Module type Dirsp_proscript.PROSCRIPT_CRYPTO
The ProScript.crypto
interface for core cryptographic primitives like SHA-256.
type t
The type that will be used to represent contiguous bytes; typically either Bytes.t or Cstruct.t
type aes_decrypted
=
{
plaintext : t;
valid : bool;
}
Decrypted AES data
val random12Bytes : t -> t
random12Bytes id
creates a 12-byte random buffer withid
providing a random generation hint.id
will be ignored for a true random number generator. Butid
may be used for mock random number generators or pseudo random generators to provide repeatability.- raises Crypto_failure
for a failure to generate random numbers
val random32Bytes : t -> t
random32Bytes id
creates a 32-byte random buffer withid
providing a random generation hint.id
will be ignored for a true random number generator. Butid
may be used for mock random number generators or pseudo random generators to provide repeatability.- raises Crypto_failure
for a failure to generate random numbers
val xDH25519 : t -> t -> t
xDH25519 scalar base
, commonly known as X25519, creates a public key or shared secret using the product of the private keyscalar
and the base point or public keybase
on an elliptic curve.- parameter scalar
Private key in a 32-byte buffer
- parameter base
Base point (or public key)
- returns
Public key (or shared secret if
base
was a public key) in a 32-byte buffer
- raises Crypto_failure
when the private key or base point are not both 32 bytes long
val xAESGCMEncrypt : t -> t -> t -> t -> aes_encrypted
xAESGCMEncrypt k iv m aad
encrypts the messagem
with the symmetric keyk
and an initialization vectoriv
and any additional authenticated dataaad
using the AES-GCM algorithm.- raises Crypto_failure
when the symmetric key is not a correct length for AES or when the initialization vector is not a correct length for AES-GCM
val xAESGCMDecrypt : t -> t -> aes_encrypted -> t -> aes_decrypted
xAESGCMDecrypt k iv m aad
decrypts the messagem
with the symmetric keyk
and an initialization vectoriv
and any additional authenticated dataaad
using the AES-GCM algorithm.Check the validity of the result by looking at the returned
aes_decrypted.valid
.- raises Crypto_failure
when the symmetric key is not a correct length for AES or when the initialization vector is not a correct length for AES-GCM
val xSHA256 : t -> t
xSHA256 m
constructs the SHA-256 hexadecimal digest of messagem
.Be aware that this function gives the ASCII bytes of the hexdump of the SHA-256 digest, not the raw SHA-256 digest bytes. The bytes look like the output of the first column from the UNIX program "sha256sum".
val xSHA512 : t -> t
xSHA512 m
constructs the SHA-512 hexadecimal digest of messagem
.Be aware that this function gives the ASCII bytes of the hexdump of the SHA-512 digest, not the raw SHA-512 digest bytes. The bytes look like the output of the first column from the UNIX program "sha512sum".
val xHMACSHA256 : t -> t -> t
xHMACSHA256 k m
constructs the authentication code for messagem
under the secret keyk
using standard HMAC construction over SHA-256, commonly known as the HMAC-SHA-256 algorithm.
module ED25519 : PROSCRIPT_CRYPTO_ED25519 with type t = t