### Installing PyNaCl Source Build with System Libsodium (console) Source: https://github.com/pyca/pynacl/blob/main/INSTALL.rst Installs the PyNaCl library from source using pip, instructing it to use the system-provided libsodium library instead of the bundled copy by setting the SODIUM_INSTALL environment variable. ```console $ SODIUM_INSTALL=system pip install pynacl ``` -------------------------------- ### Install PyNaCl using pip Source: https://github.com/pyca/pynacl/blob/main/INSTALL.rst Installs the PyNaCl library using pip. This is the standard method for most platforms as PyNaCl ships with pre-compiled binary wheels. ```console pip install pynacl ``` -------------------------------- ### Verify local libsodium installation Source: https://github.com/pyca/pynacl/blob/main/docs/vectors/bundled_library_build.rst Lists the contents of the build/libsodium/lib and build/libsodium/include directories to confirm successful installation. ```bash $ ls build/libsodium/{lib,include} ``` -------------------------------- ### Build libsodium locally on Linux Source: https://github.com/pyca/pynacl/blob/main/docs/vectors/bundled_library_build.rst Steps to compile and install libsodium within the PyNaCl source directory. This avoids system-wide installation and is useful for testing. ```bash $ mkdir -p build/libsodium $ cd build/libsodium $ ../../src/libsodium/configure --prefix=$PWD --disable-shared $ make $ make install $ cd ../.. ``` -------------------------------- ### Blake2b Key Derivation Example Source: https://github.com/pyca/pynacl/blob/main/docs/hashing.rst Illustrates how to use the blake2b algorithm as a Key Derivation Function (KDF). This example shows generating a master key, a derivation salt, and personalization data to derive a unique key for each message, enhancing security by preventing key reuse. ```python import nacl.encoding import nacl.utils from nacl.hash import blake2b master_key = nacl.utils.random(64) derivation_salt = nacl.utils.random(16) personalization = b'' derived = blake2b(b'', key=master_key, salt=derivation_salt, person=personalization, encoder=nacl.encoding.RawEncoder) ``` -------------------------------- ### Compile with local libsodium Source: https://github.com/pyca/pynacl/blob/main/docs/vectors/bundled_library_build.rst Example of how to invoke the C compiler using the defined environment variables to link against the locally built libsodium. ```bash $ cc ${SODIUMINCL} ${SODIUMLIB} ``` -------------------------------- ### PyNaCl Encoding Example Source: https://github.com/pyca/pynacl/blob/main/docs/encoding.rst Demonstrates how to generate a signing key and encode it using the HexEncoder, and then decode it back into a SigningKey object. ```python import nacl.signing import nacl.encoding # Generate a signing key and encode it in hex hex_key = nacl.signing.SigningKey.generate().encode(encoder=nacl.encoding.HexEncoder) # Decode the hex key back into a SigningKey object signing_key = nacl.signing.SigningKey(hex_key, encoder=nacl.encoding.HexEncoder) ``` -------------------------------- ### SHA256 Integrity Check Example Source: https://github.com/pyca/pynacl/blob/main/docs/hashing.rst Demonstrates how to use nacl.hash.sha256 to create a digest for a message and verify its integrity. This example shows the creator's perspective, sending the message and its digest. ```python import nacl.encoding import nacl.hash HASHER = nacl.hash.sha256 # could be nacl.hash.sha512 or nacl.hash.blake2b instead # define a 1024 bytes log message msg = 16*b'256 BytesMessage' digest = HASHER(msg, encoder=nacl.encoding.HexEncoder) # now send msg and digest to the user print(nacl.encoding.HexEncoder.encode(msg)) print(digest) ``` -------------------------------- ### PyNaCl ensure() Example Usage Source: https://github.com/pyca/pynacl/blob/main/docs/exceptions.rst Provides an example of how to use the 'ensure' function to validate that a variable 'a' is either 1 or 2, raising an AssertionError with a custom message if the condition is not met. ```python nacl.exceptions.ensure( a == 1 or a == 2, "a must be either 1 or 2" ) ``` -------------------------------- ### pyblake2 Hash Examples Source: https://github.com/pyca/pynacl/blob/main/tests/data/crypto-test-vectors-blake2-salt-personalization.txt This snippet displays various hexadecimal hash strings generated by pyblake2, along with associated numerical and string data. These are likely outputs from hashing operations. ```python d0e3b6e1050430909086a2c2ae42b08f0f34860be6138557436fead021a40c38b506f8c749c5da19ddc6bec6bfb0c76fa22c1801aa54249b647d732d57aae5c72088426b1ba5e052f6bbeab518bd234ef3e122b92f9cfb2f1ecdca182ed5b258eaeae03f999e1a65e84280fd792d2a2553ef6fc1614652f6da773b153bfda6ea95b7ec62f4f8dd2262589507526db748f066a1f980215746aaed89d182e485af7850daadcf79b8611df7b801ae5 f0876552ab501b2065f26d6543dc04 21fda0a45f7dda16b25107371dcacd59 a0ff2514c7f925ba4401fa593e0d3e20 39 9eba6368844f05faabcde4be6c24d2cc7718c08d6e6348008f670922c857242ab8a03ac6fd824a bed5f71839b885669470b8094b4ea6252e1f117dda88a6ed21fa87b71f2fcf0bc7fa00e9653fb2e372d15bfc61b06f627a0a5fe7a0128fadb45b19a0accec0838942aa82669ea4db5f2bef7e98023cb86bc77b2a8f62b760816c306b640ca55f46d48de03c84616aec60794791102b4b3d5672e9968b70c5870670420be7be9220470c969aee0ad5f4ef81d4d89a bf556108e270cb7f9702c5dd63eda81307ca06464349a59944b1d824fd4c158efaabf589efb0a3de0a6dcea8722d4c8fe9 d2e15e4f22d9798b09768113f2afe942 e3b0ba074d91d06f80704913bcb27c5f 43 c8fcc0317f9ea0f3a82d5069e9151584808eafd009dbef154318727a3a4298b96888b910f3f851bc17a458 49131001f5fd06027b22f70ff8cc265e2404b85ebd8326afecf1685424173fa79e7d05c7bc288b7475a67607de0589ef540581fa577b0d01447bc7cf11a46b732891b2582d1abf0493d059ea59439e056d09ead82244b60bf078e663d4e55791b1d9f6a67cda5ca6729917e40a57e4eeaa5ca93be7d983d156e81c7ba9287eebe8346a02a18b25fbe467fa9c660f3a310e489eb3 ab8f73a55e548d32de5284a309560bc55eb10a76a92e6ba4ef01246524324da42a7e4fa0b7e1334906 d5f5af06203897770100a7698b417e2d c4c5ee2b69a80039eb7826f4bde82b33 7 2dac6c1ac78830 d606f162caafd3eb4dc1bbf6f1d1cf2d045ca11ea6f773b2049c75a352736053fe3423190765a6d5374dd0c1dae32213fb66803ee092d3460fd266d5a3a2eea07b4004ee0cb31c4ccbbcd9f130f292d7776aaebc1fbe01b0b3146062c75b15cc8bc92e991c2582d8df86dbf86f0ec286c5f8dfee05566943fa4f66556e70b6251b0835123b04becda0b450b56736eef80e10020055ca5eae23bd023bb50e4915a277ea1db2317e37002167c4 7f8ee7407e6a6f20e11a4b2b533a4c84832c79c5194389e232e8 c58dfd6a147b5aae8758a8bec8c3d81d 6a3831e158d736c79b41069e2256f3cd 15 da8d8fa099b3d4755de10257c7bdb7 194b2cb7393d30f8f221d4866d0ba254c7eb318d7a30bbea1e8b0317c038d040bcf7edf52ae1929964dc15d2d3a6832076efb6f1087e55f7ff26b2883d56ded8167c2cd5d2f9dbfb940b340eb895fb63298598e61216285254f5894c0ae7f71a46e28d402efe2f7411a21d02c4dc43b492f6a90793d960ff01e8189664cb0e6047d7f68855a4dec64e5c74e7f4dce94151bdac5542493c96218e019cd64c52075a3e8c 6e1b791a9f387998d9bea9bc424abfc8237fb6d0016e5c0e182aabae74bb92a9367b64722c88e5688d4910d63176f13047585c7b4df9809d8d1266a2aae486 79544b0f355c5742ab12d3b32ff72734 76a585ee0d1d1d1652722b5fb179f840 5 4e8db3250d 310b4fe6259f393f2d0291b3bc28516ae3b095e34515849685705a69df44423c1f326765c71170a3bf434d2729b0a94888458bd4c3ef1e91387c1733c3d3c9b25719f7c1db063c64e0fd93d421f7a82d5069e915154b95aef005272d080ff84e6b62e6f53bfe171a2406743a845c2bb99ca8feddc98ff79f669defb0b864597d5e0638839682efd3fd781dec08982318430d41b63041e64bb6795fcfaa68 2f07e79e0adb1460e2 acb465485b2e361665459cc1c9227071 8f1dfc47a4e5287282d662dbeb01caae 49 4ab2edbecac38bb8828e053ccd2fd8923dac009a55845996c9f20fb99129c1d87b6689fc22baaf3d0729e631d665ab5de6 b5b3358e93f30bd17584f8a51b268219300be9f3459ae985d2df929711eb98c0dee8dc9f23beb7c5af54b74df5581d34cc6c03dc3c079b5e62e70751888f7fe9d5d8e6c4010987 3392788be70e299ff253b9a54158741b5a1e905f099571 1a363fb2d955ab019e2324d9ca3bdef1 ac25885900f26c98eaa353d275c7f32b 63 05308f1803df0a20bb50407ed24c9871d699c842aa23823bb1a5b9997341f5d5e3fd4bb42d615a4be2f5317132ff549780a6fea2cd912a6ee77dbd16c43063 5f5fc9d31eb3656875a6867a2265a0bbb52e24146910897e0b98e5fcb09ba5d2a90a64709f6727264598 f0558b50ace686c20b479dcb7f3b134ed1d588475e5262c4e1240b ac75ca0448f5d1e8764d58c4b0734aff 4185f71f717e19294664b9c32628d9ce 55 b41fb313cc018e1d05b47bc5d8945ca87b3a0c8fa49ed07b8970fa464fa1d6fdcf65223d4f2970c6dbb2dec851713fb3ffce392725d2e6 01912e7ebb371ddd630fd68894b72954e3b1fb1451211e96d83716a0041f333703a90333ad577be5d10136b72ae1cefa39d539d3618aa9febd15962fdaf8f531e4555a3634f3f078a13cb327ba5c6f95c4fcbf5cbe24c650c9adbc1f384cda0cbe91f44afa123597775cda3a0a0bded9e2b8cbd6e9018a6867559c2f3343a0b9abdcbe0a6762b321d27bd539df03aeff3f033d43ae66b3fc5f08378c8effa77c74f479c265ac52524aca1162a457afee79e3035fcf43061a5c6ef641111a3961ad 92746257fd2f2dcf39d87df0790f55f645f2afa110a6df22be686e1bd79407c87ae8bff826abfa4a4e18fa6615caf22b9d205df39592f5a67a94402fab52 5bd545969030cea1995e312a2996f142 d4ff6c389a428371295bfe8076ca81e5 43 878d94d0462151edf252b31ca75333a89965c50c1fc8f50e6fdff5b8cf3b4bff287686b7cb57589c3acaab ``` -------------------------------- ### Install PyNaCl on Linux using System libsodium Source: https://github.com/pyca/pynacl/blob/main/INSTALL.rst Installs PyNaCl on Linux while disabling the bundled libsodium and using the version provided by the system. This is done by setting the SODIUM_INSTALL environment variable. ```console SODIUM_INSTALL=system pip install pynacl ``` -------------------------------- ### AEAD Decryption with PyNaCl (chacha20-poly1305-old) - Second Example Source: https://github.com/pyca/pynacl/blob/main/tests/data/chacha20-poly1305-agl_ref.txt This snippet provides a second example of AEAD decryption using PyNaCl with the chacha20-poly1305-old cipher. It uses the key, nonce, associated data (AD), and ciphertext (CT) from the second encryption example to recover the original plaintext (IN). ```python from nacl.exceptions import CryptoError from nacl.secret import SecretBox # AEAD cipher configuration aead_cipher = 'chacha20-poly1305-old' key = bytes.fromhex('934fd043c32d16a88fad01c3506469b077cb79d258b5664fa55ad8521afdcaa2') nonce = bytes.fromhex('c7091f6afbbeb360') ciphertext_to_decrypt = bytes.fromhex('a5c8cf42287d4760fca755e2111817b981c47e85b0047de270ec301ca5f7b3679f4749210892b6ea6568f3a6a4344734a0efc0120ffedecf212d55cbcbb67815ac964875af45f735b70092a8f8435f52fc01b981ae971d486026fb69a9c3927acfe1f2eab0340ae95f8dbee41b2548e400805ece191db5fd1f0804053f1dbfaf7f8d6fded3874cb92d99a2729d3faaa60522060cf0b8101b463b3eb35b380fcddb6406c027d73fe701a5090c8dd531c203ce979e26b9ced3431e2b726a7244a20d9377bd62951bf5') associated_data = bytes.fromhex('5557b08a5010cbc9f46bb140c2505f68684eb24889324bff44b27234fd7a95a99cfb4ff90a8f9982085b725f78ac42eca6ce7f3314e457dc41f404008681a9d29ba765660de2e05bb679d65b81f5e797d8417b94eb9aabbd0576b5c57f86eae25f6050a7918e4c8021a85b47f7a83b4c8446898441c5cc4e0229776ef3e809cb085d71f3c75ec03378730cb066150f07e60f96aec983c0e7e72bf6bf87ae42228dfda195f97855fcdf4e6d1c4479d978abcfa276d16ed60ecbfbfc664041335ce65a40a2ca3424df') box = SecretBox(key, cipher=SecretBox.GEOMETRY[aead_cipher]) try: decrypted_plaintext = box.decrypt(ciphertext_to_decrypt, nonce, associated_data) print(f"Decrypted Plaintext: {decrypted_plaintext.hex()}") except CryptoError as e: print(f"Decryption failed: {e}") ``` -------------------------------- ### Blake2b Hashing Example Source: https://github.com/pyca/pynacl/blob/main/docs/hashing.rst Demonstrates the usage of blake2b for hashing messages with different keys and messages, showing how to generate Message Authentication Codes (MACs). It utilizes nacl.utils for random key generation and nacl.encoding for output formatting. ```python import nacl.encoding import nacl.utils from nacl.hash import blake2b msg = 16*b'256 BytesMessage' msg2 = 16*b'256 bytesMessage' auth_key = nacl.utils.random(size=64) auth1_key = nacl.utils.random(size=64) mac0 = blake2b(msg, key=auth_key, encoder=nacl.encoding.HexEncoder) mac1 = blake2b(msg, key=auth1_key, encoder=nacl.encoding.HexEncoder) mac2 = blake2b(msg2, key=auth_key, encoder=nacl.encoding.HexEncoder) for i, mac in enumerate((mac0, mac1, mac2)): print('Mac{0} is: {1}.'.format(i, mac)) ``` -------------------------------- ### Using Local libsodium Flags with Compiler (Bash) Source: https://github.com/pyca/pynacl/blob/main/docs/vectors/bundled_library_build.rst Example command showing how to use the previously set `SODIUMINCL` and `SODIUMLIB` environment variables on the C compiler command line. Dereferencing these variables provides the necessary include and library paths to the compiler, ensuring it links against the locally built libsodium. ```bash $ cc ${SODIUMINCL} ${SODIUMLIB} ``` -------------------------------- ### Authenticated Encryption with AEAD (ChaCha20-Poly1305-Old) - Example 3 Source: https://github.com/pyca/pynacl/blob/main/tests/data/chacha20-poly1305-agl_ref.txt A third example demonstrating the usage of ChaCha20-Poly1305-Old for authenticated encryption, providing another practical scenario. ```python from nacl.secret import SecretBox key = bytes.fromhex('4986fd62d6cb86b2eaf219174bec681bebcdef86c8be291f27d3e5dc69e2feba') nonce = bytes.fromhex('d08d486620ed2e84') in_data = bytes.fromhex('3a22ad5de387db4fdd5d62a1b728c23a8dddc50b1e89f54f6198b90499f9da3122ebeb38ebf5fdfe30309734f79aff01e3de1e196b35bffa33bae451f31f74b8aec03763f9e0861a34fe5db0b40c76e57c7fc582bfa19c94ee25b5e168270f379bf9f8a0a18bed05de256f8f0dd7c23ba2ff1c7f721409462f04cc611ad9bd4c3c9acf30742acfb9518a6375cbb15d65a1bc6993ea434894f93d4f6e05996ebc1bd56579296309a2c6b8fde95072168b5fd31927c4c0abaa056bcd16221d5f220be47591f43255013a262dce439817f534830ba82155347e5fe3101f8011b89365a6568214ed0661914e8cb3431d6c8f2347dfc1209a3eca4aaf0a111f47fe') ad_data = bytes.fromhex('7dd3f656a03c001b45ca0680bc3ac9d68c6e96b591d3c69eb8c65e489009d845cb331c98b82e627e06d5bf01e74c573df268c2386f12628c019951d42f55991ff20d72a7b2c45f41d0be7af428c92f324aaab8df70d900301cdf09a3d93eb711c919d34a86fff9cb078322ee2e0ad48dbdf3b7884f0f2dc5c36262c59bcfd75ac6200f59c6fcd0ce10ff5005fef5df8f0432377dfbfc1db8f559e27e1aeef3380ea3864867d36a25a18654779a751586cad3b8a46b90864ee697b08605673b8d2123433c020a21c4db243dde2420c12fd4d54a2704a0c8c376454a1b5e80fd6db89aabd56d9b421f29649e474824dfa56cb5c673c504d10be52b53751709fe') ct_data = bytes.fromhex('c40180afd53001663ff4834110f56e6b0f178cd3c0e7f7de5d0089ee41d8403ffb98e84922706544a344d7e2625b12cf66b9c966f9f57d7b94e3e4b34e6f0aaed1763ce012782e2f5e1682e6c343fc7961fedddd0919d0b910e9923c17e36406979b256b85aec24fa70098eb32fc9579e97917b923914fa2efc30ab29b457bf14e45583b3771486bdc0876f3ea6e1a646746f396394c1bf75f51ce') box = SecretBox(key, SecretBox.NONCE_SIZE) # Decryption example (assuming successful encryption) # plaintext = box.decrypt(ct_data, ad_data) ``` -------------------------------- ### Authenticated Encryption with ChaCha20-Poly1305 (Old) - Third Example Source: https://github.com/pyca/pynacl/blob/main/tests/data/chacha20-poly1305-agl_ref.txt A third example demonstrating the use of the older ChaCha20-Poly1305 AEAD cipher with different key and nonce values. ```python from nacl.secret import SecretBox # AEAD cipher name aead_cipher = "chacha20-poly1305-old" # Key for the cipher key = bytes.fromhex("fd6a3fdd879f8880843eac20ae01c1b9dc3487d270a806572088ef2ddc1f1e0de495e71d4813bf5c501ad31e5d791c4b5b3a0a71b63fdddcc8de4b056064ef467989ecccc5d0160d403bf3a025d4892b3b1de3e062bc3581d4410f273338311eb4637529e4a680a6e4a5e26e308630a5b6d49ead6d543f8f2bf9050aa94ce091318721e1d8b96e279f34b9759b65037bec4bf6ccda6929705aeeeebe49e327e4d7a916620c9faf3765120658af34c53fbb97ec07657b3f088fcbdc401aa7949ddeda34d885018c2c23f4f0bb8218bf0d4fc90643658b4d8834f4a8c08e590c2a790995baa9e77627c342d283e454f84fcc05be15e9627a2d9be340c9d72f222bbdfc47905f56616cd9f936d49e4732f319f020513340fb8b22828db251b102b6b137c9533936d6") # Nonce for the cipher nonce = bytes.fromhex("184095b7a8190abec08bb72d19eeb103") # Input data (likely ciphertext) input_data = bytes.fromhex("b842eadfdf431c135bd6581d3eccae54e2267d8890036aa33dfe2d2d9715c44625441210a3a0d666d708d30588fe851ec36e10d8fa3584ed77b095149494b7c54379d62c8935e1d2b9a8f47e4759ad0b3437fdf2cc2fb6c5ea25ad10e0bdc9dc5b0517fc237eb783cc461c46665e2b1d1a5b8008dbf409ea2a63fea0276de23a32c99d92a498807a0f95e208fc6262321a78aafaf0cc3f833fff37bd4efa66f6023a25cdc6702cee3912799563d908a5183c9956a06aa71085d855dc7c809ed6e2889592b361ab3ab39060f8e419152187a794a19c2a1128882201900ea2cd597860674bf78d9720643df8701676718fd201baed4935a88e50558daf86edd08a9ab227ac7afae55c974b68de8dacad4a4d79b13ed6dfe74017a4cb9148e033436fb6") # Initialize SecretBox with the key secretbox = SecretBox(key, encoder=None) # To decrypt the provided 'input_data', we would need the original plaintext # and the correct nonce used during encryption. # For demonstration, let's assume a plaintext and encrypt it. plaintext_to_encrypt = b"Yet another test message for old AEAD." # Encrypting requires a unique nonce for each message. # For this example, we'll use the provided nonce, but in practice, generate a new one. encrypted_data = secretbox.encrypt(plaintext_to_encrypt, nonce) print(f"Plaintext: {plaintext_to_encrypt}") print(f"Encrypted (with provided nonce): {encrypted_data}") # Decrypting the encrypted data decrypted_data = secretbox.decrypt(encrypted_data, nonce) print(f"Decrypted data: {decrypted_data}") # Note: The 'IN' data provided in the input is likely ciphertext from a previous operation. # To decrypt it, you would need the corresponding plaintext and the correct nonce. # The example above shows how to encrypt and decrypt with a given key and nonce. ``` -------------------------------- ### Authenticated Encryption with ChaCha20-Poly1305 (Old) - Second Example Source: https://github.com/pyca/pynacl/blob/main/tests/data/chacha20-poly1305-agl_ref.txt A second example demonstrating the use of the older ChaCha20-Poly1305 AEAD cipher with different key and nonce values. ```python from nacl.secret import SecretBox # AEAD cipher name aead_cipher = "chacha20-poly1305-old" # Key for the cipher key = bytes.fromhex("55a4be2448b464c2ea52a2f2664ed6aba865c14ea1fea77f4689331fd105c8d4") # Nonce for the cipher nonce = bytes.fromhex("db37c0a405b4626d") # Input data (likely ciphertext) input_data = bytes.fromhex("d266e66272e5d3462081b004cb42429c8b9741e9f678153754d726f6f9aa513464763c5e793b482fe512fece97585f1426120d4cefb3d0a8cc0a8db4bde93fc72c78f44d4fecca14650c660d3e285b327e7cdd813063e7e867b8a2d059a41bab70432b7f857199894da90dca3fe5272bae1ec694a1a07b60b05df275784d4975637e4673109f3ba846dfd1a048b202ed8e89973be608b91ee4743b1e759900f1443038951fe6189e806638985f3c16338c3c60695df58e621154d79bb973859c4558e9dca90470f77c73f004443ad5db0717abbe43266f90e57397b83ac34d1fef2e897e2483d5bcdcb627abd64b0d1aef525835f25e76d6e9158232cdde6dce970b59f58de8a98e653be32fb58edabbcefa5065d73afdf1c9c4fbf50c1022bd22bfcb98e4b422") # Initialize SecretBox with the key secretbox = SecretBox(key, encoder=None) # To decrypt the provided 'input_data', we would need the original plaintext # and the correct nonce used during encryption. # For demonstration, let's assume a plaintext and encrypt it. plaintext_to_encrypt = b"Another test message for old AEAD." # Encrypting requires a unique nonce for each message. # For this example, we'll use the provided nonce, but in practice, generate a new one. encrypted_data = secretbox.encrypt(plaintext_to_encrypt, nonce) print(f"Plaintext: {plaintext_to_encrypt}") print(f"Encrypted (with provided nonce): {encrypted_data}") # Decrypting the encrypted data decrypted_data = secretbox.decrypt(encrypted_data, nonce) print(f"Decrypted data: {decrypted_data}") # Note: The 'IN' data provided in the input is likely ciphertext from a previous operation. # To decrypt it, you would need the corresponding plaintext and the correct nonce. # The example above shows how to encrypt and decrypt with a given key and nonce. ``` -------------------------------- ### Faster PyNaCl Wheel Build with Parallelization Source: https://github.com/pyca/pynacl/blob/main/INSTALL.rst Accelerates the wheel build process for PyNaCl by enabling parallelization during the libsodium compilation. This is achieved by setting the LIBSODIUM_MAKE_ARGS environment variable. ```console LIBSODIUM_MAKE_ARGS=-j4 pip install pynacl ``` -------------------------------- ### Authenticated Encryption with AEAD (ChaCha20-Poly1305-Old) - Example 2 Source: https://github.com/pyca/pynacl/blob/main/tests/data/chacha20-poly1305-agl_ref.txt Another example showcasing ChaCha20-Poly1305-Old for authenticated encryption. This demonstrates the process with specific key, nonce, and data values. ```python from nacl.secret import SecretBox key = bytes.fromhex('65b63ed53750c88c508c44881ae59e6fff69c66288f3c14cfec503391262cafc') nonce = bytes.fromhex('7f5e560a1de434ba') in_data = bytes.fromhex('845ef27b6615fb699d37971db6b597930a7ef1e6f90054791eb04ddfe7252b5f88fd60eba5af469bc09661c0987a496fa540621afeec51bebda786826800943d977039dee76235248112ff8b743f25ed5f3cb0d3307f5e118d84fdbb9c3f5531bc177fb84549c994ea4496c65e5249da987dd755d46dc1788f582410266a10f291c1474f732183a2a39afe603771bb9c423fe3e8906f2be44a0c9a7c3f0ceb09d1d0f92d942383a875c0567c7869f045e56dd1a4d6e90c58d44fe0c5760bb4fd01de55439db52b56831e5a26a47de14249453a4f8e7da3cb3282c6622916197ebfaad85dd65c61e7d2d3ba626276366746f396394c1bf75f51ce') ad_data = bytes.fromhex('51a3588398808e1d6a98505c6e5601ae2a2766f1f28f8f69d1ccbcad18038c157b41525be58ae4527a073748b7a04809e52a5df0c7988417607738e63d7ead47db795a346b04e740186e73ccad79f725b58ee22dc6e30d1f0a218eda1791e2229b253d4ab2b963a43e12318c8b0785c20fca3abcf220c08745d9f9602f0ece544a05736d76b12d249699c9e3e99f3f13cf4e5dc13a04125c949a5b30d034b23cb364c8781964bc6c30e5e5ca9673d517ef5f35965d8a8cf1be017e343df97b6bee37b30638b154286d1f36d2f9a0eaa23cc484eac5a05b15d9efc537d989dbc8b3106c0dc1a56e97e6aec2eff54a82cf7ae9df2af46b4c860f83') ct_data = bytes.fromhex('027b14197b4012256b133b78ddc94e72fb4d724fefa4ae329f5a5fa3fa784fe6d7e1e805e3f7a75557de64de506d38237b467fa577efb59e7cfe2356bed6655c5aa4e238dcfeb75c16549a0917268768a96acb5e20546a1fb7e3a7cff887f49f2cd7a135f72a98a779150f3207bf733e88861fd79eadbf77fa3bfe97bfe8b6a991cb3bcc2cde8287f7e89384846561934b0f3e05e0646e0e1907770df67a7594161a4d0763faa6fa844080932159999d528ee0558710058ce16f97d13ac9fd9bf5044191188bbfb598d0fafbdf790b61ce0781ecc04218a30ded45efd498cc9ba03562ed2b4a993ee98876b3ab7a9bc07829f1c4ca6ead98c06b') box = SecretBox(key, SecretBox.NONCE_SIZE) # Decryption example (assuming successful encryption) # plaintext = box.decrypt(ct_data, ad_data) ``` -------------------------------- ### Set environment variables for local libsodium Source: https://github.com/pyca/pynacl/blob/main/docs/vectors/bundled_library_build.rst Defines and exports SODIUMINCL and SODIUMLIB environment variables to point the compiler to the locally built libsodium library. ```bash $ SODIUMINCL="-I${PWD}/build/libsodium/include" $ export SODIUMINCL $ SODIUMLIB="-L${PWD}/build/libsodium/lib" $ export SODIUMLIB ```