This sealed cryptobox encryption is a "one-way" or "anonymized" version of the Libsodium crytobox encryption program. Instead of explaining the difference I'm trying to give you a scenario where this encryption could get used.
Think of a website owner like me that want to receive encrypted information and therefore publishes his X25519 public key on his website - or provides a simple html web page that does the encryption with his hard coded public key: visit my example website. Now anyone can enter a message on the website and receives a (Base64 encoded) encrypted string that he can email to me.
On my side I will copy the message in my visit my locally running decryption webpage and receive the decrypted data.
You don't need to exchange any keys "upfront" - just paste the plaintext and receive the (encrypted) ciphertext for emailing the data to the recipient.
Seen from the technical view, the complete encryption is secure and authenticated. The risk remaining is that you don't know if the sender of the message is really the one he is pretending. By using of the "two-way" cryptobox you are sure that the ciphertext is from the person who has a specific private key and you received the public key directly from this person.
For a general overview kindly visit the Libsodium crypto box authenticated hybrid string encryption page.
I do not provide a "decryption only" version as all functions are available in the full version.
This is a serious warning regarding the security of the programs shown in these article series. Always keep in mind my disclaimer regarding my programs: All programs are for educational purposes and are not intended to use in production or any other programs where a secure solution is needed. The programs do not have proper exceptional/error handling and in some cases they use insecure key lengths or other methods that are insecure. Never ever use the programs in real life unless checked by a qualified professional cryptographer.
The following links provide the solutions in code and an online compiler that runs the code.
| Language | available | Online-compiler |
|---|---|---|
| Java | ✅ | repl.it CpcJavaSealedLibsodiumCryptoboxStringEncryption |
| PHP | ✅ | repl.it CpcPhpLibsodiumSealedCryptoboxStringEncryption |
| C# | ✅ | dotnetfiddle.net CpcCsharpLibsodiumSealedCryptoboxStringEncryption |
| Javascript / NodeJs | ✅ | repl.it CpcNodeJsLibsodiumSealedCryptoboxStringEncryption |
| NodeJS CryptoJs | ❌ | use above Javascript / NodeJs solution |
| NodeJS Crypto | ❌ | use above Javascript / NodeJs solution |
| NodeJS forge | ❌ | use above Javascript / NodeJs solution |
| Browser | ✅ | your browser LibsodiumSealedCryptoboxStringEncryption.html |
| Browser sample encryption only | ✅ | your browser LibsodiumSealedCryptoboxStringSampleEncryption.html |
| Browser sample decryption only | ✅ | your browser LibsodiumSealedCryptoboxStringSampleDecryption.html |
| Python | ✅ | repl.it CpcPythonSealedLibsodiumCryptoboxStringEncryption |
| Go | ✅ | replit.com CpcGoSealedLibsodiumCryptoboxStringEncryption |
| Dart *1) | ✅ | no online compiler available |
*1) you need the external library "flutter_sodium" to run the code (flutter_sodium: ^0.2.0)
This is an output (your will differ because a random element):
Libsodium sealed crypto box hybrid string encryption
plaintext: The quick brown fox jumps over the lazy dog
* * * encryption * * *
all data are in Base64 encoding
publicKeyB: jVSuHjVH47PMbMaAxL5ziBS9/Z0HQK6TJLw9X3Jw6yg=
ciphertext: Awjxnj2/60QXQEOGA+B5K/qeyg0k/A79Q4BqgQy75SzHhDala91DypryBjkErwf5QHZH6Z4nvFnKZ4XvRgufmEiUe6UBjpBQKM385vO2DJnGrHFYJA9FEmgUTw==
output is (Base64) ciphertext
* * * decryption * * *
privateKeyB: yNmXR5tfBXA/uZjanND+IYgGXlrFnrdUiUXesI4fOlM=
ciphertext: Awjxnj2/60QXQEOGA+B5K/qeyg0k/A79Q4BqgQy75SzHhDala91DypryBjkErwf5QHZH6Z4nvFnKZ4XvRgufmEiUe6UBjpBQKM385vO2DJnGrHFYJA9FEmgUTw==
input is (Base64) ciphertext
decrypt.text:The quick brown fox jumps over the lazy dog
Last update: Aug. 17th 2021
Back to the Libsodium overview page or the main page: readme.md