Description
A Ruby binding to the state-of-the-art Networking and Cryptography
library by Daniel J. Bernstein. This is NOT Google Native Client.
This is a crypto library.
On a completely unrelated topic, RbNaCl is also the empirical formula for
Rubidium Sodium Chloride.
Need help with RbNaCl? Join the RbNaCl Google Group.
We're also on IRC at #cryptosphere on irc.freenode.net
RbNaCl alternatives and similar gems
Based on the "Security" category.
Alternatively, view RbNaCl alternatives based on common mentions on social networks and blogs.
-
-
-
-
-
-
-
Bearer
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks. -
Hashids
A small Ruby gem to generate YouTube-like hashes from one or many numbers. Use hashids when you do not want to expose your database ids to the user. -
-
Ronin
Ronin is a Free and Open Source Ruby Toolkit for Security Research and Development. Ronin also allows for the rapid development and distribution of code, exploits, payloads, etc, via 3rd-party git repositories. -
Rack::UTF8Sanitizer
Rack::UTF8Sanitizer is a Rack middleware which cleans up invalid UTF8 characters in request URI and headers. -
ActiveHashcash
Protect Rails applications against bots and brute force attacks without annoying humans. -
-
-
ronin-vulns
Tests URLs for Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL injection (SQLi), and Cross Site Scripting (XSS), Server Side Template Injection (SSTI), and Open Redirects. -
TSS - Threshold Secret Sharing
A Ruby implementation of Threshold Secret Sharing (Shamir) as defined in IETF Internet-Draft draft-mcgrew-tss-03.txt -
-
Rack::ContentSecurityPolicy
DISCONTINUED. Rack middleware for declaratively setting the HTTP ContentSecurityPolicy (W3C CSP Level 2/3) security header to help prevent against XSS and other browser based attacks. -
sessionKeys
A tool for the deterministic generation of unique user IDs, and NaCl cryptographic keys from a single username and high entropy passphrase.
CodeRabbit: AI Code Reviews for Developers
* Code Quality Rankings and insights are calculated and provided by Lumnify.
They vary from L1 to L5 with "L5" being the highest.
Do you think we are missing an alternative of RbNaCl or a related project?
README
Ruby binding for libsodium, a fork of the Networking and Cryptography library.
Why libsodium/NaCl?
NaCl is a different kind of cryptographic library. In the past crypto libraries were kitchen sinks of little bits and pieces, like ciphers, MACs, signature algorithms, and hash functions. To accomplish anything you had to make a lot of decisions about which specific pieces to use, and if any of your decisions were wrong, the result was an insecure system. The choices are also not easy: EAX? GCM? CCM? AES-CTR? CMAC? OMAC1? AEAD? NIST? CBC? CFB? CTR? ECB? OMGWTFBBQ!
NaCl puts cryptography on Rails! Instead of making you choose which cryptographic primitives to use, NaCl provides convention over configuration in the form of expertly-assembled high-level cryptographic APIs that ensure not only the confidentiality of your data, but also detect tampering. These high-level, easy-to-use APIs are designed to be hard to attack by default in ways primitives exposed by libraries like OpenSSL are not.
This approach makes NaCl a lot closer to a system like GPG than it is to the cryptographic primitive APIs in a library like OpenSSL. In addition, NaCl also uses state-of-the-art encryption, including Curve25519 elliptic curves and the XSalsa20 stream cipher. This means with NaCl you not only get a system which is designed to be secure-by-default, you also get one which is extremely fast with comparatively small cryptographic keys.
Is it any good?
Supported platforms
You can use RbNaCl on platforms libsodium is supported (see below).
This library aims to support and is tested against the following Ruby versions:
- Ruby 2.5
- Ruby 2.6
- Ruby 2.7
- JRuby 9.2
If something doesn't work on one of these versions, it's a bug.
Installation
Note: Windows installation instructions are available.
libsodium
To use RbNaCl, you will need to install libsodium:
https://github.com/jedisct1/libsodium
At least version 1.0.0 is required.
For OS X users, libsodium is available via homebrew and can be installed with:
brew install libsodium
For FreeBSD users, libsodium is available both via pkgng and ports. To install a binary package:
pkg install libsodium
To install from ports on FreeBSD, use your favorite ports front end (e.g. portmaster or portupgrade), or use make as follows:
cd /usr/ports/security/libsodium; make install clean
RbNaCl gem
Once you have libsodium installed, add this line to your application's Gemfile:
gem 'rbnacl'
And then execute:
$ bundle
Or install it yourself as:
$ gem install rbnacl
Inside of your Ruby program do:
require 'rbnacl'
...to pull it in as a dependency.
Documentation
RbNaCl's documentation can be found in the Wiki. The following features are supported:
- SimpleBox: easy-to-use public-key or secret-key encryption "on Rails"
- Secret-key Encryption: authenticated symmetric encryption using a single key shared among parties
- Public-key Encryption: securely send messages to a given public key which can only be decrypted by a secret key
- Digital Signatures: sign messages with a private key which can be verified by a public one
- Authenticators: create codes which can be used to check the authenticity of messages
- Hash Functions: compute a secure, fixed-length code from a message which does not reveal the contents of the message
Additional power-user features are available. Please see the Wiki for further information.
YARD API documentation is also available.
Learn More
While NaCl has designed to be easier-than-usual to use for a crypto library, cryptography is an incredibly difficult subject and it's always helpful to know as much as you can about it before applying it to a particular use case. That said, the creator of NaCl, Dan Bernstein, has published a number of papers about NaCl. If you are interested in learning more about how NaCl works, it's recommended that you read them:
- Cryptography in NaCl
- Salsa20 Design
- Curve25519: new Diffie-Hellman speed records
- Ed25519: High-speed high-security signatures
For more information on libsodium, please check out the Introducing Sodium blog post
Have a general interest in cryptography? Check out the free course Coursera offers from Stanford University Professor Dan Boneh:
Important Questions
Is it "Military Grade™"?
Only if your military understands twisted Edwards curves
Is it "Bank Grade™"?
No, that means 3DES, which this library doesn't support, sorry
Does it have a lock with a checkmark?
Sure, here you go:
Contributing
- Fork this repository on Github
- Make your changes and send a pull request
- If your changes look good, we'll merge 'em
License
Copyright (c) 2012-2018 Tony Arcieri, Jonathan Stott. Distributed under the MIT License. See LICENSE.txt for further details.
*Note that all licence references and agreements mentioned in the RbNaCl README section above
are relevant to that project's source code only.