can verify signatures # can also create them. # # @see http://nacl.cr.yp.to/onetimeauth.html # # source://rbnacl//lib/rbnacl/one_time_auths/poly1305.rb#22 class RbNaCl::OneTimeAuths::Poly1305 < ::RbNaCl::Auth extend ::RbNaCl::Sodium extend ::FFI::Library def crypto_onetimeauth_poly1305(*_arg0); end def crypto_onetimeauth_poly1305_bytes(*_arg0); end def crypto_onetimeauth_poly1305_keybytes(*_arg0); end def crypto_onetimeauth_poly1305_verify(*_arg0); end private # source://rbnacl//lib/rbnacl/one_time_auths/poly1305.rb#40 def compute_authenticator(authenticator, message); end # source://rbnacl//lib/rbnacl/one_time_auths/poly1305.rb#44 def verify_message(authenticator, message); end class << self def crypto_onetimeauth_poly1305(*_arg0); end def crypto_onetimeauth_poly1305_bytes(*_arg0); end def crypto_onetimeauth_poly1305_keybytes(*_arg0); end def crypto_onetimeauth_poly1305_verify(*_arg0); end # source://rbnacl//lib/rbnacl/sodium.rb#50 def onetimeauth_poly1305(*args); end # source://rbnacl//lib/rbnacl/sodium.rb#50 def onetimeauth_poly1305_verify(*args); end end end # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::OneTimeAuths::Poly1305::BYTES = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::OneTimeAuths::Poly1305::KEYBYTES = T.let(T.unsafe(nil), Integer) # Password hashing functions # # These hash functions are designed specifically for the purposes of securely # storing passwords in a way that they can be checked against a supplied # password but an attacker who obtains a hash cannot easily reverse them back # into the original password. # # Unlike normal hash functions, which are intentionally designed to hash data # as quickly as they can while remaining secure, password hashing functions # are intentionally designed to be slow so they are hard for attackers to # brute force. # # All password hashing functions take a "salt" value which should be randomly # generated on a per-password basis (using RbNaCl::Random, accept no # substitutes) # # All of them also take a CPU work factor, which increases the amount of # computation needed to produce the digest. # # source://rbnacl//lib/rbnacl/password_hash.rb#23 module RbNaCl::PasswordHash class << self # argon2: state of the art in the design of memory-hard hashing functions # (default digest algorithm). # # @param password [String] to be hashed # @param salt [String] to make the digest unique # @param opslimit [Integer] the CPU cost (3..10) # @param memlimit [Integer] the memory cost, in bytes # @param digest_size [Integer] of the output # @raise [CryptoError] If calculating the digest fails for some reason. # @return [String] The argon2 digest as raw bytes # # source://rbnacl//lib/rbnacl/password_hash.rb#51 def argon2(password, salt, opslimit, memlimit, digest_size = T.unsafe(nil)); end # argon2_str: crypt-style password digest # # @param password [String] to be hashed # @param opslimit [Integer] the CPU cost (3..10) # @param memlimit [Integer] the memory cost, in bytes # @raise [CryptoError] If calculating the digest fails for some reason. # @return [String] The argon2i digest as crypt-style string # # source://rbnacl//lib/rbnacl/password_hash.rb#94 def argon2_str(password, opslimit = T.unsafe(nil), memlimit = T.unsafe(nil)); end # argon2_valid?: verify crypt-style password digest # # @param password [String] to verify # @param str_digest [String] to verify # @return [Boolean] true if digest was created using password # # source://rbnacl//lib/rbnacl/password_hash.rb#104 def argon2_valid?(password, str_digest); end # argon2i: argon2, using argon2i digest algorithm. # # @param password [String] to be hashed # @param salt [String] to make the digest unique # @param opslimit [Integer] the CPU cost (3..10) # @param memlimit [Integer] the memory cost, in bytes # @param digest_size [Integer] of the output # @raise [CryptoError] If calculating the digest fails for some reason. # @return [String] The argon2i digest as raw bytes # # source://rbnacl//lib/rbnacl/password_hash.rb#66 def argon2i(password, salt, opslimit, memlimit, digest_size = T.unsafe(nil)); end # argon2id: argon2, using argon2id digest algorithm. # # @param password [String] to be hashed # @param salt [String] to make the digest unique # @param opslimit [Integer] the CPU cost (3..10) # @param memlimit [Integer] the memory cost, in bytes # @param digest_size [Integer] of the output # @raise [CryptoError] If calculating the digest fails for some reason. # @return [String] The argon2id digest as raw bytes # # source://rbnacl//lib/rbnacl/password_hash.rb#81 def argon2id(password, salt, opslimit, memlimit, digest_size = T.unsafe(nil)); end # scrypt: the original sequential memory-hard password hashing function. # # @param password [String] to be hashed # @param salt [String] to make the digest unique # @param opslimit [Integer] the CPU cost (e.g. 2**20) # @param memlimit [Integer] the memory cost (e.g. 2**24) # @param digest_size [Integer] of the output # @raise [CryptoError] If calculating the digest fails for some reason. # @return [String] The scrypt digest as raw bytes # # source://rbnacl//lib/rbnacl/password_hash.rb#35 def scrypt(password, salt, opslimit, memlimit, digest_size = T.unsafe(nil)); end protected # @return [Boolean] # # source://rbnacl//lib/rbnacl/password_hash.rb#111 def argon2_supported?; end end end # Since version 1.0.9, Sodium provides a password hashing scheme called # Argon2. Argon2 summarizes the state of the art in the design of memory- # hard functions. It aims at the highest memory filling rate and effective # use of multiple computing units, while still providing defense against # tradeoff attacks. It prevents ASICs from having a significant advantage # over software implementations. # # source://rbnacl//lib/rbnacl/password_hash/argon2.rb#12 class RbNaCl::PasswordHash::Argon2 extend ::RbNaCl::Sodium extend ::FFI::Library # Create a new Argon2 password hash object # # opslimit and memlimit may be an integer, or one of the following # symbols: # # [:interactive] Suitable for interactive online operations. This # requires 32 Mb of dedicated RAM. # [:moderate] A compromise between interactive and sensitive. This # requires 128 Mb of dedicated RAM, and takes about 0.7 # seconds on a 2.8 Ghz Core i7 CPU. # [:sensitive] For highly sensitive and non-interactive operations. This # requires 128 Mb of dedicated RAM, and takes about 0.7 # seconds on a 2.8 Ghz Core i7 CPU # # @param opslimit [Integer] the CPU cost (1..10) # @param memlimit [Integer] the memory cost (e.g. 2**24) # @param digest_size [Integer] the byte length of the resulting digest # @return [RbNaCl::PasswordHash::Argon2] An Argon2 password hasher object # # source://rbnacl//lib/rbnacl/password_hash/argon2.rb#95 def initialize(opslimit, memlimit, digest_size = T.unsafe(nil)); end def crypto_pwhash(*_arg0); end def crypto_pwhash_alg_argon2i13(*_arg0); end def crypto_pwhash_alg_argon2id13(*_arg0); end def crypto_pwhash_alg_default(*_arg0); end def crypto_pwhash_memlimit_interactive(*_arg0); end def crypto_pwhash_memlimit_max(*_arg0); end def crypto_pwhash_memlimit_min(*_arg0); end def crypto_pwhash_memlimit_moderate(*_arg0); end def crypto_pwhash_memlimit_sensitive(*_arg0); end def crypto_pwhash_opslimit_interactive(*_arg0); end def crypto_pwhash_opslimit_max(*_arg0); end def crypto_pwhash_opslimit_min(*_arg0); end def crypto_pwhash_opslimit_moderate(*_arg0); end def crypto_pwhash_opslimit_sensitive(*_arg0); end def crypto_pwhash_saltbytes(*_arg0); end def crypto_pwhash_str(*_arg0); end def crypto_pwhash_str_verify(*_arg0); end def crypto_pwhash_strbytes(*_arg0); end # Calculate an Argon2 digest for a given password and salt # # @param password [String] to be hashed # @param salt [String] to make the digest unique # @param digest [Symbol] algorithm to use (may be :argon2i or :argon2id) # if nil, the default is determined by libsodium # (argon2i for libsodium < 1.0.15, and argon2id for # libsodium >= 1.0.15). # @raise [ArgumentError] # @return [String] scrypt digest of the string as raw bytes # # source://rbnacl//lib/rbnacl/password_hash/argon2.rb#111 def digest(password, salt, algo = T.unsafe(nil)); end # Calculate an Argon2 digest in the form of a crypt-style string. # The resulting string encodes the parameters and salt. # # @param password [String] to be hashed # @raise [ArgumentError] # @return [String] argon2 digest string # # source://rbnacl//lib/rbnacl/password_hash/argon2.rb#143 def digest_str(password); end class << self def crypto_pwhash(*_arg0); end def crypto_pwhash_alg_argon2i13(*_arg0); end def crypto_pwhash_alg_argon2id13(*_arg0); end def crypto_pwhash_alg_default(*_arg0); end def crypto_pwhash_memlimit_interactive(*_arg0); end def crypto_pwhash_memlimit_max(*_arg0); end def crypto_pwhash_memlimit_min(*_arg0); end def crypto_pwhash_memlimit_moderate(*_arg0); end def crypto_pwhash_memlimit_sensitive(*_arg0); end def crypto_pwhash_opslimit_interactive(*_arg0); end def crypto_pwhash_opslimit_max(*_arg0); end def crypto_pwhash_opslimit_min(*_arg0); end def crypto_pwhash_opslimit_moderate(*_arg0); end def crypto_pwhash_opslimit_sensitive(*_arg0); end def crypto_pwhash_saltbytes(*_arg0); end def crypto_pwhash_str(*_arg0); end def crypto_pwhash_str_verify(*_arg0); end def crypto_pwhash_strbytes(*_arg0); end # Clamps digest size between 16..4294967295 # # @raise [LengthError] if the value is out of range # @return [Integer] digest_size a valid value for digest size # # source://rbnacl//lib/rbnacl/password_hash/argon2.rb#215 def digest_size_value(digest_size); end # Compares a password with a digest string # # @param password [String] to be hashed # @param digest_string [String] to compare to # @raise [ArgumentError] # @return [boolean] true if password matches digest_string # # source://rbnacl//lib/rbnacl/password_hash/argon2.rb#164 def digest_str_verify(password, digest_string); end # Clamps memlimit between 8192 bytes and 4 TB (eg. 2**32) # # @param memlimit, [Integer] in bytes # @raise [ArgumentError] if the value is out of range # @return [Integer] memlimit a valid value for memlimit # # source://rbnacl//lib/rbnacl/password_hash/argon2.rb#199 def memlimit_value(memlimit); end # Clamps opslimit to an acceptable range (3..10) # # @param opslimit [Integer] value to be checked # @raise [ArgumentError] if the value is out of range # @return [Integer] opslimit a valid value for opslimit # # source://rbnacl//lib/rbnacl/password_hash/argon2.rb#181 def opslimit_value(opslimit); end # source://rbnacl//lib/rbnacl/sodium.rb#60 def pwhash(*args); end # source://rbnacl//lib/rbnacl/sodium.rb#50 def pwhash_str(*args); end # source://rbnacl//lib/rbnacl/sodium.rb#50 def pwhash_str_verify(*args); end end end # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::PasswordHash::Argon2::ALG_ARGON2I13 = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::PasswordHash::Argon2::ALG_ARGON2ID13 = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::PasswordHash::Argon2::ALG_DEFAULT = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/password_hash/argon2.rb#35 RbNaCl::PasswordHash::Argon2::ARGON2_MAX_OUTLEN = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/password_hash/argon2.rb#34 RbNaCl::PasswordHash::Argon2::ARGON2_MIN_OUTLEN = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/password_hash/argon2.rb#55 RbNaCl::PasswordHash::Argon2::ARGON_ERROR_CODES = T.let(T.unsafe(nil), Hash) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::PasswordHash::Argon2::MEMLIMIT_INTERACTIVE = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::PasswordHash::Argon2::MEMLIMIT_MAX = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::PasswordHash::Argon2::MEMLIMIT_MIN = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::PasswordHash::Argon2::MEMLIMIT_MODERATE = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::PasswordHash::Argon2::MEMLIMIT_SENSITIVE = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::PasswordHash::Argon2::OPSLIMIT_INTERACTIVE = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::PasswordHash::Argon2::OPSLIMIT_MAX = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::PasswordHash::Argon2::OPSLIMIT_MIN = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::PasswordHash::Argon2::OPSLIMIT_MODERATE = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::PasswordHash::Argon2::OPSLIMIT_SENSITIVE = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::PasswordHash::Argon2::SALTBYTES = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::PasswordHash::Argon2::STRBYTES = T.let(T.unsafe(nil), Integer) # The scrypt sequential memory hard password hashing function # # scrypt is a password hash (or password based KDF). That is to say, where # most hash functions are designed to be fast because hashing is often a # bottleneck, scrypt is slow by design, because it's trying to "strengthen" # the password by combining it with a random "salt" value then perform a # series of operation on the result which are slow enough to defeat # brute-force password cracking attempts. # # scrypt is similar to the bcrypt and pbkdf2 password hashes in that it's # designed to strengthen passwords, but includes a new design element # called "sequential memory hardness" which helps defeat attempts by # attackers to compensate for their lack of memory (since they're typically # on GPUs or FPGAs) with additional computation. # # source://rbnacl//lib/rbnacl/password_hash/scrypt.rb#20 class RbNaCl::PasswordHash::SCrypt extend ::RbNaCl::Sodium extend ::FFI::Library # Create a new SCrypt password hash object # # @param opslimit [Integer] the CPU cost (e.g. 2**20) # @param memlimit [Integer] the memory cost (e.g. 2**24) # @return [RbNaCl::PasswordHash::SCrypt] An SCrypt password hasher object # # source://rbnacl//lib/rbnacl/password_hash/scrypt.rb#37 def initialize(opslimit, memlimit, digest_size = T.unsafe(nil)); end def crypto_pwhash_scryptsalsa208sha256(*_arg0); end def crypto_pwhash_scryptsalsa208sha256_saltbytes(*_arg0); end # Calculate an scrypt digest for a given password and salt # # @param password [String] to be hashed # @param salt [String] to make the digest unique # @raise [CryptoError] # @return [String] scrypt digest of the string as raw bytes # # source://rbnacl//lib/rbnacl/password_hash/scrypt.rb#55 def digest(password, salt); end class << self def crypto_pwhash_scryptsalsa208sha256(*_arg0); end def crypto_pwhash_scryptsalsa208sha256_saltbytes(*_arg0); end # source://rbnacl//lib/rbnacl/sodium.rb#50 def scrypt(*args); end end end # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::PasswordHash::SCrypt::SALTBYTES = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl.rb#97 RbNaCl::PrivateKey = RbNaCl::Boxes::Curve25519XSalsa20Poly1305::PrivateKey # source://rbnacl//lib/rbnacl.rb#98 RbNaCl::PublicKey = RbNaCl::Boxes::Curve25519XSalsa20Poly1305::PublicKey # Functions for random number generation # # This uses the underlying source of random number generation on the OS, so # /dev/urandom on UNIX-like systems, and the MS crypto providor on windows. # # source://rbnacl//lib/rbnacl/random.rb#9 module RbNaCl::Random extend ::RbNaCl::Sodium extend ::FFI::Library def randombytes_buf(*_arg0); end class << self # source://rbnacl//lib/rbnacl/sodium.rb#50 def c_random_bytes(*args); end # Returns a string of random bytes # # @param n [Integer] number of random bytes desired # @return [String] random bytes. # # source://rbnacl//lib/rbnacl/random.rb#23 def random_bytes(n = T.unsafe(nil)); end def randombytes_buf(*_arg0); end end end # Backwards compatibility with the old RandomNonceBox name # # source://rbnacl//lib/rbnacl/simple_box.rb#116 RbNaCl::RandomNonceBox = RbNaCl::SimpleBox # source://rbnacl//lib/rbnacl.rb#99 RbNaCl::SealedBox = RbNaCl::Boxes::Sealed # source://rbnacl//lib/rbnacl.rb#100 RbNaCl::SecretBox = RbNaCl::SecretBoxes::XSalsa20Poly1305 # source://rbnacl//lib/rbnacl/secret_boxes/xsalsa20poly1305.rb#5 module RbNaCl::SecretBoxes; end # The SecretBox class boxes and unboxes messages # # This class uses the given secret key to encrypt and decrypt messages. # # It is VITALLY important that the nonce is a nonce, i.e. it is a number used # only once for any given pair of keys. If you fail to do this, you # compromise the privacy of the messages encrypted. Give your nonces a # different prefix, or have one side use an odd counter and one an even counter. # Just make sure they are different. # # The ciphertexts generated by this class include a 16-byte authenticator which # is checked as part of the decryption. An invalid authenticator will cause # the unbox function to raise. The authenticator is not a signature. Once # you've looked in the box, you've demonstrated the ability to create # arbitrary valid messages, so messages you send are repudiable. For # non-repudiable messages, sign them before or after encryption. # # source://rbnacl//lib/rbnacl/secret_boxes/xsalsa20poly1305.rb#22 class RbNaCl::SecretBoxes::XSalsa20Poly1305 extend ::RbNaCl::Sodium extend ::FFI::Library # Create a new SecretBox # # Sets up the Box with a secret key fro encrypting and decrypting messages. # # @param key [String] The key to encrypt and decrypt with # @raise [RbNaCl::LengthError] on invalid keys # @return [RbNaCl::SecretBox] The new Box, ready to use # # source://rbnacl//lib/rbnacl/secret_boxes/xsalsa20poly1305.rb#49 def initialize(key); end # Encrypts a message # # Encrypts the message with the given nonce to the key set up when # initializing the class. Make sure the nonce is unique for any given # key, or you might as well just send plain text. # # This function takes care of the padding required by the NaCL C API. # # @param nonce [String] A 24-byte string containing the nonce. # @param message [String] The message to be encrypted. # @raise [RbNaCl::LengthError] If the nonce is not valid # @return [String] The ciphertext without the nonce prepended (BINARY encoded) # # source://rbnacl//lib/rbnacl/secret_boxes/xsalsa20poly1305.rb#67 def box(nonce, message); end def crypto_secretbox_xsalsa20poly1305(*_arg0); end def crypto_secretbox_xsalsa20poly1305_boxzerobytes(*_arg0); end def crypto_secretbox_xsalsa20poly1305_keybytes(*_arg0); end def crypto_secretbox_xsalsa20poly1305_noncebytes(*_arg0); end def crypto_secretbox_xsalsa20poly1305_open(*_arg0); end def crypto_secretbox_xsalsa20poly1305_zerobytes(*_arg0); end # Decrypts a ciphertext # # Decrypts the ciphertext with the given nonce using the key setup when # initializing the class. # # This function takes care of the padding required by the NaCL C API. # # @param nonce [String] A 24-byte string containing the nonce. # @param ciphertext [String] The message to be decrypted. # @raise [RbNaCl::LengthError] If the nonce is not valid # @raise [RbNaCl::CryptoError] If the ciphertext cannot be authenticated. # @return [String] The decrypted message (BINARY encoded) # # source://rbnacl//lib/rbnacl/secret_boxes/xsalsa20poly1305.rb#93 def decrypt(nonce, ciphertext); end # Encrypts a message # # Encrypts the message with the given nonce to the key set up when # initializing the class. Make sure the nonce is unique for any given # key, or you might as well just send plain text. # # This function takes care of the padding required by the NaCL C API. # # @param nonce [String] A 24-byte string containing the nonce. # @param message [String] The message to be encrypted. # @raise [RbNaCl::LengthError] If the nonce is not valid # @return [String] The ciphertext without the nonce prepended (BINARY encoded) # # source://rbnacl//lib/rbnacl/secret_boxes/xsalsa20poly1305.rb#67 def encrypt(nonce, message); end # The key bytes for the SecretBox instance # # @return [Integer] The number of bytes in a valid key # # source://rbnacl//lib/rbnacl/secret_boxes/xsalsa20poly1305.rb#136 def key_bytes; end # The nonce bytes for the SecretBox instance # # @return [Integer] The number of bytes in a valid nonce # # source://rbnacl//lib/rbnacl/secret_boxes/xsalsa20poly1305.rb#122 def nonce_bytes; end # Decrypts a ciphertext # # Decrypts the ciphertext with the given nonce using the key setup when # initializing the class. # # This function takes care of the padding required by the NaCL C API. # # @param nonce [String] A 24-byte string containing the nonce. # @param ciphertext [String] The message to be decrypted. # @raise [RbNaCl::LengthError] If the nonce is not valid # @raise [RbNaCl::CryptoError] If the ciphertext cannot be authenticated. # @return [String] The decrypted message (BINARY encoded) # # source://rbnacl//lib/rbnacl/secret_boxes/xsalsa20poly1305.rb#93 def open(nonce, ciphertext); end # The crypto primitive for the SecretBox instance # # @return [Symbol] The primitive used # # source://rbnacl//lib/rbnacl/secret_boxes/xsalsa20poly1305.rb#108 def primitive; end class << self def crypto_secretbox_xsalsa20poly1305(*_arg0); end def crypto_secretbox_xsalsa20poly1305_boxzerobytes(*_arg0); end def crypto_secretbox_xsalsa20poly1305_keybytes(*_arg0); end def crypto_secretbox_xsalsa20poly1305_noncebytes(*_arg0); end def crypto_secretbox_xsalsa20poly1305_open(*_arg0); end def crypto_secretbox_xsalsa20poly1305_zerobytes(*_arg0); end # The key bytes for the SecretBox class # # @return [Integer] The number of bytes in a valid key # # source://rbnacl//lib/rbnacl/secret_boxes/xsalsa20poly1305.rb#129 def key_bytes; end # The nonce bytes for the SecretBox class # # @return [Integer] The number of bytes in a valid nonce # # source://rbnacl//lib/rbnacl/secret_boxes/xsalsa20poly1305.rb#115 def nonce_bytes; end # source://rbnacl//lib/rbnacl/sodium.rb#50 def secretbox_xsalsa20poly1305(*args); end # source://rbnacl//lib/rbnacl/sodium.rb#50 def secretbox_xsalsa20poly1305_open(*args); end end end # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::SecretBoxes::XSalsa20Poly1305::BOXZEROBYTES = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::SecretBoxes::XSalsa20Poly1305::KEYBYTES = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::SecretBoxes::XSalsa20Poly1305::NONCEBYTES = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::SecretBoxes::XSalsa20Poly1305::ZEROBYTES = T.let(T.unsafe(nil), Integer) # Self-test performed at startup # # source://rbnacl//lib/rbnacl/self_test.rb#11 module RbNaCl::SelfTest private # source://rbnacl//lib/rbnacl/self_test.rb#31 def box_common_test(box); end # source://rbnacl//lib/rbnacl/self_test.rb#18 def box_test; end # source://rbnacl//lib/rbnacl/self_test.rb#51 def digital_signature_test; end # source://rbnacl//lib/rbnacl/self_test.rb#94 def hmac_test(klass, tag); end # source://rbnacl//lib/rbnacl/self_test.rb#26 def secret_box_test; end # source://rbnacl//lib/rbnacl/self_test.rb#87 def sha256_test; end # source://rbnacl//lib/rbnacl/self_test.rb#14 def vector(name); end class << self # @raise [SelfTestFailure] # # source://rbnacl//lib/rbnacl/self_test.rb#31 def box_common_test(box); end # source://rbnacl//lib/rbnacl/self_test.rb#18 def box_test; end # source://rbnacl//lib/rbnacl/self_test.rb#51 def digital_signature_test; end # @raise [SelfTestFailure] # # source://rbnacl//lib/rbnacl/self_test.rb#94 def hmac_test(klass, tag); end # source://rbnacl//lib/rbnacl/self_test.rb#26 def secret_box_test; end # @raise [SelfTestFailure] # # source://rbnacl//lib/rbnacl/self_test.rb#87 def sha256_test; end # source://rbnacl//lib/rbnacl/self_test.rb#14 def vector(name); end end end # source://rbnacl//lib/rbnacl/self_test.rb#8 class RbNaCl::SelfTestFailure < ::RbNaCl::CryptoError; end # Serialization features shared across all "key-like" classes # # source://rbnacl//lib/rbnacl/serializable.rb#6 module RbNaCl::Serializable # Inspect this key # # @return [String] a string representing this key # # source://rbnacl//lib/rbnacl/serializable.rb#18 def inspect; end # source://rbnacl//lib/rbnacl/serializable.rb#7 def to_s; end # source://rbnacl//lib/rbnacl/serializable.rb#11 def to_str; end end # source://rbnacl//lib/rbnacl/signatures/ed25519.rb#5 module RbNaCl::Signatures; end # The EdDSA signature system implemented using the Ed25519 elliptic curve # # source://rbnacl//lib/rbnacl/signatures/ed25519.rb#7 module RbNaCl::Signatures::Ed25519 extend ::RbNaCl::Sodium extend ::FFI::Library def crypto_sign_ed25519_bytes(*_arg0); end def crypto_sign_ed25519_publickeybytes(*_arg0); end def crypto_sign_ed25519_secretkeybytes(*_arg0); end def crypto_sign_ed25519_seedbytes(*_arg0); end class << self def crypto_sign_ed25519_bytes(*_arg0); end def crypto_sign_ed25519_publickeybytes(*_arg0); end def crypto_sign_ed25519_secretkeybytes(*_arg0); end def crypto_sign_ed25519_seedbytes(*_arg0); end end end # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::Signatures::Ed25519::SEEDBYTES = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::Signatures::Ed25519::SIGNATUREBYTES = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::Signatures::Ed25519::SIGNINGKEYBYTES = T.let(T.unsafe(nil), Integer) # Private key for producing digital signatures using the Ed25519 algorithm. # Ed25519 provides a 128-bit security level, that is to say, all known attacks # take at least 2^128 operations, providing the same security level as # AES-128, NIST P-256, and RSA-3072. # # Signing keys are produced from a 32-byte (256-bit) random seed value. # This value can be passed into the SigningKey constructor as a String # whose bytesize is 32. # # The public VerifyKey can be computed from the private 32-byte seed value # as well, eliminating the need to store a "keypair". # # SigningKey produces 64-byte (512-bit) signatures. The signatures are # deterministic: signing the same message will always produce the same # signature. This prevents "entropy failure" seen in other signature # algorithms like DSA and ECDSA, where poor random number generators can # leak enough information to recover the private key. # # source://rbnacl//lib/rbnacl/signatures/ed25519/signing_key.rb#24 class RbNaCl::Signatures::Ed25519::SigningKey include ::Comparable include ::RbNaCl::KeyComparator include ::RbNaCl::Serializable extend ::RbNaCl::Sodium extend ::FFI::Library # Create a SigningKey from a seed value # # @param seed [String] Random 32-byte value (i.e. private key) # @return [RbNaCl::SigningKey] Key which can sign messages # # source://rbnacl//lib/rbnacl/signatures/ed25519/signing_key.rb#55 def initialize(seed); end def crypto_sign_ed25519(*_arg0); end def crypto_sign_ed25519_seed_keypair(*_arg0); end # Return the raw 64 byte value of this key # # @return [String] The signature key bytes. Left half is 32-byte # curve25519 private scalar, right half is 32-byte group element # # source://rbnacl//lib/rbnacl/signatures/ed25519/signing_key.rb#102 def keypair_bytes; end # The crypto primitive this SigningKey class uses for signatures # # @return [Symbol] The primitive # # source://rbnacl//lib/rbnacl/signatures/ed25519/signing_key.rb#109 def primitive; end # Sign a message using this key # # @param message [String] Message to be signed by this key # @return [String] Signature as bytes # # source://rbnacl//lib/rbnacl/signatures/ed25519/signing_key.rb#75 def sign(message); end # Sign a message using this key, attaching the signature to the message # # @param message [String] Message to be signed by this key # @return [String] Signature and the message as bytes # # source://rbnacl//lib/rbnacl/signatures/ed25519/signing_key.rb#84 def sign_attached(message); end # The size of signatures generated by the SigningKey instance # # @return [Integer] The number of bytes in a signature # # source://rbnacl//lib/rbnacl/signatures/ed25519/signing_key.rb#123 def signature_bytes; end # Return the raw seed value of this key # # @return [String] seed used to create this key # # source://rbnacl//lib/rbnacl/signatures/ed25519/signing_key.rb#94 def to_bytes; end # Returns the value of attribute verify_key. # # source://rbnacl//lib/rbnacl/signatures/ed25519/signing_key.rb#41 def verify_key; end class << self def crypto_sign_ed25519(*_arg0); end def crypto_sign_ed25519_seed_keypair(*_arg0); end # Generate a random SigningKey # # @return [RbNaCl::SigningKey] Freshly-generated random SigningKey # # source://rbnacl//lib/rbnacl/signatures/ed25519/signing_key.rb#46 def generate; end # source://rbnacl//lib/rbnacl/sodium.rb#50 def sign_ed25519(*args); end # source://rbnacl//lib/rbnacl/sodium.rb#50 def sign_ed25519_seed_keypair(*args); end # The size of signatures generated by the SigningKey class # # @return [Integer] The number of bytes in a signature # # source://rbnacl//lib/rbnacl/signatures/ed25519/signing_key.rb#116 def signature_bytes; end end end # source://rbnacl//lib/rbnacl/sodium.rb#44 RbNaCl::Signatures::Ed25519::VERIFYKEYBYTES = T.let(T.unsafe(nil), Integer) # The public key counterpart to an Ed25519 SigningKey for producing digital # signatures. Like the name says, VerifyKeys can be used to verify that a # given digital signature is authentic. # # For more information on the Ed25519 digital signature system, please see # the SigningKey documentation. # # source://rbnacl//lib/rbnacl/signatures/ed25519/verify_key.rb#13 class RbNaCl::Signatures::Ed25519::VerifyKey include ::Comparable include ::RbNaCl::KeyComparator include ::RbNaCl::Serializable extend ::RbNaCl::Sodium extend ::FFI::Library # Create a new VerifyKey object from a public key. # # @param key [String] Ed25519 public key # @return [RbNaCl::VerifyKey] Key which can verify messages # # source://rbnacl//lib/rbnacl/signatures/ed25519/verify_key.rb#31 def initialize(key); end def crypto_sign_ed25519_open(*_arg0); end # The crypto primitive this VerifyKey class uses for signatures # # @return [Symbol] The primitive # # source://rbnacl//lib/rbnacl/signatures/ed25519/verify_key.rb#85 def primitive; end # The size of signatures verified by the VerifyKey instance # # @return [Integer] The number of bytes in a signature # # source://rbnacl//lib/rbnacl/signatures/ed25519/verify_key.rb#99 def signature_bytes; end # Return the raw key in byte format # # @return [String] raw key as bytes # # source://rbnacl//lib/rbnacl/signatures/ed25519/verify_key.rb#78 def to_bytes; end # Verify a signature for a given message # # Raises if the signature is invalid. # # @param signature [String] Alleged signature to be checked # @param message [String] Message to be authenticated # @raise [BadSignatureError] if the signature check fails # @raise [LengthError] if the signature is of the wrong length # @return [Boolean] was the signature authentic? # # source://rbnacl//lib/rbnacl/signatures/ed25519/verify_key.rb#47 def verify(signature, message); end # Verify a signature for a given signed message # # Raises if the signature is invalid. # # @param signed_message [String] Message combined with signature to be authenticated # @raise [BadSignatureError] if the signature check fails # @return [Boolean] was the signature authentic? # # source://rbnacl//lib/rbnacl/signatures/ed25519/verify_key.rb#62 def verify_attached(signed_message); end class << self def crypto_sign_ed25519_open(*_arg0); end # source://rbnacl//lib/rbnacl/sodium.rb#50 def sign_ed25519_open(*args); end # The size of signatures verified by the VerifyKey class # # @return [Integer] The number of bytes in a signature # # source://rbnacl//lib/rbnacl/signatures/ed25519/verify_key.rb#92 def signature_bytes; end end end # source://rbnacl//lib/rbnacl.rb#101 RbNaCl::SigningKey = RbNaCl::Signatures::Ed25519::SigningKey # The simplest nonce strategy that could possibly work # # This class implements the simplest possible nonce generation strategy to # wrap a RbNaCl::Box or RbNaCl::SecretBox. A 24-byte random nonce is used # for the encryption and is prepended to the message. When it is time to # open the box, the message is split into nonce and ciphertext, and then the # box is decrypted. # # Thanks to the size of the nonce, the chance of a collision is negligible. For # example, after encrypting 2^64 messages, the odds of their having been # repeated nonce is approximately 2^-64. As an additional convenience, the # ciphertexts may be encoded or decoded by any of the encoders implemented in # the library. # # The resulting ciphertexts are 40 bytes longer than the plain text (24 byte # nonce plus a 16 byte authenticator). This might be annoying if you're # encrypting tweets, but for files represents a fairly small overhead. # # Some caveats: # # * If your random source is broken, so is the security of the messages. You # have bigger problems than just this library at that point, but it's worth # saying. # * The confidentiality of your messages is assured with this strategy, but # there is no protection against messages being reordered and replayed by an # active adversary. # # source://rbnacl//lib/rbnacl/simple_box.rb#34 class RbNaCl::SimpleBox extend ::Forwardable # Create a new SimpleBox # # @param box [SecretBox, Box] the SecretBox or Box to use. # @return [SimpleBox] Ready for use # # source://rbnacl//lib/rbnacl/simple_box.rb#43 def initialize(box); end # Encrypts the message with a random nonce # # Encrypts the message with a random nonce, then returns the ciphertext with # the nonce prepended. Optionally encodes the message using an encoder. # # @param message [String] The message to encrypt # @return [String] The enciphered message # # source://rbnacl//lib/rbnacl/simple_box.rb#80 def box(message); end # Decrypts the ciphertext with a random nonce # # Takes a ciphertext, optionally decodes it, then splits the nonce off the # front and uses this to decrypt. Returns the message. # # @param enciphered_message [String] The message to decrypt. # @raise [CryptoError] If the message has been tampered with. # @return [String] The decoded message # # source://rbnacl//lib/rbnacl/simple_box.rb#97 def decrypt(enciphered_message); end # Encrypts the message with a random nonce # # Encrypts the message with a random nonce, then returns the ciphertext with # the nonce prepended. Optionally encodes the message using an encoder. # # @param message [String] The message to encrypt # @return [String] The enciphered message # # source://rbnacl//lib/rbnacl/simple_box.rb#80 def encrypt(message); end # source://forwardable/1.3.2/forwardable.rb#229 def nonce_bytes(*args, **_arg1, &block); end # Decrypts the ciphertext with a random nonce # # Takes a ciphertext, optionally decodes it, then splits the nonce off the # front and uses this to decrypt. Returns the message. # # @param enciphered_message [String] The message to decrypt. # @raise [CryptoError] If the message has been tampered with. # @return [String] The decoded message # # source://rbnacl//lib/rbnacl/simple_box.rb#97 def open(enciphered_message); end # source://forwardable/1.3.2/forwardable.rb#229 def primitive(*args, **_arg1, &block); end private # source://rbnacl//lib/rbnacl/simple_box.rb#109 def extract_nonce(bytes); end # source://rbnacl//lib/rbnacl/simple_box.rb#105 def generate_nonce; end class << self # Use a pair of keys to create a SimpleBox # # This is a convenience method. It takes a pair of keys and instantiates a # Box under the hood, then returns the new SimpleBox. # # @param public_key [PublicKey, String] The RbNaCl public key, as class or string # @param private_key [PrivateKey, String] The RbNaCl private key, as class or string # @return [SimpleBox] Ready for use # # source://rbnacl//lib/rbnacl/simple_box.rb#68 def from_keypair(public_key, private_key); end # Use a secret key to create a SimpleBox # # This is a convenience method. It takes a secret key and instantiates a # SecretBox under the hood, then returns the new SimpleBox. # # @param secret_key [String] The secret key, 32 bytes long. # @return [SimpleBox] Ready for use # # source://rbnacl//lib/rbnacl/simple_box.rb#55 def from_secret_key(secret_key); end end end # Provides helpers for defining the libsodium bindings # # source://rbnacl//lib/rbnacl/sodium.rb#8 module RbNaCl::Sodium # source://rbnacl//lib/rbnacl/sodium.rb#28 def primitive; end # source://rbnacl//lib/rbnacl/sodium.rb#32 def sodium_constant(constant, name: T.unsafe(nil), fallback: T.unsafe(nil)); end # source://rbnacl//lib/rbnacl/sodium.rb#47 def sodium_function(name, function, arguments); end # source://rbnacl//lib/rbnacl/sodium.rb#57 def sodium_function_with_return_code(name, function, arguments); end # source://rbnacl//lib/rbnacl/sodium.rb#20 def sodium_primitive(primitive = T.unsafe(nil)); end # source://rbnacl//lib/rbnacl/sodium.rb#14 def sodium_type(type = T.unsafe(nil)); end class << self # @private # # source://rbnacl//lib/rbnacl/sodium.rb#9 def extended(klass); end end end # libsodium version API # # source://rbnacl//lib/rbnacl/sodium/version.rb#9 module RbNaCl::Sodium::Version extend ::RbNaCl::Sodium extend ::FFI::Library def sodium_version_string(*_arg0); end class << self def sodium_version_string(*_arg0); end # Determine if a given feature is supported based on Sodium version # # @return [Boolean] # # source://rbnacl//lib/rbnacl/sodium/version.rb#31 def supported_version?(version); end end end # source://rbnacl//lib/rbnacl/sodium/version.rb#28 RbNaCl::Sodium::Version::ARGON2ID_SUPPORTED = T.let(T.unsafe(nil), TrueClass) # source://rbnacl//lib/rbnacl/sodium/version.rb#27 RbNaCl::Sodium::Version::ARGON2_SUPPORTED = T.let(T.unsafe(nil), TrueClass) # source://rbnacl//lib/rbnacl/sodium/version.rb#20 RbNaCl::Sodium::Version::INSTALLED_VERSION = T.let(T.unsafe(nil), Array) # source://rbnacl//lib/rbnacl/sodium/version.rb#18 RbNaCl::Sodium::Version::MAJOR = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium/version.rb#10 RbNaCl::Sodium::Version::MINIMUM_LIBSODIUM_VERSION = T.let(T.unsafe(nil), Array) # source://rbnacl//lib/rbnacl/sodium/version.rb#11 RbNaCl::Sodium::Version::MINIMUM_LIBSODIUM_VERSION_FOR_ARGON2 = T.let(T.unsafe(nil), Array) # source://rbnacl//lib/rbnacl/sodium/version.rb#12 RbNaCl::Sodium::Version::MINIMUM_LIBSODIUM_VERSION_FOR_ARGON2ID = T.let(T.unsafe(nil), Array) # source://rbnacl//lib/rbnacl/sodium/version.rb#18 RbNaCl::Sodium::Version::MINOR = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium/version.rb#18 RbNaCl::Sodium::Version::PATCH = T.let(T.unsafe(nil), Integer) # source://rbnacl//lib/rbnacl/sodium/version.rb#17 RbNaCl::Sodium::Version::STRING = T.let(T.unsafe(nil), String) # Reference library of test vectors used to verify the software is correct # # source://rbnacl//lib/rbnacl/test_vectors.rb#8 RbNaCl::TEST_VECTORS = T.let(T.unsafe(nil), Hash) # Various utility functions # # source://rbnacl//lib/rbnacl/util.rb#6 module RbNaCl::Util extend ::RbNaCl::Sodium extend ::FFI::Library def crypto_verify_16(*_arg0); end def crypto_verify_32(*_arg0); end def crypto_verify_64(*_arg0); end private # Hex encodes a message # # @param bytes [String] The bytes to encode # @return [String] Tasty, tasty hexadecimal # # source://rbnacl//lib/rbnacl/util.rb#277 def bin2hex(bytes); end # Check a passed in string, convertion if necessary # # This method will check the key, and raise error # if argument is not a string, and if it's empty string. # # RFC 2104 HMAC # The key for HMAC can be of any length (keys longer than B bytes are # first hashed using H). However, less than L bytes is strongly # discouraged as it would decrease the security strength of the # function. Keys longer than L bytes are acceptable but the extra # length would not significantly increase the function strength. (A # longer key may be advisable if the randomness of the key is # considered weak.) # # see https://tools.ietf.org/html/rfc2104#section-3 # # @param string [#to_str] The input string # @raise [ArgumentError] If we cannot convert to a string with #to_str # @raise [RbNaCl::LengthError] If the string is empty # # source://rbnacl//lib/rbnacl/util.rb#140 def check_hmac_key(string, _description); end # Check the length of the passed in string # # In several places through the codebase we have to be VERY strict with # what length of string we accept. This method supports that. # # @param string [String] The string to compare # @param length [Integer] The desired length # @param description [String] Description of the string (used in the error) # @raise [RbNaCl::LengthError] If the string is not the right length # # source://rbnacl//lib/rbnacl/util.rb#83 def check_length(string, length, description); end # Check a passed in string, converting the argument if necessary # # In several places through the codebase we have to be VERY strict with # the strings we accept. This method supports that. # # @param string [#to_str] The input string # @param length [Integer] The only acceptable length of the string # @param description [String] Description of the string (used in the error) # @raise [ArgumentError] If we cannot convert to a string with #to_str # @raise [RbNaCl::LengthError] If the string is not the right length # # source://rbnacl//lib/rbnacl/util.rb#111 def check_string(string, length, description); end # Check a passed string is it valid # # Raise an error if passed argument is invalid # # @param string [#to_str] The input string # @raise [TypeError] If string cannot convert to a string with #to_str # @raise [EncodingError] If string have wrong encoding # # source://rbnacl//lib/rbnacl/util.rb#162 def check_string_validation(string); end # Hex decodes a message # # @param hex [String] hex to decode. # @return [String] crisp and clean bytes # # source://rbnacl//lib/rbnacl/util.rb#286 def hex2bin(hex); end # Prepends a message with zeros # # Many functions require a string with some zeros prepended. # # @param n [Integer] The number of zeros to prepend # @param message [String] The string to be prepended # @return [String] a bunch of zeros # # source://rbnacl//lib/rbnacl/util.rb#37 def prepend_zeros(n, message); end # Remove zeros from the start of a message # # Many functions require a string with some zeros prepended, then need them removing after. # Note: this modifies the passed in string # # @param n [Integer] The number of zeros to remove # @param message [String] The string to be slice # @return [String] less a bunch of zeros # # source://rbnacl//lib/rbnacl/util.rb#50 def remove_zeros(n, message); end # Compare two 16 byte strings in constant time # # This should help to avoid timing attacks for string comparisons in your # application. Note that many of the functions (such as OneTime#verify) # use this method under the hood already. # # @param one [String] String #1 # @param two [String] String #2 # @return [Boolean] Well, are they equal? # # source://rbnacl//lib/rbnacl/util.rb#248 def verify16(one, two); end # Compare two 16 byte strings in constant time # # This should help to avoid timing attacks for string comparisons in your # application. Note that many of the functions (such as OneTime#verify) # use this method under the hood already. # # @param one [String] String #1 # @param two [String] String #2 # @raise [ArgumentError] If the strings are not equal in length # @return [Boolean] Well, are they equal? # # source://rbnacl//lib/rbnacl/util.rb#266 def verify16!(one, two); end # Compare two 32 byte strings in constant time # # This should help to avoid timing attacks for string comparisons in your # application. Note that many of the functions (such as HmacSha256#verify) # use this method under the hood already. # # @param one [String] String #1 # @param two [String] String #2 # @return [Boolean] Well, are they equal? # # source://rbnacl//lib/rbnacl/util.rb#214 def verify32(one, two); end # Compare two 32 byte strings in constant time # # This should help to avoid timing attacks for string comparisons in your # application. Note that many of the functions (such as HmacSha256#verify) # use this method under the hood already. # # @param one [String] String #1 # @param two [String] String #2 # @raise [ArgumentError] If the strings are not equal in length # @return [Boolean] Well, are they equal? # # source://rbnacl//lib/rbnacl/util.rb#232 def verify32!(one, two); end # Compare two 64 byte strings in constant time # # This should help to avoid timing attacks for string comparisons in your # application. Note that many of the functions (such as HmacSha512#verify) # use this method under the hood already. # # @param one [String] String #1 # @param two [String] String #2 # @return [Boolean] Well, are they equal? # # source://rbnacl//lib/rbnacl/util.rb#180 def verify64(one, two); end # Compare two 64 byte strings in constant time # # This should help to avoid timing attacks for string comparisons in your # application. Note that many of the functions (such as HmacSha512#verify) # use this method under the hood already. # # @param one [String] String #1 # @param two [String] String #2 # @raise [ArgumentError] If the strings are not equal in length # @return [Boolean] Well, are they equal? # # source://rbnacl//lib/rbnacl/util.rb#198 def verify64!(one, two); end # Pad a string out to n characters with zeros # # @param n [Integer] The length of the resulting string # @param message [String] the message to be padded # @raise [RbNaCl::LengthError] If the string is too long # @return [String] A string, n bytes long # # source://rbnacl//lib/rbnacl/util.rb#62 def zero_pad(n, message); end # Returns a string of n zeros # # Lots of the functions require us to create strings to pass into functions of a specified size. # # @param n [Integer] the size of the string to make # @return [String] A nice collection of zeros # # source://rbnacl//lib/rbnacl/util.rb#22 def zeros(n = T.unsafe(nil)); end class << self # Hex encodes a message # # @param bytes [String] The bytes to encode # @return [String] Tasty, tasty hexadecimal # # source://rbnacl//lib/rbnacl/util.rb#277 def bin2hex(bytes); end # source://rbnacl//lib/rbnacl/sodium.rb#50 def c_verify16(*args); end # source://rbnacl//lib/rbnacl/sodium.rb#50 def c_verify32(*args); end # source://rbnacl//lib/rbnacl/sodium.rb#50 def c_verify64(*args); end # Check a passed in string, convertion if necessary # # This method will check the key, and raise error # if argument is not a string, and if it's empty string. # # RFC 2104 HMAC # The key for HMAC can be of any length (keys longer than B bytes are # first hashed using H). However, less than L bytes is strongly # discouraged as it would decrease the security strength of the # function. Keys longer than L bytes are acceptable but the extra # length would not significantly increase the function strength. (A # longer key may be advisable if the randomness of the key is # considered weak.) # # see https://tools.ietf.org/html/rfc2104#section-3 # # @param string [#to_str] The input string # @raise [ArgumentError] If we cannot convert to a string with #to_str # @raise [RbNaCl::LengthError] If the string is empty # # source://rbnacl//lib/rbnacl/util.rb#140 def check_hmac_key(string, _description); end # Check the length of the passed in string # # In several places through the codebase we have to be VERY strict with # what length of string we accept. This method supports that. # # @param string [String] The string to compare # @param length [Integer] The desired length # @param description [String] Description of the string (used in the error) # @raise [RbNaCl::LengthError] If the string is not the right length # # source://rbnacl//lib/rbnacl/util.rb#83 def check_length(string, length, description); end # Check a passed in string, converting the argument if necessary # # In several places through the codebase we have to be VERY strict with # the strings we accept. This method supports that. # # @param string [#to_str] The input string # @param length [Integer] The only acceptable length of the string # @param description [String] Description of the string (used in the error) # @raise [ArgumentError] If we cannot convert to a string with #to_str # @raise [RbNaCl::LengthError] If the string is not the right length # # source://rbnacl//lib/rbnacl/util.rb#111 def check_string(string, length, description); end # Check a passed string is it valid # # Raise an error if passed argument is invalid # # @param string [#to_str] The input string # @raise [TypeError] If string cannot convert to a string with #to_str # @raise [EncodingError] If string have wrong encoding # # source://rbnacl//lib/rbnacl/util.rb#162 def check_string_validation(string); end def crypto_verify_16(*_arg0); end def crypto_verify_32(*_arg0); end def crypto_verify_64(*_arg0); end # Hex decodes a message # # @param hex [String] hex to decode. # @return [String] crisp and clean bytes # # source://rbnacl//lib/rbnacl/util.rb#286 def hex2bin(hex); end # Prepends a message with zeros # # Many functions require a string with some zeros prepended. # # @param n [Integer] The number of zeros to prepend # @param message [String] The string to be prepended # @return [String] a bunch of zeros # # source://rbnacl//lib/rbnacl/util.rb#37 def prepend_zeros(n, message); end # Remove zeros from the start of a message # # Many functions require a string with some zeros prepended, then need them removing after. # Note: this modifies the passed in string # # @param n [Integer] The number of zeros to remove # @param message [String] The string to be slice # @return [String] less a bunch of zeros # # source://rbnacl//lib/rbnacl/util.rb#50 def remove_zeros(n, message); end # Compare two 16 byte strings in constant time # # This should help to avoid timing attacks for string comparisons in your # application. Note that many of the functions (such as OneTime#verify) # use this method under the hood already. # # @param one [String] String #1 # @param two [String] String #2 # @return [Boolean] Well, are they equal? # # source://rbnacl//lib/rbnacl/util.rb#248 def verify16(one, two); end # Compare two 16 byte strings in constant time # # This should help to avoid timing attacks for string comparisons in your # application. Note that many of the functions (such as OneTime#verify) # use this method under the hood already. # # @param one [String] String #1 # @param two [String] String #2 # @raise [ArgumentError] If the strings are not equal in length # @return [Boolean] Well, are they equal? # # source://rbnacl//lib/rbnacl/util.rb#266 def verify16!(one, two); end # Compare two 32 byte strings in constant time # # This should help to avoid timing attacks for string comparisons in your # application. Note that many of the functions (such as HmacSha256#verify) # use this method under the hood already. # # @param one [String] String #1 # @param two [String] String #2 # @return [Boolean] Well, are they equal? # # source://rbnacl//lib/rbnacl/util.rb#214 def verify32(one, two); end # Compare two 32 byte strings in constant time # # This should help to avoid timing attacks for string comparisons in your # application. Note that many of the functions (such as HmacSha256#verify) # use this method under the hood already. # # @param one [String] String #1 # @param two [String] String #2 # @raise [ArgumentError] If the strings are not equal in length # @return [Boolean] Well, are they equal? # # source://rbnacl//lib/rbnacl/util.rb#232 def verify32!(one, two); end # Compare two 64 byte strings in constant time # # This should help to avoid timing attacks for string comparisons in your # application. Note that many of the functions (such as HmacSha512#verify) # use this method under the hood already. # # @param one [String] String #1 # @param two [String] String #2 # @return [Boolean] Well, are they equal? # # source://rbnacl//lib/rbnacl/util.rb#180 def verify64(one, two); end # Compare two 64 byte strings in constant time # # This should help to avoid timing attacks for string comparisons in your # application. Note that many of the functions (such as HmacSha512#verify) # use this method under the hood already. # # @param one [String] String #1 # @param two [String] String #2 # @raise [ArgumentError] If the strings are not equal in length # @return [Boolean] Well, are they equal? # # source://rbnacl//lib/rbnacl/util.rb#198 def verify64!(one, two); end # Pad a string out to n characters with zeros # # @param n [Integer] The length of the resulting string # @param message [String] the message to be padded # @raise [RbNaCl::LengthError] If the string is too long # @return [String] A string, n bytes long # # source://rbnacl//lib/rbnacl/util.rb#62 def zero_pad(n, message); end # Returns a string of n zeros # # Lots of the functions require us to create strings to pass into functions of a specified size. # # @param n [Integer] the size of the string to make # @return [String] A nice collection of zeros # # source://rbnacl//lib/rbnacl/util.rb#22 def zeros(n = T.unsafe(nil)); end end end # The library's version # # source://rbnacl//lib/rbnacl/version.rb#7 RbNaCl::VERSION = T.let(T.unsafe(nil), String) # source://rbnacl//lib/rbnacl.rb#102 RbNaCl::VerifyKey = RbNaCl::Signatures::Ed25519::VerifyKey