sodium_crypto_box_seal
Encrypt a message such that only the recipient can decrypt it.
Unlike with sodium_crypto_box, you only need to know the recipient's public key to use sodium_crypto_box_seal. One consequence of this convenience, however, is that the ciphertext isn't bound to a static public key, and is therefore not authenticated. Hence, anonymous public-key encryption.
sodium_crypto_box_seal still provides ciphertext integrity. Just not sender identity authentication.
If you also need sender authentication, the sodium_crypto_sign functions are likely the best place to start.
Parameters
- message
-
The message to encrypt.
- public_key
-
The public key that corresponds to the only key that can decrypt the message.
Return Values
A ciphertext string in the format of (one-time public key, encrypted message, authentication tag).