package mirage-crypto
Library
Module
Module type
Parameter
Class
Class type
The ChaCha20 cipher proposed by D.J. Bernstein.
include AEAD
val of_secret : string -> key
of_secret secret
constructs the encryption key corresponding to secret
.
Authenticated encryption and decryption with inline tag
val authenticate_encrypt :
key:key ->
nonce:string ->
?adata:string ->
string ->
string
authenticate_encrypt ~key ~nonce ~adata msg
encrypts msg
with key
and nonce
, and appends an authentication tag computed over the encrypted msg
, using key
, nonce
, and adata
.
val authenticate_decrypt :
key:key ->
nonce:string ->
?adata:string ->
string ->
string option
authenticate_decrypt ~key ~nonce ~adata msg
splits msg
into encrypted data and authentication tag, computes the authentication tag using key
, nonce
, and adata
, and decrypts the encrypted data. If the authentication tags match, the decrypted data is returned.
Authenticated encryption and decryption with tag provided separately
val authenticate_encrypt_tag :
key:key ->
nonce:string ->
?adata:string ->
string ->
string * string
authenticate_encrypt_tag ~key ~nonce ~adata msg
encrypts msg
with key
and nonce
. The computed authentication tag is returned separately as second part of the tuple.
val authenticate_decrypt_tag :
key:key ->
nonce:string ->
?adata:string ->
tag:string ->
string ->
string option
authenticate_decrypt ~key ~nonce ~adata ~tag msg
computes the authentication tag using key
, nonce
, and adata
, and decrypts the encrypted data. If the authentication tags match, the decrypted data is returned.
Authenticated encryption and decryption into existing buffers
val authenticate_encrypt_into :
key:key ->
nonce:string ->
?adata:string ->
string ->
src_off:int ->
bytes ->
dst_off:int ->
tag_off:int ->
int ->
unit
authenticate_encrypt_into ~key ~nonce ~adata msg ~src_off dst ~dst_off ~tag_off len
encrypts len
bytes of msg
starting at src_off
with key
and nonce
. The output is put into dst
at dst_off
, the tag into dst
at tag_off
.
val authenticate_decrypt_into :
key:key ->
nonce:string ->
?adata:string ->
string ->
src_off:int ->
tag_off:int ->
bytes ->
dst_off:int ->
int ->
bool
authenticate_decrypt_into ~key ~nonce ~adata msg ~src_off ~tag_off dst ~dst_off len
computes the authentication tag using key
, nonce
, and adata
, and decrypts the len
bytes encrypted data from msg
starting at src_off
into dst
starting at dst_off
. If the authentication tags match, true
is returned, and the decrypted data is in dst
.
val crypt : key:key -> nonce:string -> ?ctr:int64 -> string -> string
crypt ~key ~nonce ~ctr data
generates a ChaCha20 key stream using the key
, and nonce
. The ctr
defaults to 0. The generated key stream is of the same length as data
, and the output is the XOR of the key stream and data
. This implements, depending on the size of the nonce
(8 or 12 bytes) both the original specification (where the counter is 8 byte, same as the nonce) and the IETF RFC 8439 specification (where nonce is 12 bytes, and counter 4 bytes).