pk-decrypt/decrypt pk-decrypt/new pk-encrypt/encrypt pk-encrypt/new pk-kem-decrypt/decrypt-shared-key pk-kem-decrypt/new pk-kem-decrypt/shared-key-length pk-kem-encrypt/create-shared-key pk-kem-encrypt/encapsulated-key-length pk-kem-encrypt/new pk-kem-encrypt/shared-key-length pk-key-agreement/agree pk-key-agreement/new pk-key-agreement/public-value pk-sign/finish pk-sign/new pk-sign/update pk-verify/finish pk-verify/new pk-verify/update
(pk-decrypt/new privkey padding)Create a new operation object which can be used to decrypt using the provided key and the specified padding scheme (such as "OAEP(SHA-256)" for use with RSA)
(pk-encrypt/encrypt op message &opt rng)Encrypt the provided data using the key`. New rng is used by default, if `rng` is not provided.
(pk-encrypt/new pubkey padding)Create a new operation object which can be used to encrypt using the provided key and the specified padding scheme (such as "OAEP(SHA-256)" for use with RSA)
pk-kem-decrypt/decrypt-shared-key op salt desired-key-len encapsulated-key)
Decrypt an encapsulated key and return the shared secret.
(pk-kem-decrypt/shared-key-length op desired-shared-key-length)Return the output shared key length, assuming desired-shared-key-length is provided.
(pk-kem-encrypt/create-shared-key op salt desired-key-len &opt rng)Create a new encapsulated key. If `rng` is not provided, new rng is used by default. Return the tuple of (shared-key, encapsulated-key)
(pk-kem-encrypt/encapsulated-key-length op)Return the length of the encapsulated key.
(pk-kem-encrypt/shared-key-length op desired-shared-key-length)Return the output shared key length, assuming desired-shared-key-length is provided.
(pk-key_agreement/agree op other-key salt &opt key-len)Returns a key derived by the KDF. If `key-len` is omitted, default agreement size will be used.
(pk-key-agreement/new privkey kdf)Set up to perform key derivation using the given private key and specified KDF.
(pk-key_agreement/public-value op)Returns the public value to be passed to the other party
(pk-sign/finish op &opt rng)Return a signature over all of the messages provided. Afterwards, the sign operator is reset and may be used to sign a new message.New rng is used by default, if `rng` is not provided.
(pk-sign/new privkey hash-and-padding)Create a signature operator for the provided key. The padding string specifies what hash function and padding should be used, for example "PKCS1v15(SHA-256)" for PKCS #1 v1.5 padding (used with RSA) or "SHA-384". Generally speaking only RSA has special padding modes; for other algorithms like ECDSA one just names the hash.
(pk-sign/update op message)Add the message to be signed. Return the self object.
(pk-verify/finish op signature)Verify if the signature provided matches with the message provided. Return boolean.
(pk-verify/new pubkey hash-and-padding)Create a verifyature operator for the provided key. The padding string specifies what hash function and padding should be used, for example "PKCS1v15(SHA-256)" for PKCS #1 v1.5 padding (used with RSA) or "SHA-384". Generally speaking only RSA has special padding modes; for other algorithms like ECDSA one just names the hash.
(pk-verify/update op message)Add the message to be verifyed. Return the self object.