/* message corrupted or not intended for this recipient */
20
}
Copied!
Purpose
Sealed boxes are designed to anonymously send messages to a recipient given its public key.
Only the recipient can decrypt these messages, using its private key. While the recipient can verify the integrity of the message, it cannot verify the identity of the sender.
A message is encrypted using an ephemeral key pair, whose secret part is destroyed right after the encryption process.
Without knowing the secret key used for a given message, the sender cannot decrypt its own message later. And without additional data, a message cannot be correlated with the identity of its sender.
The crypto_box_seal() function encrypts a message m of length mlen for a recipient whose public key is pk. It puts the ciphertext whose length is crypto_box_SEALBYTES + mlen into c.
The function creates a new key pair for each message, and attaches the public key to the ciphertext. The secret key is overwritten and is not accessible after this function returns.
The crypto_box_seal_open() function decrypts the ciphertext c whose length is clen, using the key pair (pk, sk), and puts the decrypted message into m (clen - crypto_box_SEALBYTES bytes).
Key pairs are compatible with other crypto_box_* operations and can be created using crypto_box_keypair() or crypto_box_seed_keypair().
This function doesn't require passing the public key of the sender, as the ciphertext already includes this information.
Constants
crypto_box_SEALBYTES
Algorithm details
Sealed boxes leverage the crypto_box construction (X25519, XSalsa20-Poly1305).