module Dh:sig
..end
exception Invalid_public_key
type
group = {
|
p : |
(* |
modulus
| *) |
|
gg : |
(* |
generator
| *) |
|
q : |
(* |
subgroup order; potentially unknown
| *) |
Sexplib
convertible.
type
secret = private {
|
x : |
Sexplib
convertible.
val modulus_size : group -> int
val key_of_secret : group -> s:Cstruct.t -> secret * Cstruct.t
key_of_secret group s
is the Nocrypto.Dh.secret
and the corresponding public
key which use s
as the secret exponent.Invalid_public_key
if s
is degenerate.val gen_key : ?g:Nocrypto.Rng.g ->
?bits:int -> group -> secret * Cstruct.t
Nocrypto.Dh.secret
and the corresponding public key.
bits
is the exact bit-size of Nocrypto.Dh.secret
and defaults to a value
dependent on the Nocrypto.Dh.group
's p
.group -> secret -> Cstruct.t -> Cstruct.t option
: shared group secret message
is Some key
, the shared key, given a
group, a previously generated Nocrypto.Dh.secret
and the other party's public
message. It is None
if message
is degenerate.val gen_group : ?g:Nocrypto.Rng.g -> int -> group
gen_group bits
generates a random Nocrypto.Dh.group
with modulus size bits
.
Uses a safe prime p = 2q + 1
(with q
prime) for the modulus and 2
for the generator, such that 2^q = 1 mod p
.
Runtime is on the order of minute for 1024 bits.Invalid_argument
if bits
is ridiculously small.module Group:sig
..end
Nocrypto.Dh.group
s.