v0.10.0 - New signature API

dchest released this 26 Jul 14:18

· 204 commits to master since this release

4e19366

Signature API breaking change! nacl.sign and nacl.sign.open now deal
with signed messages, and new nacl.sign.detached and
nacl.sign.detached.verify are available.

Previously, nacl.sign returned a signature, and nacl.sign.open accepted a
message and "detached" signature. This was unlike NaCl's API, which dealt with
signed messages (concatenation of signature and message).

The new API is:
```
nacl.sign(message, secretKey) -> signedMessage
nacl.sign.open(signedMessage, publicKey) -> message | null
```
Since detached signatures are common, two new API functions were introduced:
```
nacl.sign.detached(message, secretKey) -> signature
nacl.sign.detached.verify(message, signature, publicKey) -> true | false
```
(Note that it's verify, not open, and it returns a boolean value, unlike
open, which returns an "unsigned" message.)
NPM package now comes without test directory to keep it small.

Assets 2