package cryptokit

You can search for identifiers within the package.

in-package search v0.2.0

cryptokit
- Cryptokit
  - AEAD
  - Base64
  - Block
    
    aes_decrypt
    
    aes_encrypt
    
    block_cipher
    
    blowfish_decrypt
    
    blowfish_encrypt
    
    cbc_decrypt
    
    cbc_encrypt
    
    cfb_decrypt
    
    cfb_encrypt
    
    cipher
    
    cipher_padded_decrypt
    
    cipher_padded_encrypt
    
    ctr
    
    des_decrypt
    
    des_encrypt
    
    mac
    
    mac_final_triple
    
    ofb
    
    triple_des_decrypt
    
    triple_des_encrypt
  - Cipher
  - DH
  - Hash
  - Hexa
  - MAC
  - Padding
    
    scheme
  - RSA
  - Random
    
    rng
  - Stream
    
    arcfour
    
    chacha20
    
    cipher
    
    stream_cipher
  - Zlib
  - authenticated_transform
  - hash
  - transform
- CryptokitBignum

Legend:
Library
Module
Module type
Parameter
Class
Class type

The AEAD module implements authenticated encryption with associated data. This provides the same confidentiality guarantees as plain encryption, but also provides integrity guarantees. This module implements the AES-GCM and Chacha20-Poly1305 algorithms.

type direction =

| Encrypt
| Decrypt

Indicate whether the cipher should perform encryption (transforming plaintext to ciphertext) or decryption (transforming ciphertext to plaintext).

val aes_gcm : 
  ?header:string ->
  iv:string ->
  string ->
  direction ->
  authenticated_transform

AES-GCM is a standardized and widely-used authenticated encryption algorithm. It's an encrypt-then-MAC schema based on the AES cipher in counter mode and on the GHASH hash function. It supports keys of size 128, 192, or 256 bits, and produces authentication tags of size 128 bits (16 bytes).

aes_gcm ?header ~iv key dir returns an authenticated transform (see Cryptokit.authenticated_transform).

key is the encryption key; it must have length 16, 24 or 32.
dir specifies whether encryption or decryption is to be performed.
iv (mandatory) is the initialization vector used for counter mode. It must not be reused for several encryptions. It is recommended to use a 96-bit (12 bytes) randomly-generated initialization vector. Initialization vectors of size other than 12 bytes are supported but trigger additional computations.
header is the associated data. It is not encrypted but it is authenticated, i.e. taken into account for computing the authentication tag. If not provided, it defaults to the empty string.

val chacha20_poly1305 : 
  ?header:string ->
  iv:string ->
  string ->
  direction ->
  authenticated_transform

Chacha20-Poly1305 is a fast authenticated encryption algorithm. It's an encrypt-then-MAC schema combining the Chacha20 cipher with the Poly1305 one-time authentication function. It supports keys of size 128 or 256 bits, and produces authentication tags of size 128 bits (16 bytes).

chacha20_poly1305 ?header ~iv key dir returns an authenticated transform (see Cryptokit.authenticated_transform).

key is the encryption key; it must have length 16 or 32.
dir specifies whether encryption or decryption is to be performed.
iv (mandatory) is the initialization vector used for counter mode. It must not be reused for several encryptions. It must have length 8 bytes (for the original Chacha20-Poly1305 algorithm) or 12 bytes (for the IETF variant described in RFC 7539).
header is the associated data. It is not encrypted but it is authenticated, i.e. taken into account for computing the authentication tag. If not provided, it defaults to the empty string.