/usr/lib/ocaml/netstring/netchannels_crypto.mli is in libocamlnet-ocaml-dev 4.1.2-3.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 | (* $Id$ *)
(** Crypto extensions for {!Netchannels} *)
(** {1:tls TLS} *)
(** A TLS channel is a layer on top of a bidirectional channel that adds the TLS
protocol.
*)
class type tls_channel = object
inherit Netchannels.raw_io_channel
method tls_endpoint : Netsys_crypto_types.tls_endpoint
end
class tls_layer :
?start_pos_in:int ->
?start_pos_out:int ->
?resume:string ->
role:[ `Client | `Server ] ->
rd:Netchannels.raw_in_channel ->
wr:Netchannels.raw_out_channel ->
peer_name:string option ->
Netsys_crypto_types.tls_config ->
tls_channel
(** Adds TLS security to an already established connection, here made
available as separate channels for input and output.
The TLS handshake is done on the first I/O activity (call [flush]
to enforce it).
[resume]: see {!Netsys_tls.create_file_endpoint}.
*)
class tls_endpoint :
?start_pos_in:int ->
?start_pos_out:int ->
?resume:string ->
role:[ `Client | `Server ] ->
peer_name:string option ->
Unix.file_descr ->
Netsys_crypto_types.tls_config ->
tls_channel
(** This class is slightly more efficient than [tls_layer], and to preferred
if you have direct access to the file descriptors.
*)
(** {1:symmetric Symmetric Cryptography} *)
(** Encrypt or decrypt data while writing to a channel *)
class type crypto_out_filter = object
inherit Netchannels.out_obj_channel
method supports_aead : bool
(** Whether the cipher supports authentication, and will provide a MAC *)
method mac : unit -> string
(** Get the MAC of the processed data *)
end
(** Encrypt or decrypt data while reading from a channel *)
class type crypto_in_filter = object
inherit Netchannels.in_obj_channel
method supports_aead : bool
(** Whether the cipher supports authentication, and will provide a MAC *)
method mac : unit -> string
(** Get the MAC of the processed data *)
end
val encrypt_out : Netsys_ciphers.cipher_ctx ->
Netchannels.out_obj_channel ->
crypto_out_filter
(** [let ch2 = encrypt_out ctx ch1]: Writing to [ch2] encrypts
the data and writes the ciphertext to [ch1]. Closing [ch2] will flush
data and close [ch1].
*)
val encrypt_in : Netsys_ciphers.cipher_ctx ->
Netchannels.in_obj_channel ->
crypto_in_filter
(** [let ch2 = encrypt_in ctx ch1]: Reading from [ch2] encrypts
the data from [ch1]. Closing [ch2] will close [ch1].
*)
val decrypt_out : Netsys_ciphers.cipher_ctx ->
Netchannels.out_obj_channel ->
crypto_out_filter
(** [let ch2 = decrypt_out ctx ch1]: Writing to [ch2] decrypts
the data and writes the plaintext to [ch1]. Closing [ch2] will flush
data and close [ch1].
*)
val decrypt_in : Netsys_ciphers.cipher_ctx ->
Netchannels.in_obj_channel ->
crypto_in_filter
(** [let ch2 = decrypt_in ctx ch1]: Reading from [ch2] decrypts
the data from [ch1]. Closing [ch2] will close [ch1].
*)
|