Module Cryptokit.Block
The Block
module provides classes that implements popular block ciphers, chaining modes, and wrapping of a block cipher as a general transform or as a hash function. The classes can be composed in a Lego-like fashion, facilitating the integration of new block ciphers, modes, etc.
class type block_cipher = object ... end
Abstract interface for a block cipher.
Deriving transforms and hashes from block ciphers
class cipher : block_cipher -> transform
Wraps a block cipher as a general transform. The transform has input block size and output block size equal to the block size of the block cipher. No padding is performed. Example:
new cipher (new cbc_encrypt (new aes_encrypt key))
returns a transform that performs AES encryption in CBC mode.
class cipher_padded_encrypt : Padding.scheme -> block_cipher -> transform
Like
Cryptokit.Block.cipher
, but performs padding on the input data as specified by the first argument. The input block size of the returned transform is 1; the output block size is the block size of the block cipher.
class cipher_padded_decrypt : Padding.scheme -> block_cipher -> transform
Like
Cryptokit.Block.cipher
, but removes padding on the output data as specified by the first argument. The output block size of the returned transform is 1; the input block size is the block size of the block cipher.
class mac : ?iv:string -> ?pad:Padding.scheme -> block_cipher -> hash
Build a MAC (keyed hash function) from the given block cipher. The block cipher is run in CBC mode, and the MAC value is the final value of the initialization vector. Thus, the hash size of the resulting hash is the block size of the block cipher. The optional argument
iv
specifies the first initialization vector, with a default of all zeroes. The optional argumentpad
specifies a padding scheme to be applied to the input data; if not provided, no padding is performed.
class mac_final_triple : ?iv:string -> ?pad:Padding.scheme -> block_cipher -> block_cipher -> block_cipher -> hash
Build a MAC (keyed hash function) from the given block ciphers
c1
,c2
andc3
. The input is run throughc1
in CBC mode, as described forCryptokit.Block.mac
. The final initialization vector is then super-enciphered byc2
, then byc3
, to provide the final MAC. This construction results in a MAC that is as nearly as fast asCryptokit.Block.mac
c1
, but more resistant against brute-force key search because of the additional final encryption throughc2
andc3
.
Some block ciphers: AES, DES, triple DES, Blowfish
class aes_encrypt : string -> block_cipher
The AES block cipher, in encryption mode. The string argument is the key; its length must be 16, 24 or 32 bytes.
class aes_decrypt : string -> block_cipher
The AES block cipher, in decryption mode.
class des_encrypt : string -> block_cipher
The DES block cipher, in encryption mode. The string argument is the key; its length must be 8 bytes.
class des_decrypt : string -> block_cipher
The DES block cipher, in decryption mode.
class triple_des_encrypt : string -> block_cipher
The Triple-DES block cipher, in encryption mode. The key argument must have length 16 (two keys) or 24 (three keys).
class triple_des_decrypt : string -> block_cipher
The Triple-DES block cipher, in decryption mode.
class blowfish_encrypt : string -> block_cipher
The Blowfish block cipher, in encryption mode. The string argument is the key; its length must be between 4 and 56.
class blowfish_decrypt : string -> block_cipher
The Blowfish block cipher, in decryption mode.
Chaining modes
class cbc_encrypt : ?iv:string -> block_cipher -> block_cipher
Add Cipher Block Chaining (CBC) to the given block cipher in encryption mode. Each block of input is xor-ed with the previous output block before being encrypted through the given block cipher. The optional
iv
argument specifies the string to be xor-ed with the first input block, and defaults to all zeroes. The returned block cipher has the same block size as the underlying block cipher.
class cbc_decrypt : ?iv:string -> block_cipher -> block_cipher
Add Cipher Block Chaining (CBC) to the given block cipher in decryption mode. This works like
Cryptokit.Block.cbc_encrypt
, except that input blocks are first decrypted by the block cipher before being xor-ed with the previous input block.
class cfb_encrypt : ?iv:string -> int -> block_cipher -> block_cipher
Add Cipher Feedback Block (CFB) to the given block cipher in encryption mode. The integer argument
n
is the number of bytes processed at a time; it must lie between1
and the block size of the underlying cipher, included. The returned block cipher has block sizen
.
class cfb_decrypt : ?iv:string -> int -> block_cipher -> block_cipher
Add Cipher Feedback Block (CFB) to the given block cipher in decryption mode. See
Cryptokit.Block.cfb_encrypt
.
class ofb : ?iv:string -> int -> block_cipher -> block_cipher
Add Output Feedback Block (OFB) to the given block cipher. The integer argument
n
is the number of bytes processed at a time; it must lie between1
and the block size of the underlying cipher, included. The returned block cipher has block sizen
. It is usable both for encryption and decryption.
class ctr : ?iv:string -> ?inc:int -> block_cipher -> block_cipher
Add Counter mode to the given block cipher. Viewing the IV as a
blocksize
-byte integer in big-endian representation, the blocksIV
,IV+1
,IV+2
, ... are encrypted using the given block cipher, and the result is xor-ed with the input blocks to produce the output blocks. The additionsIV+n
are performed modulo 2 to the8 * inc
power. In other words, only the lowinc
bytes of theIV
are subject to incrementation; the highblocksize - inc
bytes are unaffected.inc
defaults toblocksize
. The returned block cipher has the same block size as the underlying block cipher, and is usable both for encryption and decryption.