Recommend this page to a friend! 
Classes of Scott Arciszewski  >  sapient  >  docs/Specification.md  >  Download 

DownloadSapient SpecificationOverviewSapient provides the following operations that can be performed on HTTP requests and responses:
OperationsSharedkey AuthenticationMessages are authenticated with HMACSHA512256, as provided by NaCl. HMACSHA512256 is the leftmost 32 bytes of a raw binary string generated by HMACSHA512. Sapient encodes the MAC with base64url, then
stores it in a SharedKey EncyptionMessages are encrypted with XChaCha20Poly1305, with a random 24byte nonce. The nonce must be generated from the operating system's nonblocking CSPRNG
(i.e. After encryption, the nonce is prepended to the ciphertext. The encrypted message (in raw binary) is formatted like this.
Ciphertexts are base64urlencoded in transmission. PublicKey SignaturesMessages are authenticated with Ed25519, as provided by NaCl and defined in RFC 8032. Sapient encodes the signature with base64url, then
stores it in a PublicKey Encyption (Sealing)Each message encryption generates an ephemeral X25519 keypair. The ephemeral public key will be prepended to the ciphertext so that the shared secret key can be recalculated by a recipient with the correct X25519 signing key. The derived key will be the first 32 bytes of a 56byte BLAKE2b hash of the X25519 shared secret and both public keys. The nonce for the message will be the remaining 24 bytes. The message is then encrypted with XChaCha20Poly1305, with the ephemeral public key prepended to the message (and used as addition data). The encrypted message (in raw binary) is formatted like this. Messages are encrypted with XChaCha20Poly1305, with a random 24byte nonce.
The process for encrypting a message with a recipient's public key (
The process for decrypting a sealed message is as follows:
Ciphertexts are base64urlencoded in transmission. 