Elixir SDK for Pocketenv
Use BLAKE2b-24 for nonce generation
+2
-2
+2
-2
lib/pocketenv/crypto.ex
+2
-2
lib/pocketenv/crypto.ex
···
45
45
defp box_seal(message, recipient_pk) do
46
46
{eph_pk, eph_sk} = :crypto.generate_key(:ecdh, :x25519)
47
47
48
-
# nonce = BLAKE2b(eph_pk || recipient_pk), take first 24 bytes
49
-
nonce = :crypto.hash(:blake2b, eph_pk <> recipient_pk) |> binary_part(0, 24)
48
+
# nonce = BLAKE2b-24(eph_pk || recipient_pk) — matches libsodium exactly
49
+
nonce = :crypto.hash({:blake2b, 24}, eph_pk <> recipient_pk)
50
50
51
51
{ciphertext, _state} = Kcl.box(message, nonce, eph_sk, recipient_pk)
52
52