module Cryptosystem:sig..end
AES_CTS as cipher, and SHA1-96 for signing.exception Integrity_error
val derive_keys : string -> int -> Netmech_scram.specific_keysderive_keys protocol_key usage: Returns the specific keys for
this protocol_key and this usage numbers. See RFC 4121 for
applicable usage numbersval encrypt_and_sign : Netmech_scram.specific_keys -> string -> string
Returns ciphertext_with_signature.
val encrypt_and_sign_mstrings : Netmech_scram.specific_keys ->
Netxdr_mstring.mstring list -> Netxdr_mstring.mstring listmstring listval decrypt_and_verify : Netmech_scram.specific_keys -> string -> string
For very short plaintexts (< 16 bytes) there will be some
padding at the end ("residue"), as returned as ec above.
We ignore this problem generally,
because GSS-API adds a 16-byte header to the plaintext anyway,
so these short messages do not occur.
If the signature is not valid, the exception Integrity_error
is raised.
val decrypt_and_verify_mstrings : Netmech_scram.specific_keys ->
Netxdr_mstring.mstring list -> Netxdr_mstring.mstring listmstring listval get_ec : Netmech_scram.specific_keys -> int -> intlet ec = get_ec e_keys n:
Returns the required value for the "extra count" field of
RFC 4121 if the plaintext message has size n. Here,
n is the size of the payload message plus the token
header of 16 bytes, i.e. the function is always called with
n >= 16.
Here, the returned ec value is always 0.
val get_mic : Netmech_scram.specific_keys -> string -> stringval get_mic_mstrings : Netmech_scram.specific_keys -> Netxdr_mstring.mstring list -> stringmstring list