package rfc6287

  1. Overview
  2. Docs
package rfc6287
Legend:
Library
Module
Module type
Parameter
Class
Class type

RFC6287 (OCRA)

type t

The abstract OCRA suite type

type err =
  1. | Invalid_suite_string
  2. | DataInput of string
  3. | Window of string
val t_of_string : string -> (t, err) Rresult.result
val string_of_t : t -> string
type di = {
  1. c : bool;
    (*

    C

    *)
  2. q : [ `A | `N | `H ] * int;
    (*

    Q

    *)
  3. p : [ `SHA1 | `SHA256 | `SHA512 ] option;
    (*

    P

    *)
  4. s : int option;
    (*

    S

    *)
  5. t : int option;
    (*

    T

    *)
}
val di_of_t : t -> di
  • returns

    DataInput spec

val challenge : t -> string
  • returns

    random challenge string q with format and length as specified in suite

type pinhash = [
  1. | `String of string
  2. | `Digest of Cstruct.t
]

if pinhash is `String x, gen and verify will apply the Pin Hash algorithm specified in suite to calculate the digest of x.

if pinhash is `Digest d, its length must equal digests size of Pin Hash function (as specified in suite)

type timestamp = [
  1. | `Now
  2. | `Int64 of int64
]

if timestamp is `Now, gen and verify will use Unix.time and the timestep specified in suite to calculate the timestamp value

val gen : ?c:int64 -> ?p:pinhash -> ?s:Cstruct.t -> ?t:timestamp -> key:Cstruct.t -> q:string -> t -> (Cstruct.t, err) Rresult.result

Generate OCRA(K, {[C] | Q | [P | S | T]}).

  • returns
    • Ok a the response
    • Error (DataInput error_message) if parameters do not match suite
  • parameter c

    DataInput C: Counter

  • parameter p

    DataInput P: Pin Hash

  • parameter s

    DataInput S: Session; length must equal session size (as specified in suite)

  • parameter t

    DataInput T: Timestamp

  • parameter key

    CryptoFunction key K

  • parameter q

    DataInput Q: Challenge

val gen1 : c:int64 option -> p:pinhash option -> s:Cstruct.t option -> t:timestamp option -> key:Cstruct.t -> q:string -> t -> (Cstruct.t, err) Rresult.result
val verify : ?c:int64 -> ?p:pinhash -> ?s:Cstruct.t -> ?t:timestamp -> ?cw:int -> ?tw:int -> key:Cstruct.t -> q:string -> a:Cstruct.t -> t -> (bool * int64 option, err) Rresult.result

Verify OCRA Response.

  • returns
    • Ok (true, None) upon successful verification for suite without C DataInput
    • Ok (true, Some next_counter) upon successful verification for suite with C DataInput
    • Ok (false, None) if verification failed
    • Error (DataInput error_message) if parameters do not match suite
    • Error (Window error_message) on invalid cw and tw parameters
  • parameter c

    DataInput C: Counter

  • parameter p

    DataInput P: Pin Hash

  • parameter s

    DataInput S: Session; length must equal session size (as specified in suite)

  • parameter t

    DataInput T: Timestamp

  • parameter cw

    Counter Window

  • parameter tw

    Timestamp Window

  • parameter key

    CryptoFunction key K

  • parameter q

    DataInput Q: Challenge

  • parameter a

    Response to check against

val verify1 : c:int64 option -> p:pinhash option -> s:Cstruct.t option -> t:timestamp option -> cw:int option -> tw:int option -> key:Cstruct.t -> q:string -> a:Cstruct.t -> t -> (bool * int64 option, err) Rresult.result
OCaml

Innovation. Community. Security.

GitHub Discord Twitter Peertube RSS
About
Changelog Releases Industrial Users Academic Users Why OCaml
Ecosystem
Packages Community Events OCaml Planet Jobs
Resources
Install OCaml Get Started Platform Tools Language Manual Standard Library API Books Exercises Papers OCaml Playground Logo
Policies
Carbon Footprint Governance Privacy Code of Conduct