Module `Noalloc.Easy`

The easy interface concatenates the ciphertext and the 16-byte long message authentication tag into a single buffer.

Buffers have the following size requirements:

ct: at least 16 bytes
pk, sk, ck: 32 bytes
n: 24 bytes

Box

One-shot interface

val box : pt:bytes -> n:bytes -> pk:bytes -> sk:bytes -> ct:bytes -> bool: box pt n pk sk ct authenticates and encrypts plaintext pt using public key pk, secret key sk, and nonce n and writes both the message authentication tag and the ciphertext in ct. Returns true if successful.

val box_open : ct:bytes -> n:bytes -> pk:bytes -> sk:bytes -> pt:bytes -> bool: box_open ct n pk sk pt attempts to verify and decrypt ciphertext ct using public key pk, secret key sk, and nonce n and if successful writes the plaintext in pt and returns true.

Precomputation interface

The shared key ck is obtained using NaCl.box_beforenm or NaCl.Noalloc.box_beforenm.

val box_afternm : pt:bytes -> n:bytes -> ck:bytes -> ct:bytes -> bool: box_afternm pt n ck ct authenticates and encrypts pt using shared key ck and nonce n and writes both the message authentication tag and the ciphertext in ct. Returns true if successful.

val box_open_afternm : ct:bytes -> n:bytes -> ck:bytes -> pt:bytes -> bool: box_open ct n pk sk pt attempts to verify and decrypt ciphertext ct using shared key ck and nonce n and if successful writes the plaintext in pt and returns true.

Secretbox

val secretbox : pt:bytes -> n:bytes -> key:bytes -> ct:bytes -> bool: secretbox pt n key ct authenticates and encrypts plaintext pt using secret key key and nonce n and writes both the message authentication tag and the ciphertext in ct. Returns true if successful.

val secretbox_open : ct:bytes -> n:bytes -> key:bytes -> pt:bytes -> bool: secretbox_open ct n key pt attempts to verify and decrypt ciphertext ct using secret key key and nonce n and if successful writes the plaintext in pt and returns true.