package mirage-crypto

  1. Overview
  2. Docs
type key
val of_secret : string -> key

Construct the encryption key corresponding to secret.

  • raises Invalid_argument

    if the length of secret is not in key_sizes.

val key_sizes : int array

Key sizes allowed with this cipher.

val block_size : int

The size of a single block.

val encrypt : key:key -> iv:string -> string -> string

encrypt ~key ~iv msg is msg encrypted under key, using iv as the CBC initialization vector.

  • raises Invalid_argument

    if iv is not block_size, or msg is not k * block_size long.

val decrypt : key:key -> iv:string -> string -> string

decrypt ~key ~iv msg is the inverse of encrypt.

  • raises Invalid_argument

    if iv is not block_size, or msg is not k * block_size long.

val next_iv : ?off:int -> string -> iv:string -> string

next_iv ~iv ciphertext ~off is the first iv following the encryption that used iv to produce ciphertext.

For protocols which perform inter-message chaining, this is the iv for the next message.

It is either iv, when String.length ciphertext - off = 0, or the last block of ciphertext. Note that

encrypt ~iv msg1 || encrypt ~iv:(next_iv ~iv (encrypt ~iv msg1)) msg2
== encrypt ~iv (msg1 || msg2)
  • raises Invalid_argument

    if the length of iv is not block_size.

  • raises Invalid_argument

    if the length of ciphertext is not a multiple of block_size.

val encrypt_into : key:key -> iv:string -> string -> src_off:int -> bytes -> dst_off:int -> int -> unit

encrypt_into ~key ~iv src ~src_off dst dst_off len encrypts len octets from src starting at src_off into dst starting at dst_off.

  • raises Invalid_argument

    if the length of iv is not block_size.

  • raises Invalid_argument

    if len is not a multiple of block_size.

  • raises Invalid_argument

    if src_off < 0 || String.length src - src_off < len.

  • raises Invalid_argument

    if dst_off < 0 || Bytes.length dst - dst_off < len.

val decrypt_into : key:key -> iv:string -> string -> src_off:int -> bytes -> dst_off:int -> int -> unit

decrypt_into ~key ~iv src ~src_off dst dst_off len decrypts len octets from src starting at src_off into dst starting at dst_off.

  • raises Invalid_argument

    if the length of iv is not block_size.

  • raises Invalid_argument

    if len is not a multiple of block_size.

  • raises Invalid_argument

    if src_off < 0 || String.length src - src_off < len.

  • raises Invalid_argument

    if dst_off < 0 || Bytes.length dst - dst_off < len.

OCaml

Innovation. Community. Security.