package nocrypto

  1. Overview
  2. Docs
Simpler crypto

Install

Dune Dependency

github.com Readme Changelog ISC License Edit opam file Versions (13)

Authors

  1. D
    David Kaloper <david@numm.org>

Maintainers

  1. D
    David Kaloper <david@numm.org>

Sources

nocrypto-0.5.4.tbz
md5=c331a7a4d2a563d1d5ed581aeb849011

Description

nocrypto is a small cryptographic library that puts emphasis on the applicative style and ease of use. It includes basic ciphers (AES, 3DES, RC4), hashes (MD5, SHA1, SHA2), public-key primitives (RSA, DSA, DH) and a strong RNG (Fortuna).

RSA timing attacks are countered by blinding. AES timing attacks are avoided by delegating to AES-NI.

Tags

org:mirage

Published: 23 Feb 2017

README

nocrypto - Simpler crypto

v0.5.4

nocrypto is a small cryptographic library that puts emphasis on the applicative style and ease of use. It includes basic ciphers (AES, 3DES, RC4), hashes (MD5, SHA1, SHA2), public-key primitives (RSA, DSA, DH) and a strong RNG (Fortuna).

RSA timing attacks are countered by blinding. AES timing attacks are avoided by delegating to AES-NI.

Documentation

Interface is documented. Also online.

Build

  --with-unix BOOL
  --with-lwt BOOL
  --xen BOOL
  --freestanding BOOL

./pkg/pkg.ml test

FAQ

RNG seeding

If RNG fails with Fatal error: exception Uncommon.Boot.Unseeded_generator, you need to seed it.

Unix:

let () = Nocrypto_entropy_unix.initialize ()

Unix/Lwt:

let () = Nocrypto_entropy_lwt.initialize () |> ignore
Illegal instructions
Program terminated with signal SIGILL, Illegal instruction.
#0  _mm_aeskeygenassist_si128 (__C=<optimized out>, __X=...)

Nocrypto has CPU acceleration support (SSE2+AES-NI), but no run-time autodetection yet. You compiled the library with acceleration, but you are using it on a machine that does not support it.

pkg/pkg.ml build --accelerate false force-disables non-portable code.

pkg/pkg.ml build --accelerate true force-enables non-portable code.

The flag can also be set via the NOCRYPTO_ACCELERATE environment variable. When unset, it maches the capabilities of the build machine.

Dependencies (21)

  1. zarith-freestanding
  2. mirage-entropy
  3. mirage-solo5
  4. mirage-no-solo5
  5. zarith-xen
  6. mirage-entropy
  7. mirage-xen >= "2.2.0" & < "6.0.0"
  8. mirage-no-xen
  9. sexplib != "v0.9.0" & < "v0.11.0"
  10. lwt
  11. zarith
  12. cstruct-lwt
  13. cstruct >= "2.4.0" & < "3.4.0"
  14. ppx_sexp_conv >= "113.33.01" & < "v0.11.0"
  15. ppx_deriving
  16. ocb-stubblr build & >= "0.1.0"
  17. cpuid build & >= "0.1.2"
  18. topkg build & >= "0.9.1"
  19. ocamlbuild build
  20. ocamlfind build
  21. ocaml >= "4.02.0"

Dev Dependencies (1)

  1. ounit with-test

Used by (41)

  1. arp < "1.0.0"
  2. aws >= "1.0.0" & < "1.2"
  3. aws-s3 < "3.0.0"
  4. certify < "0.3.3"
  5. conex < "0.10.0"
  6. conex-nocrypto
  7. cuid >= "0.2"
  8. current_github < "0.2"
  9. datakit-bridge-github
  10. datakit-github < "0.9.0"
  11. dns-cli < "4.4.0"
  12. dns-server < "4.4.0"
  13. dns-tsig < "4.4.0"
  14. gemini
  15. git >= "1.3.0" & != "1.10.0" & < "2.1.3"
  16. git-mirage < "2.1.3"
  17. git-unix != "2.1.0" & < "2.1.3"
  18. github-hooks
  19. hkdf < "1.0.4"
  20. irmin >= "0.9.0" & < "0.9.6"
  21. jupyter < "1.0.0"
  22. jupyter-kernel < "0.4"
  23. letsencrypt < "0.2.1"
  24. mirage-block-ccm < "1.1.0"
  25. monorobot
  26. noise
  27. osbx
  28. otr >= "0.3.1" & < "0.3.7"
  29. pbkdf < "1.1.0"
  30. rfc6287 >= "1.0.2" & < "1.0.4"
  31. salsa20 < "1.1.0"
  32. salsa20-core < "0.3.0"
  33. scrypt-kdf < "1.1.0"
  34. session < "0.5.0"
  35. slack
  36. ssh-agent < "0.2.1"
  37. tls = "0.6.0" | >= "0.7.1" & < "0.11.0"
  38. tlstunnel
  39. ulid
  40. websocket >= "2.0.0" & < "2.3"
  41. x509 >= "0.5.1" & < "0.10.0"

Conflicts

None