Noalloc.EasyThe easy interface concatenates the ciphertext and the 16-byte long message authentication tag into a single buffer.
By default, these functions use the whole of pt and ct, but users can choose to only pass portions of these buffers, by passing some of these optional arguments:
pt_offset, ct_offset: start at the specified position in pt or ct (0 by default)pt_len or ct_len: specify the number of bytes to take in pt or ct (by default, the entire buffer)Note 1: Since it must always be the case that ct be 16 bytes longer than pt, functions accept only one of these arguments (pt_len for encryption functions, ct_len for decryption functions)
Note 2: As opposed to not passing pt_len at all, passing pt_len=0 will result in using an empty buffer.
Buffers have the following size requirements:
ct: at least 16 bytespk, sk, ck: 32 bytesn: 24 bytespt_offset, ct_offset: positive, <= size of bufferpt_len: positive, <= size of pt - pt_offsetct_len: >= 16, <= size of ct - ct_offsetval box :
pt:bytes ->
?pt_offset:int ->
?pt_len:int ->
n:bytes ->
pk:bytes ->
sk:bytes ->
ct:bytes ->
?ct_offset:int ->
unit ->
boolbox pt n pk sk ct authenticates and encrypts plaintext pt using public key pk, secret key sk, and nonce n and writes both the message authentication tag and the ciphertext in ct. Returns true if successful.
val box_open :
ct:bytes ->
?ct_offset:int ->
?ct_len:int ->
n:bytes ->
pk:bytes ->
sk:bytes ->
pt:bytes ->
?pt_offset:int ->
unit ->
boolbox_open ct n pk sk pt attempts to verify and decrypt ciphertext ct using public key pk, secret key sk, and nonce n and if successful writes the plaintext in pt and returns true.
The shared key ck is obtained using NaCl.box_beforenm or NaCl.Noalloc.box_beforenm.
val box_afternm :
pt:bytes ->
?pt_offset:int ->
?pt_len:int ->
n:bytes ->
ck:bytes ->
ct:bytes ->
?ct_offset:int ->
unit ->
boolbox_afternm pt n ck ct authenticates and encrypts pt using shared key ck and nonce n and writes both the message authentication tag and the ciphertext in ct. Returns true if successful.
val box_open_afternm :
ct:bytes ->
?ct_offset:int ->
?ct_len:int ->
n:bytes ->
ck:bytes ->
pt:bytes ->
?pt_offset:int ->
unit ->
boolbox_open ct n pk sk pt attempts to verify and decrypt ciphertext ct using shared key ck and nonce n and if successful writes the plaintext in pt and returns true.
val secretbox :
pt:bytes ->
?pt_offset:int ->
?pt_len:int ->
n:bytes ->
key:bytes ->
ct:bytes ->
?ct_offset:int ->
unit ->
boolsecretbox pt n key ct authenticates and encrypts plaintext pt using secret key key and nonce n and writes both the message authentication tag and the ciphertext in ct. Returns true if successful.