octez-libs 18.1 · OCaml Package

Tezos - X25519/XSalsa20-Poly1305 cryptography

type nonce

val nonce_size : int

val zero_nonce : nonce

val random_nonce : unit -> nonce

val increment_nonce : ?step:int -> nonce -> nonce

val generate_nonces : 
  incoming:bool ->
  sent_msg:Bytes.t ->
  recv_msg:Bytes.t ->
  nonce * nonce

generate_nonces ~incoming ~sent_msg ~recv_msg generates two nonces by hashing (Blake2B) the arguments. The nonces should be used to initialize the encryption on the communication channels. Because an attacker cannot control both messages, it cannot determine the nonces that will be used to encrypt the messages. The sent message should contains a random nonce, and we should never send the exact same message twice.

val tag_length : int

Size of the message authentication tag.

module Secretbox : sig ... end

type pow_target

val default_pow_target : pow_target

val make_pow_target : float -> pow_target

type secret_key

type public_key

module Public_key_hash : sig ... end

type channel_key

val hash : public_key -> Public_key_hash.t

val random_keypair : unit -> secret_key * public_key * Public_key_hash.t

Generates both a secret key and its corresponding public key, along with a hash of the public key.

val precompute : secret_key -> public_key -> channel_key

precompute pk sk computes a channel key from the sender's sk and the recipient's pk.

val fast_box : channel_key -> nonce -> Bytes.t -> Bytes.t

fast_box k nonce msg authenticates and encrypts msg and returns both the message authentication tag and the ciphertext. For this reason, the returned buffer will be tagbytes longer than msg.

val fast_box_open : channel_key -> nonce -> Bytes.t -> Bytes.t option

fast_box_open k nonce cmsg attempts to verify and decrypt cmsg and if successful returns the plaintext. As above, the returned buffer will be tagbytes shorter than cmsg.

val fast_box_noalloc : channel_key -> nonce -> Bytes.t -> Bytes.t -> unit

fast_box_noalloc k nonce tag buf authenticates and encrypts in-place the contents of buf using k and nonce and writes the message authentication tag in tag.

val fast_box_open_noalloc : channel_key -> nonce -> Bytes.t -> Bytes.t -> bool

fast_box_open_noalloc k nonce tag buf attempts to verify and decrypt the contents of buf in-place using k, nonce, and tag and returns true if successful.

val check_proof_of_work : public_key -> nonce -> pow_target -> bool

check_proof_of_work pk pow target returns true if pow is proof of work following target for the public key pk.

val generate_proof_of_work : 
  ?yield_every:int ->
  ?max:int ->
  public_key ->
  pow_target ->
  nonce Lwt.t

generate_proof_of_work pk pow_target generates a proof of work for the public key pk following the pow_target.

The parameter yield_every (defaults to 500) inserts a cooperation point (Lwt.pause ()) every so many attempts. This allows other promises to make progress towards resolution. It also allows Unix signals to be processed so that, say, Ctrl+C can be effective.

The parameter max (not set by default) sets a maximum number of attempts to be made before giving up. When max number of attempts have been made and no pow has been found, the exception Not_found is raised.

val generate_proof_of_work_with_target_0 : public_key -> nonce

val public_key_to_bytes : public_key -> Bytes.t

val public_key_of_bytes : Bytes.t -> public_key

val public_key_size : int

val secret_key_size : int

val public_key_encoding : public_key Data_encoding.t

val secret_key_encoding : secret_key Data_encoding.t

val nonce_encoding : nonce Data_encoding.t

val neuterize : secret_key -> public_key

neuterize sk generates the corresponding public key of sk

val equal : public_key -> public_key -> bool

equal a b tests keys for equality

val pp_pk : Format.formatter -> public_key -> unit

package octez-libs