type 'a key
type secret_key = secret key
type auth
val primitive : string

Primitive used by this implementation. Currently "hmacsha512256".

val key_size : int

Size of keys, in bytes.

val auth_size : int

Size of authenticators, in bytes.

val random_key : unit -> secret key

random_key () generates a random secret key .

derive_key difficulty pw salt derives a key from a human generated password. Since the derivation depends on both difficulty and salt, it is necessary to store them alongside the authenticator. Using a constant salt is insecure because it increases the effectiveness of rainbow tables. Generate the salt with a function like Password_hash.random_salt instead.

val wipe_key : secret key -> unit

wipe_key k overwrites k with zeroes.

val equal_keys : secret key -> secret key -> bool

equal_keys a b checks a and b for equality in constant time.

module type S = sig ... end
module Bytes : S with type storage = Bytes.t
module Bigbytes : S with type storage = bigbytes