11/9/2023 0 Comments Caesium reviewsometimes, the last part of the C pseudo-namespace is repeated.Turn it into a real namespace, replace the leading sodium with caesium, Predictable names sodium_crypto_secretbox_open_easy will be calledĬ/open-easy. Pseudo-namespaces are mapped to real Clojure namespaces. (These wereĪt time of writing not true for at least 1 other library).Ĭaesium tries to just give you the libsodium experience from Clojure. Libsodium uses the default output size of a particular hash function,Ĭaesium will use the default output size of that hash function. Produce a keypair, caesium will hash a seed to produce a keypair. caesium's APIs match libsodium's behavior.The upside of that is that this library provides theĪPIs necessary to use libsodium safely e.g. caesiumĭoesn't hide the no-magic C APIs from you but you have to understand Gives you the option of zeroing byte arrays out once you're done. All APIs take byte and in some cases ByteBuffer, never String.caesium uses jnr-ffi pinning correctly resulting in zero-copy behavior.Getting in your way if you want the default good-enough behavior. caesium does not provide magic layers on top of libsodium that prevent youįrom writing secure software because of JVM memory semantics, while not.caesium has continuous integration and a fairly extensive test suite with.caesium is written by a cryptographer who has experience binding.Outdated, here are a few properties you may care about: Instead of making specific claims about specific libraries which may become ( let [payload ( -> )) Differences with other bindings ( def public-key "The public key of the repository of which you want to create or update a secret " Here is how you can create or update a repository secret for GitHub actions: ( assert ( bb/bytes= message decrypted-message)) Usage with Github Actions secrets ( def decrypted-message ( sb/decrypt derived-key ( sb/int->nonce 0) encrypted-message)) ( def encrypted-message ( sb/encrypt derived-key ( sb/int->nonce 0) message)) ( def derived-key ( pwhash/pwhash msb/keybytes ( def salt ( rb/randombytes pwhash/saltbytes)) changing salt means changed derived key ( assert ( = 0 ( pwhash/pwhash-str-verify hashed-password password))) ( def hashed-password ( pwhash/pwhash-str password ( def int->salt ( partial u/n->bytes pwhash/saltbytes)) may be useful for deterministic key derivation, incrementing subkeys from 0. helper function for creating salts from integers.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |