RbNaCl is a Ruby FFI binding to the Networking and Cryptography Library
by
Dan Bernstein and his collaborators:
The slides from a recent presentation by library author Tony A.
(yours
truly) are available on SpeakerDeck:
Version 2.0 is a refactoring designed to better reflect the extensible
API
of the C library which allows for the inclusion of additional primitives
beyond the defaults found in the library today.
Full list of changes from the 1.x releases:
- Add encrypt/decrypt aliases for Crypto::RandomNonceBox
- Rename Crypto module to RbNaCl module
- RbNaCl::VerifyKey#verify operand order was reversed. New operand order
is
signature, message instead of message, signature - RbNaCL::SecretBox#open, RbNaCl::Box#open, Auth#verify and
VerifyKey#verify all now raise a (descendent of) CryptoError if the
check
fails. This ensures failures are handled by the program. - RbNaCl::SecretBox, Box, etc. are all now aliases for the real
implementations, which are named after the primitives they provide - Encoders have now gone.
- Add support for the Blake2b cryptographic hash algorithm.
- Add checks that we have a sufficiently recent version of libsodium
(0.4.3+) - Dropped ruby-1.8 support
- Call the sodium_init() function, to select the best algorithms.
- Fix some typos in the documentation
- Changes in the low level binding for libsodium and removal of the NaCl
module - Add a mutex around calls to randombytes in libsodium