-
Notifications
You must be signed in to change notification settings - Fork 85
Frequently Asked Questions
A: Delete your Crypto
class and use RbNaCl instead. Trust me.
Q: What about https://github.com/mogest/nacl ?
A: This is a partial NaCl binding which uses the C extension API and therefore doesn't work across all Ruby VMs (e.g. JRuby).
RbNaCl is a complete NaCl binding designed to work everywhere via Ruby FFI. RbNaCl fully supports JRuby and all other Ruby VMs which implement FFI.
Q: Is there any way to decrypt a Crypto::Box message with only a private key without requiring the public key of the sender?
A: Nope. And there probably never will be. This is an integral part of how the Curve25519 algorithm operates, and a design principle you should consider whenever using public key cryptography.
A: No. This would involve presenting you with decrypted ciphertext which has not been authenticated. If you need to encrypt a plaintext so large it can't reasonably fit in RAM, consider breaking it into chunks which you encrypt with separate keys and/or nonces. Each block of plaintext you encrypt will have its own MAC to authenticate it and can be safely decrypted in isolation, unlike trying to decrypt only a portion of data inside of a Crypto::(Secret)Box