def crypto_box_seal(message, pk):
"""
Encrypts and returns a message ``message`` using an ephemeral secret key
and the public key ``pk``.
The ephemeral public key, which is embedded in the sealed box, is also
used, in combination with ``pk``, to derive the nonce needed for the
underlying box construct.
:param message: bytes
:param pk: bytes
:rtype: bytes
.. versionadded:: 1.2
"""
ensure(isinstance(message, bytes),
"input message must be bytes",
raising=TypeError)
ensure(isinstance(pk, bytes),
"public key must be bytes",
raising=TypeError)
if len(pk) != crypto_box_PUBLICKEYBYTES:
raise exc.ValueError("Invalid public key")
_mlen = len(message)
_clen = crypto_box_SEALBYTES + _mlen
ciphertext = ffi.new("unsigned char[]", _clen)
rc = lib.crypto_box_seal(ciphertext, message, _mlen, pk)
ensure(rc == 0, 'Unexpected library error', raising=exc.RuntimeError)
return ffi.buffer(ciphertext, _clen)[:]
def crypto_box_seal(message, recipient_pk):
"""
The C crypto_box_seal() function encrypts a message m of length mlen
for a recipient whose public key is pk. It puts the ciphertext whose
length is crypto_box_SEALBYTES + mlen into c. The function creates
a new key pair for each message, and attaches the public key to the
ciphertext. The secret key is overwritten and is not accessible after
this function returns.
"""
if len(recipient_pk) != crypto_box_PUBLICKEYBYTES:
raise ValueError("Invalid public key")
clen = crypto_box_SEALBYTES + len(message)
ciphertext = ffi.new("unsigned char[]", clen)
rc = lib.crypto_box_seal(ciphertext, message, len(message), recipient_pk)
assert rc == 0
return ffi.buffer(ciphertext, clen)[:]
def crypto_box_seal(message, pk):
"""
Encrypts and returns a message ``message`` using an ephemeral secret key
and the public key ``pk``.
The ephemeral public key, which is embedded in the sealed box, is also
used, in combination with ``pk``, to derive the nonce needed for the
underlying box construct.
:param message: bytes
:param pk: bytes
:rtype: bytes
.. versionadded:: 1.2
"""
ensure(isinstance(message, bytes),
"input message must be bytes",
raising=TypeError)
ensure(isinstance(pk, bytes),
"public key must be bytes",
raising=TypeError)
if len(pk) != crypto_box_PUBLICKEYBYTES:
raise exc.ValueError("Invalid public key")
_mlen = len(message)
_clen = crypto_box_SEALBYTES + _mlen
ciphertext = ffi.new("unsigned char[]", _clen)
rc = lib.crypto_box_seal(ciphertext, message, _mlen, pk)
ensure(rc == 0,
'Unexpected library error',
raising=exc.RuntimeError)
return ffi.buffer(ciphertext, _clen)[:]