Index of values

accumulate ~g is a closure suitable for incrementally feeding small amounts of environmentally sourced entropy into g.

attach e g starts seeding g from the entropy provider e and returns the token to stop the seeding.

attach ~period ~device g instruments the lwt event loop to mix in bytes from device into g whenever external events cause the loop to wake up, but no more often than once every period seconds.

Internally, this generator's generate always produces k * block bytes.

Block size of g or default generator.

Create a new, unseeded g.

create module uses a module conforming to the Generator signature to instantiate the generic generator g.

decrypt ~mask ~label ~key ciphertext is Some message if the ciphertext was produced by the corresponding encrypt operation, or None otherwise.

decrypt mask key ciphertext is Some message if the ciphertext was produced by the corresponding encrypt operation, or None otherwise.

decrypt mask key ciphertext is the decrypted ciphertext, left-padded with 0x00 up to key size.

Compute the digest.

Size of hash results, in bytes.

Compute the digest.

encrypt ~g ~label ~key message is OAEP-padded and encrypted message, using the optional label.

encrypt g key message is a PKCS1-padded (type 2) and encrypted message.

encrypt key message is the encrypted message.

encrypt ~key ~ctr ~off msg is (stream ~key ~ctr ~off (len msg)) xor msg.

Hash the input, updating the state.

gen ~g n picks a value in the interval [0, n - 1] uniformly at random.

gen_bits ~g ~msb n picks a bit-string n bits long, with msb most significant bits set, and interprets it as a t in big-endidan.

gen_group bits generates a random Nocrypto.Dh.group with modulus size bits.

Generate a random Nocrypto.Dh.secret and the corresponding public key.

gen_r ~g low high picks a value from the interval [low, high - 1] uniformly at random.

generate key digest deterministically takes the given private key and message digest to a k suitable for seeding the signing process.

generate g size is a fresh private key.

generate g e bits is a new priv.

generate ~g n produces n uniformly distributed random bytes, updating the state of g.

Invoke generate on g or default generator.

Default generator.

Extract the digest; state becomes invalid.

hmac ~key bytes is authentication code for bytes under the secret key, generated using the standard HMAC construction over this hash algorithm.

Create a new hash state.

Starts seeding the current default generator and stops the previous seeding process started through the same function.

Immediately seeds the current defalt generator using Nocrypto_entropy_unix.initialize.

Seeds the current defalt generator from the system RNG device if it is currently unseeded.

key_of_secret group s is the Nocrypto.Dh.secret and the corresponding public key which use s as the secret exponent.

massage key digest is the numeric value of digest taken modulo q and represented in the leftmost bits(q) bits of the result.

Bit size of the modulus.

next_iv iv ciphertext for a ciphertext and an iv it was computed with is the iv to use to encrypt the next message, for protocols which perform inter-message chaining.

prime ~g ~msb bits generates a prime smaller than 2^bits, with msb most significant bits set.

Bit-size of a private key.

priv_of_primes e p q creates priv from a minimal description: the public exponent and the two primes.

Miller-Rabin with sane rounds parameter.

Bit-size of a public key.

Extract the public component from a private key.

Extract the public component from a private key.

reseed ~bytes ~g mixes in bytes bytes from the system RNG into the generator g.

reseed ~g bytes directly updates g.

safe_prime ~g bits gives a prime pair (g, p) such that p = 2g + 1 and p has bits significant bits.

seeded ~g is true iff operations won't throw Unseeded_generator.

shared group secret message is Some key, the shared key, given a group, a previously generated Nocrypto.Dh.secret and the other party's public message.

sig_decode key signature is either Some message if the signature was produced with the given key as per sign, or None

sig_encode mask key message is the PKCS1-padded (type 1) message signed by the key.

sign mask k fips key digest is the signature, a pair of Cstruct.ts representing r and s in big-endian.

sign ~g ~slen ~key message the -padded digest of message, signed with the key.

Entropy.sources set up with the last initialize.

Stops the reseeding task associated with t.

stream ~key ~ctr ~off n is the first n bytes obtained by encrypting and concatenating blocks c(0), c(1), ..., where c(0) is ctr, and c(n + 1) is c(n) + 1 interpreted in big-endian.

Detected system RNG device.

verify fips key (r, s) digest verifies that the pair (r, s) is the signature of digest, the message digest, under the private counterpart to key.

verify ~slen ~key ~signature message checks whether signature is a valid PSS signature of the message under the given key.