val authenticate_encrypt : key:key -> nonce:Cstruct.t -> ?adata:Cstruct.t -> Cstruct.t -> Cstruct.t
authenticate_encrypt ~key ~nonce ~adata msg
encrypts msg
with key
and nonce
, and appends an authentication tag computed over the encrypted msg
, using key
, nonce
, and adata
.
- raises Invalid_argument
if
nonce
is not of the right size.
val authenticate_decrypt : key:key -> nonce:Cstruct.t -> ?adata:Cstruct.t -> Cstruct.t -> Cstruct.t option
authenticate_decrypt ~key ~nonce ~adata msg
splits msg
into encrypted data and authentication tag, computes the authentication tag using key
, nonce
, and adata
, and decrypts the encrypted data. If the authentication tags match, the decrypted data is returned.
- raises Invalid_argument
if
nonce
is not of the right size.