Tezex.Crypto.NaCl (tezex v3.2.0)

View Source

NaCl-compatible cryptographic functions for Tezos encrypted key handling.

This module implements the crypto_secretbox_open functionality needed to decrypt Tezos encrypted private keys that use the NaCl/Sodium encryption standard.

Summary

Functions

crypto_secretbox_open(ciphertext, nonce, key)

Opens (decrypts) a NaCl secretbox using XSalsa20-Poly1305.

Functions

crypto_secretbox_open(ciphertext, nonce, key)

@spec crypto_secretbox_open(binary(), binary(), binary()) ::
  {:ok, binary()} | {:error, :decryption_failed}

Opens (decrypts) a NaCl secretbox using XSalsa20-Poly1305.

Parameters

  • ciphertext - The encrypted data (includes auth tag)
  • nonce - 24-byte nonce (usually zeros for Tezos key encryption)
  • key - 32-byte encryption key derived from passphrase

Returns

  • {:ok, plaintext} - Successfully decrypted data
  • {:error, reason} - Decryption failed