package nocrypto

You can search for identifiers within the package.

in-package search v0.2.0

On This Page

Usage
Default generator initialization
Background seeding

package nocrypto

nocrypto
- Nocrypto
  - Base64
  - Cipher_block
    
    AES
    
    CBC
    
    CCM
    
    CTR
    
    ECB
    
    GCM
    
    Counter
    
    DES
    
    CBC
    
    CTR
    
    ECB
    
    S
    
    CBC
    
    CCM
    
    CTR
    
    Core
    
    ECB
    
    GCM
  - Cipher_stream
    
    ARC4
    
    S
  - Dh
    
    Group
  - Dsa
    
    K_gen
    
    H
  - Hash
    
    MD5
    
    S
    
    SHA1
    
    SHA224
    
    SHA256
    
    SHA384
    
    SHA512
  - Numeric
    
    Int
    
    Int32
    
    Int64
    
    S
    
    Z
  - Rng
    
    Generators
    
    Fortuna
    
    Hmac_drgb
    
    Make
    
    H
    
    Null
    
    Int
    
    Int32
    
    Int64
    
    Make_N
    
    N
    
    S
    
    Generator
    
    N
    
    Z
  - Rsa
    
    OAEP
    
    H
    
    PKCS1
    
    PSS
    
    H
nocrypto_lwt
- Nocrypto_entropy_lwt
nocrypto_unix
- Nocrypto_entropy_unix

Legend:
Library
Module
Module type
Parameter
Class
Class type

RNG seeding on Lwt/Unix.

This module provides RNG seeding from the Unix kernel RNG, typically

/dev/urandom

. It uses Lwt for periodic background reseeding.

Calling initialize is enough to bring the RNG into a working state. In addition, a background task is set up to periodically reseed the RNG.

initialize is idempotent as long as the default generator is unchanged. It is harmless to call it several times.

Note that initialize returns a thread. While the reseeding task has only been created once this thread completes, the initial seeding is done before the function returns. Is is safe to use the RNG immediately after the invocation.

Usage

Seed during module initialization, not waiting for the background seeding to start:

let _ = Nocrypto_entropy_lwt.initialize ()

Seed just before the main function, not waiting for the background seeding to start:

let () =
ignore (Nocrypto_entropy_lwt.initialize ());
Lwt_main.run (main ())

Seed just before the main function, and wait for the background seeding to start before proceeding:

let () =
Lwt_main.run (Nocrypto_entropy_lwt.initialize () >>= main)

Default generator initialization

val initialize : unit -> unit Lwt.t

Immediately seeds the current defalt generator using Nocrypto_entropy_unix.initialize. The initial seeding is finished before the function returns.

It then invokes attach. Once the returned thread completes, a background reseeding task has been attached to the defalt generator.

Background seeding

type t

Represents background reseeding task.

val attach : period:int -> ?device:string -> Nocrypto.Rng.g -> t Lwt.t

attach ~period ~device g instruments the lwt event loop to mix in bytes from device into g whenever external events cause the loop to wake up, but no more often than once every period seconds.

device defaults to Nocrypto_entropy_unix.sys_rng.

val stop : t -> unit Lwt.t

Stops the reseeding task associated with t. Idempotent.