Module `Hacl.NaCl`

Box (public-key authenticated encryption) and Secretbox (secret-key authenticated encryption)

Portable C implementations offering both the easy and detached interfaces of Box and Secretbox (see NaCl.Noalloc). For Box, the precomputation interface is also supported.

Box

One-shot interface

val box : pt:bytes -> n:bytes -> pk:bytes -> sk:bytes -> bytes option: box pt n pk sk authenticates and encrypts plaintext pt using public key pk, secret key sk, and nonce n and returns both the message authentication tag and the ciphertext in a single buffer if successful.

val box_open : ct:bytes -> n:bytes -> pk:bytes -> sk:bytes -> bytes option: box_open ct n pk sk attempts to verify and decrypt ciphertext ct using public key pk, secret key sk, and nonce n and returns the plaintext if successful.

Precomputation interface

A shared key ck is first obtained using NaCl.box_beforenm. This is useful when calling the functions repeatedly, as it avoids computing the shared key on every function call.

val box_beforenm : pk:bytes -> sk:bytes -> bytes option: box_beforenm pk sk precomputes a 32-byte X25519 shared key ck using one party's 32-byte public key pk and the other party's 32-byte secret key sk. The shared key can then be used in the Box precomputation interface (box_afternm and box_open_afternm functions) in both Easy and Detached.

val box_afternm : pt:bytes -> n:bytes -> ck:bytes -> bytes option: box_afternm pt n ck authenticates and encrypts pt using shared key ck and nonce n and returns both the message authentication tag and the ciphertext in a single buffer if successful.

val box_open_afternm : ct:bytes -> n:bytes -> ck:bytes -> bytes option: box_open ct n pk sk attempts to verify and decrypt ciphertext ct using shared key ck and nonce n and returns the plaintext if successful.

Secretbox

val secretbox : pt:bytes -> n:bytes -> key:bytes -> bytes option: secretbox pt n key authenticates and encrypts plaintext pt using secret key key and nonce n and returns both the message authentication tag and the ciphertext in a single buffer if successful.

val secretbox_open : ct:bytes -> n:bytes -> key:bytes -> bytes option: secretbox_open ct n key attempts to verify and decrypt ciphertext ct using secret key key and nonce n and returns the plaintext if successful.

module Noalloc : sig ... end: Versions of these functions which write their output in a buffer passed in as an argument