This file is indexed.

/usr/lib/ocaml/netstring/netchannels_crypto.mli is in libocamlnet-ocaml-dev 4.1.2-3.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
(* $Id$ *)

(** Crypto extensions for {!Netchannels} *)

(** {1:tls TLS} *)

(** A TLS channel is a layer on top of a bidirectional channel that adds the TLS
    protocol.
 *)
class type tls_channel = object
  inherit Netchannels.raw_io_channel
  method tls_endpoint : Netsys_crypto_types.tls_endpoint
end

class tls_layer :
  ?start_pos_in:int ->
  ?start_pos_out:int ->
  ?resume:string ->
  role:[ `Client | `Server ] ->
  rd:Netchannels.raw_in_channel ->
  wr:Netchannels.raw_out_channel ->
  peer_name:string option ->
  Netsys_crypto_types.tls_config ->
    tls_channel
  (** Adds TLS security to an already established connection, here made
      available as separate channels for input and output.

      The TLS handshake is done on the first I/O activity (call [flush]
      to enforce it).

      [resume]: see {!Netsys_tls.create_file_endpoint}.
   *)

class tls_endpoint :
  ?start_pos_in:int ->
  ?start_pos_out:int ->
  ?resume:string ->
  role:[ `Client | `Server ] ->
  peer_name:string option ->
  Unix.file_descr ->
  Netsys_crypto_types.tls_config ->
    tls_channel
  (** This class is slightly more efficient than [tls_layer], and to preferred
      if you have direct access to the file descriptors.
   *)


(** {1:symmetric Symmetric Cryptography} *)


(** Encrypt or decrypt data while writing to a channel *)
class type crypto_out_filter = object
  inherit Netchannels.out_obj_channel

  method supports_aead : bool
    (** Whether the cipher supports authentication, and will provide a MAC *)
  method mac : unit -> string
    (** Get the MAC of the processed data *)
end


(** Encrypt or decrypt data while reading from a channel *)
class type crypto_in_filter = object
  inherit Netchannels.in_obj_channel

  method supports_aead : bool
    (** Whether the cipher supports authentication, and will provide a MAC *)
  method mac : unit -> string
    (** Get the MAC of the processed data *)
end


val encrypt_out : Netsys_ciphers.cipher_ctx ->
                  Netchannels.out_obj_channel ->
                    crypto_out_filter
  (** [let ch2 = encrypt_out ctx ch1]: Writing to [ch2] encrypts
      the data and writes the ciphertext to [ch1]. Closing [ch2] will flush
      data and close [ch1].
   *)

val encrypt_in : Netsys_ciphers.cipher_ctx ->
                 Netchannels.in_obj_channel ->
                    crypto_in_filter
  (** [let ch2 = encrypt_in ctx ch1]: Reading from [ch2] encrypts
      the data from [ch1]. Closing [ch2] will close [ch1].
   *)

val decrypt_out : Netsys_ciphers.cipher_ctx ->
                  Netchannels.out_obj_channel ->
                    crypto_out_filter
  (** [let ch2 = decrypt_out ctx ch1]: Writing to [ch2] decrypts
      the data and writes the plaintext to [ch1]. Closing [ch2] will flush
      data and close [ch1].
   *)

val decrypt_in : Netsys_ciphers.cipher_ctx ->
                 Netchannels.in_obj_channel ->
                    crypto_in_filter
  (** [let ch2 = decrypt_in ctx ch1]: Reading from [ch2] decrypts
      the data from [ch1]. Closing [ch2] will close [ch1].
   *)