include AEAD
val authenticate_encrypt : key:key -> nonce:Cstruct.t -> ?adata:Cstruct.t -> Cstruct.t -> Cstruct.tauthenticate_encrypt ~key ~nonce ~adata msg encrypts msg with key and nonce, and appends an authentication tag computed over the encrypted msg, using key, nonce, and adata.
- raises Invalid_argument
if
nonceis not of the right size.
val authenticate_decrypt : key:key -> nonce:Cstruct.t -> ?adata:Cstruct.t -> Cstruct.t -> Cstruct.t optionauthenticate_decrypt ~key ~nonce ~adata msg splits msg into encrypted data and authentication tag, computes the authentication tag using key, nonce, and adata, and decrypts the encrypted data. If the authentication tags match, the decrypted data is returned.
- raises Invalid_argument
if
nonceis not of the right size.
crypt ~key ~nonce ~ctr data generates a ChaCha20 key stream using the key, and nonce. The ctr defaults to 0. The generated key stream is of the same length as data, and the output is the XOR of the key stream and data. This implements, depending on the size of the nonce (8 or 12 bytes) both the original specification (where the counter is 8 byte, same as the nonce) and the IETF RFC 8439 specification (where nonce is 12 bytes, and counter 4 bytes).
- raises Invalid_argument
if invalid parameters are provided. Valid parameters are:
keymust be 32 bytes andnonce12 bytes for the IETF mode (and counter fit into 32 bits), orkeymust be either 16 bytes or 32 bytes andnonce8 bytes.