Legend:
Library
Module
Module type
Parameter
Class
Class type
Library
Module
Module type
Parameter
Class
Class type
val derive_key :
Password_hash.difficulty ->
Password_hash.password ->
Password_hash.salt ->
secret_key
derive_key difficulty pw salt
derives a key from a human generated password. Since the derivation depends on both difficulty
and salt
, it is necessary to store them alongside the ciphertext. Using a constant salt is insecure because it increases the effectiveness of rainbow tables. Generate the salt with a function like Password_hash.random_salt
instead.
val random_nonce : unit -> nonce
random_nonce ()
generates a random nonce.
val nonce_of_bytes : Stdlib.Bytes.t -> nonce
nonce_of_bytes b
creates a nonce out of bytes b
.
increment_nonce ?step n
interprets nonce n
as a big-endian number and returns the sum of n
and step
with wrap-around. The default step
is 1.
equal_keys a b
checks a
and b
for equality in constant time.
module type S = sig ... end