Playing with RbNaCl, Saving and retrieving private_key

[Muhammad Al-Iman Mohd Zain]

Dear All, 

I am new to encryption, I have follow some simple encryption tutorial from stackoverflow using openssl method and it works ok. but I just found out about RbNaCl and its really cool. 

So I dig my hand on it. playing with the simple box API. and it works great. but I could not find a good tutorial about how I can make it persistent, I mean, I have created private key for each person, and transfer the public key to each person. but if I close irb all the private key is gone. How should I save it. in openSSL i can save the password. and re init the encryption using the password.. put for Private/Public Key I just dont know how. I do play with openVPN and some other apps that use cert. can RbNaCl works the same?

Thanks. 

[Tony Arcieri]

RbNaCl does not provide any facilities for secure private key storage.

However, you could derive a symmetric encryption key from a password using Argon2 or scrypt, then encrypt the private key using either ChaCha20Poly1305 AEAD or crypto_box (XSalsa20Poly1305)

--

Tony Arcieri

[Muhammad Al-Iman Mohd Zain]

Oh.. I will try it, what should I do to extract the private key? if I have the secure storage? and from the stored key, how could do to load it back into simplebox?

[Tony Arcieri]

It's just a parameter to SimpleBox, and one you have to provide initially. So: save it somewhere, and pass the same value.

--

Tony Arcieri

[Muhammad Al-Iman Mohd Zain]

Oh.. got it.. it works now.. so initially I have to create both private/public key pair.. by the way, does rbnacl provide automatic encoding? cause now I have to convert the key into base64 encoding and save it to secure DB. later fetch and decode back to ASCI 8 bit.