How do I encrypt a message using caesium in Clojure?

Use the secretbox namespace; create a key with new-key!, a nonce, and call encrypt with the key, nonce, and plaintext bytes. The README provides a minimum viable snippet showing secretbox encryption and decryption with example code.

Is caesium better than other Clojure crypto libraries like buddy?

caesium offers direct libsodium bindings with secure memory handling, ideal for low-level control and libsodium compatibility. Buddy provides higher-level abstractions and easier use for common tasks, so choose based on your need for control vs convenience.

Does caesium support password hashing with modern algorithms?

Yes, it supports libsodium's pwhash which includes Argon2, with examples in the README for hashing passwords and key derivation using opslimit-sensitive and memlimit-sensitive parameters.

How to safely zero out sensitive data after use in caesium?

Since APIs use byte arrays or ByteBuffers, you can manually set them to zero after operations. The library provides the necessary APIs but leaves memory management to the developer, as emphasized in the secure memory handling feature.

Can I use caesium on a server without installing libsodium?

No, caesium requires libsodium to be installed on the system, as it's a direct binding. This might limit deployment in environments where native installations are restricted or in containerized setups without libsodium.

What's the performance impact of using caesium?

caesium leverages libsodium's optimized C code via jnr-ffi, which can offer better performance for cryptographic operations, but introduces JNI overhead and depends on native library availability, so benchmark for your specific use case.

caesium — Clojure Cryptography Library

What is caesium?

caesium is a cryptography library for Clojure that provides direct bindings to libsodium, a modern and secure cryptographic library. It enables Clojure developers to perform encryption, decryption, password hashing, and other cryptographic operations with the same security guarantees as libsodium. The library focuses on exposing libsodium's APIs faithfully while allowing fine-grained control over memory and security.

Target Audience

Clojure developers who need secure cryptographic operations in their applications, particularly those who require low-level control and compatibility with libsodium's APIs.

Value Proposition

Developers choose caesium for its direct, zero-copy bindings to libsodium, secure memory handling, and high-quality implementation by a cryptographer. It avoids abstraction layers that could introduce vulnerabilities while providing predictable, well-tested APIs.

Modern cryptography (libsodium/NaCl) for Clojure

Use Cases

Best For

Adding encryption and decryption to Clojure applications
Implementing secure password hashing in Clojure services
Building cryptographic tools with libsodium compatibility
Developing security-sensitive Clojure libraries
Integrating with GitHub Actions secrets programmatically
Performing public-key cryptography operations in Clojure

Not Ideal For

Projects requiring high-level, abstracted cryptography APIs without manual memory management
Environments where installing native libsodium libraries is prohibited or challenging
Teams that prefer self-contained libraries with extensive built-in documentation and examples
Applications needing cryptographic features not supported by libsodium

Pros & Cons

Pros

Direct Libsodium Bindings

Uses jnr-ffi for zero-copy behavior between JVM and C, ensuring efficient and accurate mapping of libsodium's functions, as highlighted in the README for performance and compatibility.

Secure Memory Control

APIs operate on byte arrays or ByteBuffers, allowing developers to manually zero sensitive data, which is crucial for preventing memory leaks in cryptographic applications, as emphasized in the philosophy section.

Comprehensive Cryptography Suite

Supports libsodium's full range including secretbox, password hashing, and public-key cryptography, making it versatile for various security needs, with examples provided in the README.

Expert Implementation

Written by a cryptographer with extensive testing, CI, and high code coverage, ensuring reliability and security, as noted in the differences section.

Cons

Native Dependency Required

Requires libsodium 1.0.18+ to be installed separately, adding setup complexity and potential cross-platform issues, which is explicitly noted in the README as a prerequisite.

Low-Level API Complexity

APIs are low-level and closely mirror libsodium, requiring developers to have a good understanding of cryptography and memory management, making it less accessible for those seeking simpler abstractions.

Documentation Reliance on External Sources

The README directs users to libsodium's documentation for details, meaning there's less Clojure-specific guidance and examples, which can increase the learning curve.

Frequently Asked Questions

What is caesium?

Target Audience

Clojure developers who need secure cryptographic operations in their applications, particularly those who require low-level control and compatibility with libsodium's APIs.

Value Proposition

Use Cases

Best For

Adding encryption and decryption to Clojure applications
Implementing secure password hashing in Clojure services
Building cryptographic tools with libsodium compatibility
Developing security-sensitive Clojure libraries
Integrating with GitHub Actions secrets programmatically
Performing public-key cryptography operations in Clojure

Not Ideal For

Projects requiring high-level, abstracted cryptography APIs without manual memory management
Environments where installing native libsodium libraries is prohibited or challenging
Teams that prefer self-contained libraries with extensive built-in documentation and examples
Applications needing cryptographic features not supported by libsodium

Pros & Cons

Pros

Direct Libsodium Bindings

Uses jnr-ffi for zero-copy behavior between JVM and C, ensuring efficient and accurate mapping of libsodium's functions, as highlighted in the README for performance and compatibility.

Secure Memory Control

Comprehensive Cryptography Suite

Supports libsodium's full range including secretbox, password hashing, and public-key cryptography, making it versatile for various security needs, with examples provided in the README.

Expert Implementation

Written by a cryptographer with extensive testing, CI, and high code coverage, ensuring reliability and security, as noted in the differences section.

Cons

Native Dependency Required

Requires libsodium 1.0.18+ to be installed separately, adding setup complexity and potential cross-platform issues, which is explicitly noted in the README as a prerequisite.

Low-Level API Complexity

Documentation Reliance on External Sources

The README directs users to libsodium's documentation for details, meaning there's less Clojure-specific guidance and examples, which can increase the learning curve.

Frequently Asked Questions

caesium

What is caesium?

Overview

Use Cases

Best For

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions

Related Projects

Found a gem we're missing?

caesium

What is caesium?

Overview

Use Cases

Best For

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions

Related Projects

Found a gem we're missing?