Module CRYPTO.Secretbox

Secret-key authenticated encryption.

The primitive is xsalsa20-poly1305, NaCl documentation.

Keys and nonces

module Secret_key : sig ... end

Secret keys.

module Nonce : sig ... end



type plain_text = Bytes.t

The type for plain text.

type cipher_text = Bytes.t

The type for cipher text.

val cipher_text_overhead_length : int

cipher_text_overhead_length is the constant additional number of bytes a cipher text has over its plain text.

val box : secret_key:Secret_key.t -> nonce:Nonce.t -> plain_text:plain_text -> cipher_text

box ~secret_key ~nonce ~plain_text is a cipher text for plain_text encrypted and authenticated by secret_key and nonce.

Note. The function takes an unpadded plain text and returns an unpadded cipher text.

val open' : secret_key:Secret_key.t -> nonce:Nonce.t -> cipher_text:cipher_text -> plain_text option

open' ~secret_key ~nonce ~cipher_text is:

  • Some plain_text, if cipher_text encrypted by secret_key and nonce authenticates and decrypts to plain_text.
  • None otherwise.

Note. The function takes an unpadded cipher text and returns an unpadded plain text.