how to use a specific algorithm

[rofl0r]

i'd like to use crypto_box_curve25519xsalsa20poly1305 so i know what i get, but it isn't provided.

[stef]

it's kinda organic, if people miss a function they most of the time add it themselves and i just merge it in. it's pretty easy, checkout this https://github.com/stef/pysodium/blob/master/pysodium/init.py - and also previous closed PRs are a good info source.

[jedisct1]

It's already there and it's simply called crypto_box().

The full name crypto_box_curve25519xsalsa20poly1305 is just a deprecated alias for backward compatibility with the original NaCl API.

[rofl0r]

It's already there and it's simply called crypto_box().

no, it isn't. i want to use the full name of the API so if in 5 years a new algorithm is considered more secure and the default changed to point to that, my program will continue working because it explicitily calls crypto_box_curve25519xsalsa20poly1305.

[jedisct1]

https://doc.libsodium.org/quickstart#shall-i-call-crypto_generichash_blake-2-b-or-just-crypto_generichash

What is more likely is that undocumented, low-level APIs like this one will eventually get removed.

[rofl0r]

What is more likely is that undocumented, low-level APIs like this one will eventually get removed.

if they'd do that, generated keys for the current "whatever-is-currently-standard" API would suddenly stop working. imagine if you'd lose the key to your bitcoin wallet due to such a change... i suppose djb had a reason that e.g. tweetnacl ships with a huge header file that defines all these "undocumented, low-level APIs"

[jedisct1]

Just use crypto_box (or, better, crypto_kx and an AEAD). It won't be changed to a different algorithm. All high-level APIs won't see breaking changes.

Anyway, the good news is that what you are asking already exists in PySodium.

[stef]

if you agree i'll close this issue next time i come across it.