1. sodium
    1. Description
    2. API
      1. Sodium
      2. Helpers
      3. Hashing
      4. Public-key signatures
      5. Generating random data


Bindings to the libsodium crypto library, a "portable, cross-compilable, installable, packageable fork of NaCl, with a compatible API, and an extended API to improve usability even further".



[procedure] (sodium-version-string)

Returns a string representing the current libsodium version.

[procedure] (sodium-init)

Initializes the library and should be called before any other function provided by Sodium. The function can be called more than once, and can be called simultaneously from multiple threads since libsodium version 1.0.11.


[procedure] (constant-time-blob=? a b len)

Compares two blobs in constant time. Important when a comparison involves secret data (e.g. key, authentication tag), in order to mitigate side-channel attacks.

[procedure] (bin->hex bin)

Returns a string containing a hex representation of the binary data in the blob 'bin'.

[procedure] (hex->bin hex #!optional ignore)

Returns a blob of the binary data represented by the hex string 'hex'. Ignore is a string of characters to skip. For example, the string ": " allows columns and spaces to be present at any locations in the hexadecimal string. These characters will just be ignored. As a result, "69:FC", "69 FC", "69 : FC" and "69FC" will be valid inputs, and will produce the same output.


[constant] generic-hash-bytes

The minimum *recommended* output size of a generic-hash.

[constant] generic-hash-bytes-min

The actual minimum size of a generic-hash.

[constant] generic-hash-bytes-max

The maximum size of a generic-hash.

[constant] generic-hash-key-bytes

The recommended size of a generic-hash key.

[constant] generic-hash-key-bytes-min

The minimum size of a generic-hash key.

[constant] generic-hash-key-bytes-max

The maximum size of a generic-hash key.

[procedure] (generic-hash data #!key (size generic-hash-bytes) key)

Returns a fingerprint of 'data' using the BLAKE2b hashing algorithm. Returns a blob of size 'size', which should be between generich-hash-bytes-min and generic-hash-bytes-max. A key can also be specified. A message will always have the same fingerprint for a given key, but different keys used to hash the same message are very likely to produce distinct fingerprints.

[procedure] (generic-hash-init #!key (size generic-hash-bytes) key)

The streaming API alternative to generic-hash. This function returns a hash state object, which can be updated using generic-hash-update, then the final hash can be obtained using generic-hash-final.

[procedure] (generic-hash-update state data)

Updates the hash state (returned from a generic-hash-init call) with new data.

[procedure] (generic-hash-final state)

Returns the current hash value for 'state' (as returned from generic-hash-init) as a blob.

Public-key signatures

[constant] sign-public-key-bytes

Size of a ed25519 signing public key in bytes.

[constant] sign-secret-key-bytes

Size of a ed25519 signing secret key in bytes.

[procedure] (sign-keypair)

Generates a new ed25519 signing key pair and returns two values the public-key and the secret-key.

[procedure] (sign-ed25519-secret-key->public-key secret-key)

Extracts the public ed25519 signing key from the secret key.

[constant] sign-bytes

Size of an ed25519 signature in bytes.

[procedure] (sign-detached data secret-key)

Returns a separate ed25519 signature of 'data' as a blob.

[procedure] (sign-verify-detached signature data public-key)

Verifies a detached signature against 'data' and 'public-key'. Returns #t if verified, #f otherwise.

[constant] scalarmult-curve25519-bytes

Size of curve25519 key in bytes.

[procedure] (sign-ed25519-public-key->curve25519)

Converts an ed25519 public key to a curve25519 public key.

Note: if you can afford it, using distinct keys for signing and for encryption is still highly recommended.

[procedure] (sign-ed25519-secret-key->curve2551)

Converts an ed25519 secret key to a curve25519 secret key.

Note: if you can afford it, using distinct keys for signing and for encryption is still highly recommended.

Generating random data

[procedure] (random-byte)

Returns an unpredictable value between 0 and 0xffffffff (included) as an integer.

[procedure] (random-uniform upper-bound)

Returns an unpredictable value between 0 and upper-bound (excluded). Unlike (modulo random-byte upper-bound), it does its best to guarantee a uniform distribution of the possible output values even when upper-bound is not a power of 2.

[procedure] (random-blob n)

Returns a new blob of size 'n', filled with random bytes.